I get redirected every once in a while, it gets rather frustrating. I've read the other threads regarding the same problem as mine and I think I've done what the replies have said, but then again I might have a completely different virus/spyware that wasn't in the other threads so I'm posting this here.

Like I said, I've read the others and I may have missed certain things but I thought I fixed my problems but apparently not. (I'm also quite computer illiterate so bare with me)

I have a WINXP SP3, I also have the following programs to protect my computer (I more than likely have too many :-/ )

AVG Free 8.0
avast! Antivirus
Ad-Aware
Windows Defender (Though rarely on since it eats up my CPU Usage quite a bit)
SuperAntiSpyware
Malware Bytes

I would like some opinions about which one of these should I keep since I get paranoid with viruses and end up trying to use about 3-4 of these at once to find something wrong with my computer.

Here is my HJT Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:34:35 PM, on 7/27/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Ideazon\ZEngine\Zboard.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\LOGI_MWX.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\AVG\AVG9\avgscanx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Zboard] C:\Program Files\Ideazon\ZEngine\Zboard.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [%PROVIDERID%] "bin\sprtcmd.exe" /P %PROVIDERID%
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://pccheckup.dellfix.com/sdccomm...ad/tgctlcm.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase6087.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 8139 bytes


------------------------------------------------------------

Any help would be greatly appreciated. (And I probably shouldn't be messing with my registry though we followed instructions to another problem.. but I'm now missing my MS Paint, Calculator, Internet Explorer. I recently had a virus that was called Antivirus Live. I had my friend follow the instructions to remove it manually, and I think its gone, but after that the programs in bold above disappeared. I can't find it with Search or anything like that.)

You're running two AV programs, AVG and Avast. One of them has to go.
If AVG goes (that would be my suggestion), make sure to use AVG Remover: AVG UK - Tools download

When done...

Print these instructions out.

NOTE. If any of the programs listed below refuse to run, try renaming executive file to something else; for instance, rename hijackthis.exe to scanner.exe

***VERY IMPORTANT! Make sure, you update Malwarebytes before running the scan.***

STEP 1. Download Malwarebytes' Anti-Malware: Malwarebytes' Anti-Malware: Malwarebytes to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

RESTART COMPUTER!

STEP 2. Download GMER: GMER - Rootkit Detector and Remover, by clicking on Download EXE button.
Alternative downloads:
- |MG| GMER 1.0.15.15281 Download
- http://www.softpedia.com/get/Interne...ers/GMER.shtml
Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.


DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

I've also uninstalled AVG by your advice.

My Malwarebytes Log:

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Database version: 4361

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/27/2010 11:11:40 PM
mbam-log-2010-07-27 (23-11-40).txt

Scan type: Full scan (C:\|)
Objects scanned: 253949
Time elapsed: 1 hour(s), 5 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\VRZJ8K91NT (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\JDK5SWFMZY (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\GenericFix\sleep.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

--------------------------------------

As for the Gmer log, which ones should I not have a check mark on? Since when I clicked the Rootkit tab, everything is all ready checked.

And I'm trying to save the log, but when I do, it freezes and doesn't respond. :-/

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

1. Please, never rename Combofix unless instructed.
2. Close any open browsers.
3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
   • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
   • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
   
   NOTE1. If Combofix asks you to install Recovery Console, please allow it.
   NOTE 2. If Combofix asks you to update the program, always do so.
   
   • Close any open browsers.
   • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
   • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
   • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
4. Double click on combofix.exe & follow the prompts.
5. When finished, it will produce a report for you.
6. Please post the "C:\ComboFix.txt"

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

Here's the Combofix log:
I turned off my Avast before clicking OK on the text box.

ComboFix 10-07-27.05 - Fyieri 07/28/2010 21:14:10.1.4 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2158 [GMT -7:00]
Running from: c:\documents and settings\Fyieri\My Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\GoToAssistDownloadHelper.ex e
c:\program files\Antispyware
c:\program files\Antispyware\Antispyware.url
c:\program files\Antispyware\DataBase.ref
c:\program files\Antispyware\vistaCPtasks.xml
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SHELLLNK.TLB
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((( Files Created from 2010-06-28 to 2010-07-29 )))))))))))))))))))))))))))))))
.

2010-07-29 01:30 . 2010-07-29 02:17 -------- d-----w- c:\program files\StarCraft II
2010-07-22 21:22 . 2010-07-23 01:42 -------- d-----w- c:\program files\UnHackMe
2010-07-22 21:19 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-07-22 21:19 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-07-22 21:19 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-07-22 21:19 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-07-22 21:18 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-07-22 21:18 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-07-22 21:18 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-07-22 21:18 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-07-22 21:18 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-07-22 21:18 . 2010-07-22 21:18 -------- d-----w- c:\program files\Alwil Software
2010-07-22 21:18 . 2010-07-22 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-07-22 21:17 . 2010-07-22 21:17 -------- d-----w- c:\documents and settings\Fyieri\Application Data\SUPERAntiSpyware.com
2010-07-22 21:16 . 2010-07-22 21:17 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-07-20 00:24 . 2010-07-20 00:24 -------- d-----w- c:\program files\Trend Micro
2010-07-16 22:19 . 2010-07-16 22:19 -------- d-----w- c:\documents and settings\Fyieri\Application Data\iScreensaver
2010-07-14 20:16 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-14 18:29 . 2010-07-14 18:29 -------- d-----w- c:\program files\Calculator Prompter
2010-07-13 06:18 . 2010-07-13 06:18 -------- d-----w- c:\windows\SQLTools9_KB970892_ENU
2010-07-13 06:16 . 2010-07-13 06:16 -------- d-----w- c:\windows\SQL9_KB970892_ENU
2010-07-11 05:34 . 2010-07-26 15:48 -------- d-----w- c:\program files\Microsoft SQL Server
2010-07-11 05:34 . 2010-07-13 06:17 -------- d-----w- c:\program files\DAODB
2010-07-10 19:18 . 2010-07-10 19:20 -------- d-----w- c:\program files\Windows Live Safety Center
2010-07-10 08:26 . 2010-07-10 08:26 73176 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-10 08:25 . 2010-07-10 08:25 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-07-10 07:59 . 2010-07-10 07:59 88576 --sha-r- c:\windows\system32\c_100107.dll
2010-07-09 03:09 . 2010-07-09 03:09 -------- d-----w- c:\program files\7-Zip
2010-07-07 16:37 . 2010-07-08 16:14 -------- d-----w- c:\windows\SxsCaPendDel
2010-07-06 07:24 . 2010-07-06 07:24 166272 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-07-05 04:20 . 2010-07-05 04:20 -------- d-----w- c:\documents and settings\All Users\Application Data\BioWare
2010-06-30 05:19 . 2010-07-22 04:30 -------- d-----w- c:\program files\Dragon Age
2010-06-30 02:34 . 2010-06-30 02:34 -------- d-----w- c:\documents and settings\Fyieri\Application Data\Graboid Inc
2010-06-30 02:21 . 2010-06-30 02:21 -------- d-----w- c:\windows\system32\wbem\Repository
2010-06-30 02:20 . 2010-06-30 02:20 -------- d-----w- c:\windows\system32\custom matrices
2010-06-30 02:19 . 2010-06-30 02:19 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-30 02:19 . 2010-06-30 02:19 -------- d-----w- c:\windows\nview
2010-06-30 02:18 . 2010-06-30 02:20 -------- d-----w- c:\windows\system32\C2MP
2010-06-30 01:04 . 2010-06-30 02:43 217180 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-06-30 01:04 . 2010-06-30 02:43 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-06-30 01:04 . 2010-06-30 02:43 217180 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-06-30 00:43 . 2010-06-07 23:57 2186342 ----a-w- c:\windows\system32\nvdata.bin

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-07-29 02:13 . 2010-05-17 23:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment
2010-07-29 02:13 . 2008-12-24 20:33 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-07-28 14:47 . 2009-11-25 02:23 0 ----a-w- c:\documents and settings\Fyieri\Local Settings\Application Data\prvlcl.dat
2010-07-26 15:48 . 2010-05-16 05:24 -------- d-----w- c:\program files\Microsoft.NET
2010-07-23 02:33 . 2009-07-09 00:56 7326 ----a-w- c:\documents and settings\Fyieri\Application Data\wklnhst.dat
2010-07-22 21:17 . 2010-07-22 21:17 63488 ----a-w- c:\documents and settings\Fyieri\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\ SD10006.dll
2010-07-22 21:17 . 2010-07-22 21:17 52224 ----a-w- c:\documents and settings\Fyieri\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\ SD10005.dll
2010-07-22 21:17 . 2010-07-22 21:17 117760 ----a-w- c:\documents and settings\Fyieri\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\ UIREPAIR.DLL
2010-07-22 04:52 . 2010-05-12 06:08 -------- d-----w- c:\documents and settings\Fyieri\Application Data\vlc
2010-07-20 00:20 . 2009-07-24 22:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-17 05:36 . 2008-12-25 20:13 -------- d-----w- c:\documents and settings\Fyieri\Application Data\LimeWire
2010-07-15 09:40 . 2010-01-20 06:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-07-10 17:31 . 2008-12-24 16:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-08 06:15 . 2009-07-11 21:30 -------- d-----w- c:\documents and settings\Fyieri\Application Data\WTablet
2010-07-07 16:50 . 2010-01-20 06:57 -------- d-----w- c:\program files\Google
2010-07-07 16:41 . 2010-05-17 20:19 -------- d-----w- c:\program files\StarCraft II Beta
2010-07-07 16:40 . 2009-02-26 04:17 -------- d-----w- c:\program files\Steam
2010-07-07 16:36 . 2010-05-20 01:29 -------- d-----w- c:\program files\Lavasoft
2010-06-30 05:04 . 2008-12-24 20:36 -------- d-----w- c:\program files\World of Warcraft
2010-06-30 02:48 . 2009-08-12 19:58 -------- d-----w- c:\program files\NVIDIA Corporation
2010-06-30 02:34 . 2010-03-27 02:03 -------- d-----w- c:\program files\Graboid
2010-06-30 02:20 . 2010-03-17 03:36 -------- d-----w- c:\program files\Pokemon World Online
2010-06-30 02:19 . 2009-08-12 19:58 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-06-30 00:59 . 2009-09-17 22:16 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-06-30 00:42 . 2010-03-17 04:39 -------- d-----w- c:\program files\RealArcade
2010-06-30 00:41 . 2009-07-09 03:04 -------- d-----w- c:\program files\NCSoft
2010-06-29 03:07 . 2010-06-29 03:07 77312 ----a-w- c:\documents and settings\Fyieri\Application Data\SystemRequirementsLab\srlproxy_cyri_4.1.72.0A .dll
2010-06-29 03:07 . 2009-04-14 22:25 -------- d-----w- c:\documents and settings\Fyieri\Application Data\SystemRequirementsLab
2010-06-29 00:56 . 2010-06-29 00:56 -------- d-----w- c:\program files\ASIO4ALL v2
2010-06-29 00:39 . 2010-06-29 00:39 -------- d-----w- c:\program files\VstPlugins
2010-06-29 00:39 . 2010-06-29 00:37 -------- d-----w- c:\program files\Image-Line
2010-06-29 00:39 . 2010-06-29 00:39 -------- d-----w- c:\program files\Outsim
2010-06-27 06:07 . 2010-06-27 06:07 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDrive r_01_07_00.Wdf
2010-06-27 06:07 . 2010-06-27 06:07 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00. Wdf
2010-06-16 14:56 . 2010-05-20 02:25 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-06-14 14:31 . 2008-12-24 16:03 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-13 08:23 . 2010-05-12 06:26 -------- d-----w- c:\program files\Cheat Engine
2010-06-13 01:33 . 2010-05-20 01:33 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-06-08 00:34 . 2010-06-08 00:34 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-06-08 00:34 . 2010-06-08 00:34 277608 ----a-w- c:\windows\system32\nvmccs.dll
2010-06-08 00:34 . 2010-06-08 00:34 13902440 ----a-w- c:\windows\system32\nvcpl.dll
2010-06-08 00:34 . 2010-06-08 00:34 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-06-08 00:34 . 2010-06-08 00:34 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2010-06-08 00:34 . 2010-06-08 00:34 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-06-01 05:04 . 2010-06-01 05:04 -------- d-----w- c:\program files\Common Files\Stardock
2010-06-01 05:04 . 2010-06-01 05:04 -------- d-----w- c:\program files\Stardock Games
2010-05-28 19:58 . 2009-08-12 19:26 600680 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-05-26 02:23 . 2010-05-26 02:23 61440 ----a-w- c:\documents and settings\Fyieri\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab 32-5ea0f35b-n\decora-sse.dll
2010-05-26 02:23 . 2010-05-26 02:23 503808 ----a-w- c:\documents and settings\Fyieri\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6a e-205f2fdf-n\msvcp71.dll
2010-05-26 02:23 . 2010-05-26 02:23 499712 ----a-w- c:\documents and settings\Fyieri\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6a e-205f2fdf-n\jmc.dll
2010-05-26 02:23 . 2010-05-26 02:23 348160 ----a-w- c:\documents and settings\Fyieri\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6a e-205f2fdf-n\msvcr71.dll
2010-05-26 02:23 . 2010-05-26 02:23 12800 ----a-w- c:\documents and settings\Fyieri\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab 32-5ea0f35b-n\decora-d3d.dll
2010-05-23 03:30 . 2010-05-23 03:30 48388 ----a-w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment\Battle.net\Cache\Download\Scan.dll
2010-05-21 21:14 . 2009-10-02 22:23 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-20 01:33 . 2010-05-20 01:33 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-05-17 21:46 . 2008-12-24 16:23 73176 -c--a-w- c:\documents and settings\Fyieri\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-12 05:40 . 2010-05-12 05:42 737280 ----a-w- c:\windows\iun6002.exe
2010-05-06 10:41 . 2006-03-04 03:33 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 05:22 . 2008-12-27 21:01 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-05-01 00:22 . 2010-05-12 05:23 358944 ----a-w- c:\windows\vncutil.exe
2010-05-01 00:22 . 2008-12-24 16:12 84512 ----a-w- c:\windows\SOUNDMAN.EXE
2010-05-01 00:22 . 2008-12-24 16:12 1833504 ----a-w- c:\windows\SkyTel.exe
2010-05-01 00:22 . 2008-12-24 16:12 9721888 ----a-w- c:\windows\RTLCPL.EXE
2010-05-01 00:22 . 2008-12-24 16:12 1489440 ----a-w- c:\windows\RtlUpd.exe
2010-05-01 00:22 . 2010-05-12 05:23 51232 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-05-01 00:22 . 2010-05-12 05:23 129568 ----a-w- c:\windows\RtkAudioService.exe
2010-05-01 00:22 . 2008-12-24 16:12 19523616 ----a-w- c:\windows\RTHDCPL.EXE
2010-05-01 00:22 . 2008-12-24 16:12 2177568 ----a-w- c:\windows\MicCal.exe
2010-05-01 00:22 . 2008-12-24 16:12 64032 ----a-w- c:\windows\ALCMTR.EXE
2010-05-01 00:22 . 2008-12-24 16:12 2815520 ----a-w- c:\windows\ALCWZRD.EXE
2010-04-30 23:56 . 2008-12-24 16:12 6032928 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"Zboard"="c:\program files\Ideazon\ZEngine\Zboard.exe" [2009-06-05 57344]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-04 866584]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"RTHDCPL"="RTHDCPL.EXE" [2010-05-01 19523616]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-27 413696]
"Logitech Utility"="LOGI_MWX.EXE" [2003-12-11 20992]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-10-10 2183168]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-06-03 1753192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-08 13902440]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2010-06-08 110696]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI. exe" [2010-06-28 2837864]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Fyieri^Start Menu^Programs^Startup^CurseClientStartup.ccip]
path=c:\documents and settings\Fyieri\Start Menu\Programs\Startup\CurseClientStartup.ccip
backup=c:\windows\pss\CurseClientStartup.ccipStart up

[HKLM\~\startupfolder\C:^Documents and Settings^Fyieri^Start Menu^Programs^Startup^Impulse Now.lnk]
path=c:\documents and settings\Fyieri\Start Menu\Programs\Startup\Impulse Now.lnk
backup=c:\windows\pss\Impulse Now.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-28 00:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2007-11-15 17:24 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 18:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 1200 Series]
2006-07-13 21:22 57344 ----a-w- c:\program files\Lexmark 1200 Series\lxczbmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 17:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TapiSrv"=3 (0x3)
"TabletServicePen"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Steam\\steamapps\\venycia\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Documents and Settings\\Fyieri\\Desktop\\VBA Game-Game Saves\\VBALink.exe"=
"c:\\Documents and Settings\\Fyieri\\My Documents\\Downloads\\vbalink.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Stardock Games\\Demigod\\bin\\Demigod.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\WINDOWS\\system32\\regsvr32.exe"=
"c:\\Program Files\\Dragon Age\\tools\\DragonAgeToolset.exe"=
"c:\\Program Files\\Dragon Age\\tools\\RPU.exe"=
"c:\\Program Files\\Dragon Age\\tools\\lightmapper\\eclipseRay.exe"=
"c:\\Program Files\\Dragon Age\\tools\\GffEditor.exe"=
"c:\\Program Files\\Dragon Age\\tools\\ErfEditor.exe"=
"c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\StarCraft II\\StarCraft II.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [5/19/2010 6:33 PM 64288]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7/22/2010 2:19 PM 165456]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 11:25 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 11:41 AM 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswF sBlk.sys [7/22/2010 2:19 PM 17744]
R2 hl;hl;c:\windows\system32\hl.sys [8/19/2009 3:17 PM 35363]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2/4/2010 8:52 AM 1352832]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 8:19 PM 13592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/2/2010 4:34 PM 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfil t.sys [5/11/2010 10:23 PM 1691480]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [12/15/2009 1:07 PM 25832]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SASENUM;SASENUM;c:\genericfix\SASP\SASENUM.SYS [9/17/2009 3:35 PM 7408]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.s ys [7/11/2009 2:30 PM 15656]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30 319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]
S3 XDva332;XDva332;c:\windows\system32\XDva332.sys [3/16/2010 8:21 PM 66888]
S4 TabletServicePen;TabletServicePen;c:\windows\syste m32\Pen_Tablet.exe [7/11/2009 2:30 PM 2749736]
.
Contents of the 'Scheduled Tasks' folder

2010-07-29 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 14:56]

2010-07-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-02 23:34]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-02 23:34]

2010-07-29 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 03:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki...
Trusted Zone: microsoft.com\office
FF - ProfilePath - c:\documents and settings\Fyieri\Application Data\Mozilla\Firefox\Profiles\qhp3lys8.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - plugin: c:\documents and settings\Fyieri\Application Data\Mozilla\Firefox\Profiles\qhp3lys8.default\ext ensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.d ll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_every where__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_bro ken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{196C3A46-4758-433D-A600-802C804AF39C} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-%PROVIDERID% - bin\sprtcmd.exe



************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2010-07-28 21:27
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\n pggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-436374069-861567501-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8c,82,16,53,83,6e,74,81,57,fb,38,4d,ff,22 ,05,d8,26,c9,2e,6b,80,de,dd,
fc,3c,da,0e,5d,7a,e0,b4,2f,cf,b9,de,16,fe,dc,e8,36 ,ee,aa,eb,52,88,01,41,4d,\
"??"=hex:03,19,76,33,70,8c,2e,19,d1,71,a8,71,bc,15 ,cf,05
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(732)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\System32\BCMLogon.dll
c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80.DLL
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll

- - - - - - - > 'explorer.exe'(1952)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng-us.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\docume~1\Fyieri\LOCALS~1\Temp\catchme.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\LOGI_MWX.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\LEXPPS.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
************************************************** ************************
.
Completion time: 2010-07-28 21:27:55 - machine was rebooted
ComboFix-quarantined-files.txt 2010-07-29 04:27

Pre-Run: 389,807,411,200 bytes free
Post-Run: 390,013,358,080 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOW S
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Micro soft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 4E1329201F4F4B3992725B7E28496836

How is redirection?

Uninstall Combofix:
Go Start > Run [Vista users, go Start>"Start search"]
Type in:
Combofix /Uninstall
Note the space between the "Combofix" and the "/Uninstall"
Restart computer.

================================================== ==========

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:


netsvcs
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\system32\spool\prtprocs\w32x86\*.tmp
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

EDIT:**** As for redirection, its still happening, though to an extent that I just keep getting redirected to random search engines.


My OTL file:

OTL logfile created on: 7/28/2010 9:49:03 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Fyieri\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 363.45 Gb Free Space | 78.60% Space Free | Partition Type: NTFS
Drive D: | 6.99 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: IMMY
Current User Name: Fyieri
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/28 21:48:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fyieri\My Documents\Downloads\OTL.exe
PRC - [2010/06/29 19:24:42 | 001,352,832 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/06/28 13:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/06/28 13:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/06/16 07:56:11 | 000,864,112 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/11/11 10:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009/10/27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009/10/27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/06/04 18:56:20 | 000,057,344 | ---- | M] (Ideazon, Inc.) -- C:\Program Files\Ideazon\ZEngine\Zboard.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/08/13 19:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 20:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2003/12/11 09:50:00 | 000,020,992 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\LOGI_MWX.EXE


========== Modules (SafeList) ==========

MOD - [2010/07/28 21:48:05 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fyieri\My Documents\Downloads\OTL.exe
MOD - [2008/04/13 17:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/06/29 19:24:42 | 001,352,832 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/06/28 13:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/28 13:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/28 13:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspn et_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 13:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/06/02 11:56:10 | 002,862,428 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2008/12/11 11:11:30 | 002,749,736 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2008/08/13 19:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Fyieri\LOCALS~1\Temp\cpuz132\cpuz132_x 32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/06/28 13:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/28 13:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/28 13:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/28 13:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/06/28 13:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/06/28 13:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/06/12 18:33:37 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/06/07 16:57:00 | 010,531,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010/05/10 11:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/30 16:56:24 | 006,032,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010/03/16 20:21:40 | 000,066,888 | ---- | M] ((?)?????) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva332.sys -- (XDva332)
DRV - [2010/02/17 11:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/10/06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/10/06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/10/06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/10/06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/08/19 15:17:03 | 000,035,363 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\hl.sys -- (hl)
DRV - [2009/06/23 11:01:42 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\GenericFix\SASP\SASENUM.SYS -- (SASENUM)
DRV - [2008/10/06 10:53:24 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/18 14:45:00 | 000,013,352 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2008/04/13 09:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/27 13:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2007/10/09 20:17:42 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/07/23 10:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007/04/13 21:33:34 | 000,254,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2007/03/20 12:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Alpham2.sys -- (Alpham2)
DRV - [2007/02/16 11:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007/02/15 16:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WacomVKHid.sys -- (WacomVKHid)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 41
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.2
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksyn c@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/04/20 15:08:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/24 09:17:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/24 09:17:38 | 000,000,000 | ---D | M]

[2009/03/16 12:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\Mozilla\Extensions
[2010/07/28 08:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\Mozilla\Firefox\Profiles\qhp3lys8.default\ext ensions
[2009/09/02 10:06:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Fyieri\Application Data\Mozilla\Firefox\Profiles\qhp3lys8.default\ext ensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/06/30 10:31:40 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Fyieri\Application Data\Mozilla\Firefox\Profiles\qhp3lys8.default\ext ensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)
[2010/01/08 14:34:10 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Fyieri\Application Data\Mozilla\Firefox\Profiles\qhp3lys8.default\ext ensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/09/07 15:05:46 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Fyieri\Application Data\Mozilla\Firefox\Profiles\qhp3lys8.default\ext ensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/04/30 07:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\Mozilla\Firefox\Profiles\qhp3lys8.default\ext ensions\searchrecs@veoh.com
[2010/07/28 08:03:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/09 13:00:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/07/28 21:19:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zboard] C:\Program Files\Ideazon\ZEngine\Zboard.exe (Ideazon, Inc.)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: microsoft.com ([office] http in Trusted sites)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://pccheckup.dellfix.com/sdccomm...ad/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/res...scbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Fyieri\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Fyieri\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/24 09:05:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/05/24 21:56:52 | 000,000,046 | RH-- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - DivXa32.acm File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - LameACM.acm File not found
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.vp60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yuy2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yvu9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

========== Files/Folders - Created Within 90 Days ==========

[2010/07/28 21:13:03 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/07/28 21:08:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/07/28 18:30:10 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2010/07/28 18:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\My Documents\StarCraft II
[2010/07/22 14:22:27 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2010/07/22 14:19:10 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/07/22 14:19:09 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/07/22 14:19:07 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/07/22 14:19:04 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/07/22 14:18:57 | 000,100,176 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/07/22 14:18:57 | 000,094,544 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/07/22 14:18:55 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/07/22 14:18:38 | 000,165,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/07/22 14:18:38 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/07/22 14:18:33 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/07/22 14:18:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/07/22 14:17:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\Application Data\SUPERAntiSpyware.com
[2010/07/22 14:16:44 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/07/19 17:24:18 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/07/17 20:44:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\My Documents\New Folder (3)
[2010/07/16 15:19:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\Application Data\iScreensaver
[2010/07/14 11:29:04 | 000,000,000 | ---D | C] -- C:\Program Files\Calculator Prompter
[2010/07/12 23:18:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\SQLTools9_KB970892_ENU
[2010/07/12 23:16:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\SQL9_KB970892_ENU
[2010/07/10 22:34:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010/07/10 22:34:20 | 000,000,000 | ---D | C] -- C:\Program Files\DAODB
[2010/07/10 12:18:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/07/08 20:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/07/07 09:37:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010/07/04 21:20:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2010/06/29 22:58:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\My Documents\BioWare
[2010/06/29 22:19:59 | 000,000,000 | ---D | C] -- C:\Program Files\Dragon Age
[2010/06/29 19:34:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\Application Data\Graboid Inc
[2010/06/29 19:20:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\custom matrices
[2010/06/29 19:19:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/06/29 19:19:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010/06/29 19:18:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\C2MP
[2010/06/28 17:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\ASIO4ALL v2
[2010/06/28 17:39:54 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll
[2010/06/28 17:39:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\My Documents\Image-Line
[2010/06/28 17:39:21 | 000,000,000 | ---D | C] -- C:\Program Files\VstPlugins
[2010/06/28 17:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\Outsim
[2010/06/28 17:37:44 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line
[2010/06/12 08:39:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\Local Settings\Application Data\PCHealth
[2010/06/02 09:23:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\My Documents\Wedding
[2010/05/31 22:04:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Stardock
[2010/05/31 22:04:36 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock Games
[2010/05/28 21:11:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\Tracing
[2010/05/28 21:06:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2010/05/28 21:06:14 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/05/28 21:01:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/05/26 00:22:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\Local Settings\Application Data\Help
[2010/05/26 00:22:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\Application Data\Help
[2010/05/19 18:33:22 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/05/19 18:33:19 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/05/19 18:29:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/05/19 18:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/05/19 18:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/05/17 16:13:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
[2010/05/17 14:58:56 | 000,000,000 | ---D | C] -- C:\Cache
[2010/05/17 14:10:50 | 000,000,000 | ---D | C] -- C:\804c65334050756a23
[2010/05/17 13:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II Beta
[2010/05/15 23:38:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/05/15 23:35:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/05/15 22:24:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/05/15 22:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/05/15 22:22:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/05/15 22:22:09 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010/05/11 23:26:49 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010/05/11 23:26:47 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2010/05/11 23:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\Application Data\dvdcss
[2010/05/11 23:08:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\Application Data\vlc
[2010/05/11 22:59:12 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/05/11 22:42:20 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2010/05/11 22:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\Codec Pack - All In 1
[2010/05/11 22:24:30 | 000,016,896 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\LMOUSE32.DLL
[2010/05/11 22:24:30 | 000,003,568 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\LMOUSE16.DLL
[2010/05/11 22:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2010/05/11 22:24:29 | 000,070,894 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\lmouflt2.sys
[2010/05/11 22:24:29 | 000,051,582 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\L8042PR2.SYS
[2010/05/11 22:24:29 | 000,037,916 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LHIDUSB.SYS
[2010/05/11 22:24:29 | 000,025,630 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LHIDFLT2.SYS
[2010/05/11 22:24:29 | 000,023,372 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\LCOINST.DLL
[2010/05/11 22:24:29 | 000,014,092 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LCCFLTR.SYS
[2010/05/11 22:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010/05/11 22:23:11 | 000,358,944 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2010/05/11 22:23:09 | 000,129,568 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2010/05/11 22:23:07 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2010/05/11 22:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UAB
[2010/05/11 22:16:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\Local Settings\Application Data\PC_Drivers_Headquarters
[2010/05/11 22:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2010/05/07 22:10:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/05/07 16:15:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\My Documents\Resume
[2010/04/30 08:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Diablo II
[2010/04/30 08:47:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\My Documents\USWest
[2010/04/29 22:54:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fyieri\My Documents\D2-1.12A-enUS

========== Files - Modified Within 90 Days ==========

[2010/07/28 21:46:07 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/07/28 21:45:09 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/07/28 21:45:06 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\Fyieri\Application Data\Microsoft\Internet Explorer\Quick Launch\StarCraft II.lnk
[2010/07/28 21:43:12 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/28 21:43:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/28 21:41:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/28 21:20:19 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/28 21:19:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/07/28 21:18:27 | 006,291,456 | ---- | M] () -- C:\Documents and Settings\Fyieri\ntuser.dat
[2010/07/28 21:13:07 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/07/28 20:54:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/28 19:13:08 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II.lnk
[2010/07/28 15:38:43 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/28 07:47:34 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Fyieri\Local Settings\Application Data\prvlcl.dat
[2010/07/27 16:52:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/26 08:46:55 | 000,496,288 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/07/26 08:46:55 | 000,084,646 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/22 19:33:48 | 000,007,326 | ---- | M] () -- C:\Documents and Settings\Fyieri\Application Data\wklnhst.dat
[2010/07/22 18:52:30 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Fyieri\ntuser.ini
[2010/07/22 14:19:10 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/07/22 14:18:59 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/07/22 14:16:46 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/07/22 09:43:47 | 000,000,677 | ---- | M] () -- C:\Documents and Settings\Fyieri\Application Data\Microsoft\Internet Explorer\Quick Launch\DragonAge Origins.lnk
[2010/07/21 16:11:02 | 000,658,794 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/07/19 17:24:19 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Fyieri\Desktop\HijackThis.lnk
[2010/07/19 17:20:18 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\Fyieri\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/07/19 10:57:04 | 000,000,840 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/16 22:35:25 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\Fyieri\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/11 11:00:54 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/07/10 22:09:11 | 000,000,776 | ---- | M] () -- C:\Documents and Settings\Fyieri\Desktop\Shortcut to daorigins.exe.lnk
[2010/07/10 17:14:01 | 000,000,645 | ---- | M] () -- C:\Documents and Settings\Fyieri\Desktop\Shortcut to DAO-Modmanager.exe.lnk
[2010/07/10 00:59:56 | 000,088,576 | RHS- | M] () -- C:\WINDOWS\System32\c_100107.dll
[2010/07/08 22:52:06 | 000,000,728 | ---- | M] () -- C:\Documents and Settings\Fyieri\Desktop\Shortcut to daupdater.exe.lnk
[2010/07/08 09:33:30 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/06/30 23:29:49 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\DGrayMan.wps
[2010/06/30 09:59:22 | 000,000,557 | ---- | M] () -- C:\Documents and Settings\Fyieri\Desktop\Rawr.lnk
[2010/06/30 00:27:51 | 000,000,677 | ---- | M] () -- C:\Documents and Settings\Fyieri\Desktop\DragonAge Origins.lnk
[2010/06/29 22:02:05 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\Fyieri\Desktop\World of Warcraft.lnk
[2010/06/29 19:43:35 | 000,217,180 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/06/29 19:43:35 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/06/29 19:43:32 | 000,217,180 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/06/29 19:27:21 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/06/29 18:04:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/06/29 17:59:55 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/28 17:39:53 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Fyieri\Desktop\FL Studio 9.lnk
[2010/06/28 13:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/06/28 13:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/06/28 13:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/06/28 13:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/06/28 13:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/06/28 13:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/06/28 13:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/06/28 13:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/06/28 13:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/06/27 21:11:04 | 000,008,473 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\Immy.xml
[2010/06/26 23:07:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDrive r_01_07_00.Wdf
[2010/06/26 23:07:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00. Wdf
[2010/06/26 12:28:18 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\Misconception.wps
[2010/06/16 07:56:32 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/06/13 22:09:15 | 000,000,482 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\Thank You.rtf
[2010/06/12 18:33:37 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/06/12 08:35:24 | 000,287,248 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/07 16:57:00 | 002,186,342 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010/06/07 16:57:00 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010/06/07 16:57:00 | 000,025,836 | ---- | M] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010/06/07 16:57:00 | 000,007,959 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/05/29 18:55:07 | 000,124,928 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\Anne - June 1, 2010.doc
[2010/05/29 14:23:04 | 000,885,760 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\Anne2 - June 1, 2010.wps
[2010/05/27 01:39:44 | 000,418,326 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\spread.docx
[2010/05/26 00:31:25 | 000,000,598 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010/05/22 01:40:54 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\MA Impression.wps
[2010/05/19 18:33:16 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/05/19 18:29:41 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\Fyieri\Desktop\Ad-Aware.lnk
[2010/05/18 01:34:06 | 001,579,086 | -H-- | M] () -- C:\Documents and Settings\Fyieri\Local Settings\Application Data\IconCache.db
[2010/05/17 14:46:04 | 000,073,176 | ---- | M] () -- C:\Documents and Settings\Fyieri\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/05/17 14:43:28 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\His2.wps
[2010/05/17 14:06:29 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\Metsuki Ayatsuru.wps
[2010/05/16 01:22:54 | 000,031,614 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\tOd4.docx
[2010/05/16 01:22:47 | 000,072,725 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\ToD3.docx
[2010/05/16 01:22:33 | 000,097,806 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\ToD2.docx
[2010/05/16 01:22:24 | 000,143,410 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\ToD1.docx
[2010/05/15 22:29:39 | 000,023,117 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\Resume 2010.dotx
[2010/05/15 22:05:22 | 000,000,187 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\cccc.rtf
[2010/05/15 22:05:03 | 000,000,490 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\codes.rtf
[2010/05/11 22:40:12 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2010/05/11 22:34:49 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/05/11 22:34:49 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/05/11 22:15:43 | 000,002,198 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2010/05/11 16:46:45 | 000,001,003 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\CALL.rtf
[2010/05/09 00:05:16 | 000,007,878 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\Apone.xml
[2010/05/07 21:29:10 | 000,023,784 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\My Resume.docx
[2010/05/07 13:31:55 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\CT2.wps
[2010/05/05 11:24:36 | 000,002,667 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\Wedding Photos.rtf
[2010/05/02 16:24:55 | 000,000,418 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\Position.rtf
[2010/04/30 17:22:46 | 000,358,944 | ---- | M] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2010/04/30 17:22:34 | 000,129,568 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2010/04/30 17:22:22 | 002,815,520 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2010/04/30 08:58:49 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Diablo II.lnk
[2010/04/29 22:34:23 | 000,007,418 | ---- | M] () -- C:\Documents and Settings\Fyieri\My Documents\Sorvi.xml

========== Files Created - No Company Name ==========

[2010/07/28 21:45:06 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\Fyieri\Application Data\Microsoft\Internet Explorer\Quick Launch\StarCraft II.lnk
[2010/07/28 21:13:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/07/28 21:13:04 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/07/28 18:30:10 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II.lnk
[2010/07/22 14:19:10 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/07/22 14:16:46 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/07/22 09:43:47 | 000,000,677 | ---- | C] () -- C:\Documents and Settings\Fyieri\Application Data\Microsoft\Internet Explorer\Quick Launch\DragonAge Origins.lnk
[2010/07/19 17:24:19 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Fyieri\Desktop\HijackThis.lnk
[2010/07/14 13:47:14 | 015,387,936 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\GW_Runic_Armor_v.2.1_AW.dazip
[2010/07/14 13:46:57 | 006,950,298 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\GW_Runic_Armor_Dark_Textures.dazip
[2010/07/10 22:08:37 | 000,000,776 | ---- | C] () -- C:\Documents and Settings\Fyieri\Desktop\Shortcut to daorigins.exe.lnk
[2010/07/10 17:14:01 | 000,000,645 | ---- | C] () -- C:\Documents and Settings\Fyieri\Desktop\Shortcut to DAO-Modmanager.exe.lnk
[2010/07/10 00:59:56 | 000,088,576 | RHS- | C] () -- C:\WINDOWS\System32\c_100107.dll
[2010/07/08 23:33:43 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\Fyieri\Desktop\Shortcut to daupdater.exe.lnk
[2010/07/08 22:43:43 | 000,013,236 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\talent_aoe_duration.ncs
[2010/07/08 22:37:15 | 000,047,017 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\spell_modal.ncs
[2010/07/08 22:37:15 | 000,001,436 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\ABI_FadeShroud_noFX.GDA
[2010/07/06 00:24:42 | 000,166,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/30 23:29:49 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\DGrayMan.wps
[2010/06/30 09:59:22 | 000,000,557 | ---- | C] () -- C:\Documents and Settings\Fyieri\Desktop\Rawr.lnk
[2010/06/30 00:27:51 | 000,000,677 | ---- | C] () -- C:\Documents and Settings\Fyieri\Desktop\DragonAge Origins.lnk
[2010/06/29 19:27:21 | 000,000,104 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml
[2010/06/29 18:04:14 | 000,217,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/06/29 18:04:11 | 000,217,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/06/29 18:04:11 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/06/29 18:04:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/06/29 17:43:31 | 002,186,342 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/06/29 17:42:21 | 000,000,296 | ---- | C] () -- C:\Documents and Settings\Fyieri\installLog.txt
[2010/06/28 17:39:53 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Fyieri\Desktop\FL Studio 9.lnk
[2010/06/26 23:07:19 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDrive r_01_07_00.Wdf
[2010/06/26 23:07:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00. Wdf
[2010/06/26 12:28:18 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\Misconception.wps
[2010/06/17 01:42:03 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/06/13 01:38:28 | 000,000,482 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\Thank You.rtf
[2010/05/29 18:55:07 | 000,124,928 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\Anne - June 1, 2010.doc
[2010/05/29 14:21:24 | 000,885,760 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\Anne2 - June 1, 2010.wps
[2010/05/26 00:31:48 | 000,418,326 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\spread.docx
[2010/05/22 01:40:54 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\MA Impression.wps
[2010/05/19 19:25:38 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/05/19 18:33:56 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/05/19 18:29:41 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\Fyieri\Desktop\Ad-Aware.lnk
[2010/05/17 14:58:58 | 000,000,077 | ---- | C] () -- C:\sc2win.com.url
[2010/05/17 14:43:27 | 000,015,360 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\His2.wps
[2010/05/16 01:22:54 | 000,031,614 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\tOd4.docx
[2010/05/16 01:22:47 | 000,072,725 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\ToD3.docx
[2010/05/16 01:22:33 | 000,097,806 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\ToD2.docx
[2010/05/16 01:22:23 | 000,143,410 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\ToD1.docx
[2010/05/15 22:05:22 | 000,000,187 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\cccc.rtf
[2010/05/15 22:05:03 | 000,000,490 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\codes.rtf
[2010/05/11 23:26:49 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010/05/11 22:15:43 | 000,002,198 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2010/05/07 21:32:09 | 000,023,117 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\Resume 2010.dotx
[2010/05/07 20:37:32 | 000,023,784 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\My Resume.docx
[2010/05/07 13:31:55 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\CT2.wps
[2010/05/07 01:22:07 | 000,001,003 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\CALL.rtf
[2010/05/03 19:03:17 | 000,007,878 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\Apone.xml
[2010/05/02 16:24:55 | 000,000,418 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\Position.rtf
[2010/05/01 16:56:26 | 000,002,667 | ---- | C] () -- C:\Documents and Settings\Fyieri\My Documents\Wedding Photos.rtf
[2010/04/30 08:56:03 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Diablo II.lnk
[2010/03/02 17:00:00 | 004,555,278 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2010/03/02 17:00:00 | 001,449,935 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll
[2010/03/02 17:00:00 | 000,882,688 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/03/02 17:00:00 | 000,877,385 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2010/03/02 17:00:00 | 000,556,491 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2010/03/02 17:00:00 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2010/03/02 17:00:00 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010/03/02 17:00:00 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2010/03/02 17:00:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2010/03/02 17:00:00 | 000,169,984 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2010/03/02 17:00:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2010/03/02 17:00:00 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010/03/02 17:00:00 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2010/03/02 17:00:00 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2010/03/02 17:00:00 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2010/03/02 17:00:00 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2010/03/02 17:00:00 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/11/14 11:37:08 | 000,154,112 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2009/11/14 11:33:38 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2009/11/14 11:11:50 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2009/11/14 11:11:42 | 000,150,016 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2009/11/14 11:11:42 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2009/11/14 11:11:40 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2009/11/14 11:11:40 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2009/11/14 11:11:38 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2009/11/14 11:11:32 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2009/11/14 11:11:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2009/08/19 15:17:03 | 000,035,363 | ---- | C] () -- C:\WINDOWS\System32\hl.sys
[2009/06/07 09:24:04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/02/13 06:20:32 | 000,000,165 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2009/02/12 15:57:34 | 000,000,598 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2009/02/12 15:57:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2009/02/12 15:56:55 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2009/01/10 15:15:44 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2009/01/03 14:38:12 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2008/12/24 12:54:16 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008/12/24 12:54:15 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/12/24 12:06:52 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2008/11/06 09:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/10/31 13:10:00 | 000,004,927 | ---- | C] () -- C:\WINDOWS\System32\ASPRTMM8.DLL
[2007/10/13 02:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2005/10/14 02:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005/10/14 02:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005/10/14 02:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005/10/14 02:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005/10/14 02:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005/10/14 02:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll

========== LOP Check ==========

[2009/03/16 12:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\117E
[2009/02/02 08:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\16157
[2009/01/28 12:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\71F
[2009/01/27 23:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\9BB
[2010/07/22 14:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/01/28 12:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\B34B
[2010/07/04 21:20:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2009/09/17 15:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2009/06/02 19:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/04/20 15:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2008/12/24 13:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/08/19 15:14:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/05/07 22:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/09/17 15:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2009/04/17 16:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock
[2008/12/24 16:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/05/21 11:46:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/05/11 22:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2009/04/12 13:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/04/17 16:01:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{1E77E486-38CF-4688-B1E4-B86D08856D09}
[2010/05/19 18:29:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2009/04/12 13:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/05/01 22:59:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}
[2009/07/25 18:10:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\Antispyware
[2009/03/03 23:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\Bioshock
[2009/06/29 21:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\elefundesktops
[2009/04/26 18:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\FOG Downloader
[2010/05/15 22:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\GetRightToGo
[2010/06/29 19:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\Graboid Inc
[2009/07/25 18:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\Ideazon
[2010/07/16 15:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\iScreensaver
[2010/07/16 22:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\LimeWire
[2010/04/20 10:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\Nokia
[2009/08/19 15:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\PC Suite
[2009/04/17 16:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\Stardock
[2010/06/28 20:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\SystemRequirementsLab
[2009/07/08 17:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\Template
[2009/09/13 17:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fyieri\Application Data\YoudaGames
[2010/07/28 21:46:07 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/07/28 21:45:09 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/07/28 21:41:44 | 000,020,032 | ---- | M] () -- C:\aaw7boot.log
[2008/12/24 09:05:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/04/30 08:59:11 | 000,000,000 | ---- | M] () -- C:\BnetLog.txt
[2010/07/08 09:33:30 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/07/28 21:13:07 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2010/07/28 21:27:56 | 000,029,371 | ---- | M] () -- C:\ComboFix.txt
[2008/12/24 09:05:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/03/10 18:20:26 | 000,878,818 | ---- | M] () -- C:\D2DV_IX86_112a_113c.mpq
[2008/12/24 09:05:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/07/19 17:20:18 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2008/12/24 09:05:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/12/24 12:53:57 | 000,022,729 | ---- | M] () -- C:\newfile.enc
[2008/12/24 12:53:57 | 000,022,729 | ---- | M] () -- C:\newkey
[2004/08/04 03:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/09/20 22:06:58 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/07/28 21:41:45 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009/09/17 15:31:18 | 000,002,378 | ---- | M] () -- C:\rapport.txt
[2010/03/11 10:04:55 | 000,000,077 | ---- | M] () -- C:\sc2win.com.url
[2009/12/08 17:01:13 | 000,001,992 | ---- | M] () -- C:\tracert.txt

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpi pelineprintproc.dll
[2006/01/19 13:33:38 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXCZPP5C .DLL
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr .dll

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010/07/10 00:59:56 | 000,088,576 | RHS- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\c_100107.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/12/23 15:52:35 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008/12/23 15:52:35 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008/12/23 15:52:35 | 000,921,600 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2008/04/13 17:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/04/13 17:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2008/04/13 17:12:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WINDOWS\system32\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Files - Unicode (All) ==========
[2009/12/19 20:15:09 | 000,000,036 | ---- | M] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\ᠠš
[2009/12/19 20:15:09 | 000,000,036 | ---- | C] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\ᠠš
[2009/12/09 13:51:01 | 000,000,036 | ---- | M] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\䛨œ
[2009/12/09 13:51:01 | 000,000,036 | ---- | C] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\䛨œ

========== Alternate Data Streams ==========

@Alternate Data Stream - 181 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6D6C4572
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3E821E59
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:439E3411
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >

My Extras File:
Sorry, if I posted twice, putting both copied texts in one message takes forever to post it.

OTL Extras logfile created on: 7/28/2010 9:49:03 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Fyieri\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 363.45 Gb Free Space | 78.60% Space Free | Partition Type: NTFS
Drive D: | 6.99 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: IMMY
Current User Name: Fyieri
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Hide folder by Hide N Lock] -- C:\Documents and Settings\Fyieri\Desktop\HidenLock.EXE -hd %1 File not found
Directory [Lock folder by Hide N Lock] -- C:\Documents and Settings\Fyieri\Desktop\HidenLock.EXE -ld %1 File not found
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Protect folder by Hide N Lock] -- C:\Documents and Settings\Fyieri\Desktop\HidenLock.EXE -pd %1 File not found
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader
"6112:TCP" = 6112:TCP:*:Enabled:Blizzard Downloader

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
"C:\Program Files\Curse\CurseClient.exe" = C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client -- ()
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Steam\steamapps\venycia\counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\venycia\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
"C:\Program Files\World of Warcraft\Launcher.exe" = C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files\World of Warcraft\BackgroundDownloader.exe" = C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizza rd Downloader -- (Blizzard Entertainment)
"C:\Documents and Settings\Fyieri\Desktop\VBA Game-Game Saves\VBALink.exe" = C:\Documents and Settings\Fyieri\Desktop\VBA Game-Game Saves\VBALink.exe:*:Enabled:VisualBoyAdvance emulator -- (None)
"C:\Documents and Settings\Fyieri\My Documents\Downloads\vbalink.exe" = C:\Documents and Settings\Fyieri\My Documents\Downloads\vbalink.exe:*:Enabled:vbalink -- ()
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled :Veoh Web Player -- (Veoh Networks)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Stardock Games\Demigod\bin\Demigod.exe" = C:\Program Files\Stardock Games\Demigod\bin\Demigod.exe:*:Enabled:Demigod -- (Gas Powered Games)
"C:\WINDOWS\system32\regsvr32.exe" = C:\WINDOWS\system32\regsvr32.exe:*:Enabled:Microso ft(C) Register Server -- (Microsoft Corporation)
"C:\Program Files\Dragon Age\tools\DragonAgeToolset.exe" = C:\Program Files\Dragon Age\tools\DragonAgeToolset.exe:*:Enabled:Dragon Age Toolset -- (BioWare)
"C:\Program Files\Dragon Age\tools\RPU.exe" = C:\Program Files\Dragon Age\tools\RPU.exe:*:Enabled:Dragon Age Toolset RPU -- ()
"C:\Program Files\Dragon Age\tools\lightmapper\eclipseRay.exe" = C:\Program Files\Dragon Age\tools\lightmapper\eclipseRay.exe:*:Enabled:Dra gon Age Toolset Lightmapper -- ()
"C:\Program Files\Dragon Age\tools\GffEditor.exe" = C:\Program Files\Dragon Age\tools\GffEditor.exe:*:Enabled:Dragon Age Toolset GFF editor -- (BioWare)
"C:\Program Files\Dragon Age\tools\ErfEditor.exe" = C:\Program Files\Dragon Age\tools\ErfEditor.exe:*:Enabled:Dragon Age Toolset ERF editor -- (BioWare)
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe" = C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:${SafeProductN ame} ${FirewallName_Launcher} -- (BioWare)
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe" = C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:${SafeProduct Name} ${FirewallName_Game} -- (BioWare)
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:${ SafeProductName} ${FirewallName_Updater} -- (BioWare)
"C:\Program Files\StarCraft II\StarCraft II.exe" = C:\Program Files\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 20
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4186FEBC-F0CC-4185-A406-24292BC9877A}" = Nokia Software Updater
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.80
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{64E47A5F-B3C4-476A-9100-2D006BD1FFB4}" = Z Engine
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B5E816C-A761-4F5B-BF48-84B794556CAA}_is1" = Freelang Dictionary (wordlist)
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.12.0
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A95C2DC-779A-4EA8-9DE3-B118D1411E8B}_is1" = Freelang Dictionary 3.74 beta
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D60785A4-B34B-452A-9121-70CACC65DE1A}_is1" = Calculator Prompter 2.6
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E21B4FFE-843B-49D4-81B1-E682ACAAD438}_is1" = Pokemon World Online 1.52
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows Driver Package - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.15 beta
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"am-texttwist2" = TextTwist 2
"ASIO4ALL" = ASIO4ALL
"avast5" = avast! Free Antivirus
"Belarc Advisor" = Belarc Advisor 7.2
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B3204 85DF8CE.1" = Acrobat.com
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility
"Demigod" = Demigod
"Diablo II" = Diablo II
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Drumaxx" = Drumaxx
"ENTERPRISER" = Microsoft Office Enterprise 2007
"FL Studio 9" = FL Studio 9
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Governor of Poker1.0" = Governor of Poker
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IL Download Manager" = IL Download Manager
"Impulse" = Impulse
"Lexmark 1200 Series" = Lexmark 1200 Series
"LimeWire" = LimeWire PRO 5.1.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.5
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MP4 to MP3 Converter 3" = MP4 to MP3 Converter 3
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Pen Tablet Driver" = Pen Tablet
"PoiZone" = PoiZone
"Sakura" = Sakura
"Sawer" = Sawer
"StarCraft II" = StarCraft II
"Steam App 240" = Counter-Strike: Source
"SystemRequirementsLab" = System Requirements Lab
"Toxic Biohazard" = Toxic Biohazard
"Uninstall_is1" = Uninstall 1.0.0.1
"Veoh Web Player Beta" = Veoh Web Player
"Virtual Villagers: The Lost Children" = Virtual Villagers: The Lost Children
"VLC media player" = VLC media player 1.0.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"Dragon Age Redesigned © Morrigan" = Dragon Age Redesigned © Morrigan
"Dragon Age Redesigned©" = Dragon Age Redesigned©
"Dragon Age Redesigned© Zevran" = Dragon Age Redesigned© Zevran
"Dragon Age Redesigned© Leliana" = Dragon Age Redesigned© Leliana
"Dragon Age Redesigned© Sten" = Dragon Age Redesigned© Sten
"Dragon Age Redesigned© Wynne" = Dragon Age Redesigned© Wynne

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/28/2010 6:46:38 PM | Computer Name = IMMY | Source = ESENT | ID = 489
Description = wuauclt (1200) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\ed b.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).

Error - 7/28/2010 6:46:38 PM | Computer Name = IMMY | Source = ESENT | ID = 455
Description = wuaueng.dll (1200) SUS20ClientDataStore: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb .log.

Error - 7/29/2010 12:01:08 AM | Computer Name = IMMY | Source = Application Hang | ID = 1002
Description = Hanging application AvastUI.exe, version 5.0.594.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 7/29/2010 12:05:28 AM | Computer Name = IMMY | Source = Application Hang | ID = 1002
Description = Hanging application AvastUI.exe, version 5.0.594.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 7/29/2010 12:20:04 AM | Computer Name = IMMY | Source = WinDefendRtp | ID = 3003
Description = %%827 Real-Time Protection checkpoint has encountered an error and
failed to start. User: IMMY\Fyieri Checkpoint ID: 1 Error Code: 0x80070005 Error description:
Access is denied.

Error - 7/29/2010 12:20:04 AM | Computer Name = IMMY | Source = WinDefendRtp | ID = 3003
Description = %%827 Real-Time Protection checkpoint has encountered an error and
failed to start. User: IMMY\Fyieri Checkpoint ID: 1 Error Code: 0x8000ffff Error description:
Catastrophic failure

Error - 7/29/2010 12:42:12 AM | Computer Name = IMMY | Source = WinDefendRtp | ID = 3003
Description = %%827 Real-Time Protection checkpoint has encountered an error and
failed to start. User: IMMY\Fyieri Checkpoint ID: 1 Error Code: 0x80070005 Error description:
Access is denied.

Error - 7/29/2010 12:42:12 AM | Computer Name = IMMY | Source = WinDefendRtp | ID = 3003
Description = %%827 Real-Time Protection checkpoint has encountered an error and
failed to start. User: IMMY\Fyieri Checkpoint ID: 1 Error Code: 0x8000ffff Error description:
Catastrophic failure

Error - 7/29/2010 12:45:40 AM | Computer Name = IMMY | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 7/29/2010 12:45:41 AM | Computer Name = IMMY | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ OSession Events ]
Error - 1/21/2010 8:03:16 PM | Computer Name = IMMY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4749
seconds with 1860 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/29/2010 12:44:55 AM | Computer Name = IMMY | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 7/29/2010 12:44:56 AM | Computer Name = IMMY | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 7/29/2010 12:45:07 AM | Computer Name = IMMY | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 7/29/2010 12:45:07 AM | Computer Name = IMMY | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 7/29/2010 12:45:41 AM | Computer Name = IMMY | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 7/29/2010 12:45:41 AM | Computer Name = IMMY | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 7/29/2010 12:45:41 AM | Computer Name = IMMY | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 7/29/2010 12:45:41 AM | Computer Name = IMMY | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 7/29/2010 12:48:05 AM | Computer Name = IMMY | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 7/29/2010 12:48:05 AM | Computer Name = IMMY | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058


< End of report >

You didn't say how is redirection issue...

================================================== ===========

Update your Java version: Download Free Java Software

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

Now, we'll remove old Java installations...

Please download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.

================================================== ==========

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  Code:

  :OTL
  O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
  O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
  [2010/07/10 00:59:56 | 000,088,576 | RHS- | M] () -- C:\WINDOWS\System32\c_100107.dll
  @Alternate Data Stream - 181 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6D6C4572
  @Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3E821E59
  @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
  @Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:439E3411
  @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
  @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
  
  
  :Services
  
  :Reg
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
  "EnableFirewall" =dword:00000001
  
  :Files
  
  :Commands
  [purity]
  [emptytemp]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.