BleepingComputer.com: Windows Recovery

.
DDS (Ver_2011-06-03.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_18
Run by Clayton at 14:05:23 on 2011-06-07
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.2.1033.18.4026.1996 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Security 360 *Disabled/Outdated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe
C:\Windows\system32\lxbccoms.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PSIService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Tablet.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\WTablet\TabUserW.exe
C:\Windows\system32\Tablet.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\dinotify.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\PLFSetI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5732z&r=27361209a255l0324z1h5t5852x499
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5732z&r=27361209a255l0324z1h5t5852x499
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5732z&r=27361209a255l0324z1h5t5852x499
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5732z&r=27361209a255l0324z1h5t5852x499
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [kqAIrvwyxLeS] C:\ProgramData\kqAIrvwyxLeS.exe
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_Plugin.exe -update plugin
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
mRun: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
mRun: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Livestream Procaster] "C:\Program Files (x86)\Livestream Procaster\Procaster.exe" -autorun
mRun: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\Clayton\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{108AF699-3126-46CC-9BF0-760B0C7651F7} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{108AF699-3126-46CC-9BF0-760B0C7651F7}\3445452584745756374775962756C6563737 : DhcpNameServer = 66.59.149.70 139.142.2.3 209.135.99.3
TCP: Interfaces\{108AF699-3126-46CC-9BF0-760B0C7651F7}\46C696E6B6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{108AF699-3126-46CC-9BF0-760B0C7651F7}\47B6562727 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{F67B5C88-C6AF-4E07-B18C-A3326AB644E0} : DhcpNameServer = 208.67.222.222 208.67.220.220 4.2.2.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
mRun-x64: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
mRun-x64: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Livestream Procaster] "C:\Program Files (x86)\Livestream Procaster\Procaster.exe" -autorun
mRun-x64: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun-x64: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
mRun-x64: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
mRunOnce-x64: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Clayton\AppData\Roaming\Mozilla\Firefox\Profiles\7j8lb8zu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/ig?hl=en
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-5-26 42184]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-11-6 844320]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 IS360service;IS360service;C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe [2011-4-13 312152]
R2 lxbc_device;lxbc_device;C:\Windows\system32\lxbccoms.exe -service --> C:\Windows\system32\lxbccoms.exe -service [?]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe service --> C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe service [?]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-1-31 1153368]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-6 240160]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-6 135664]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-6 135664]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\system32\DRIVERS\ManyCam_x64.sys --> C:\Windows\system32\DRIVERS\ManyCam_x64.sys [?]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-10 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-11-6 225280]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-06-07 17:14:18 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{613B9FFE-F140-4114-AB85-C8897855C9B3}\mpengine.dll
2011-06-07 15:34:54 -------- d-----w- C:\Users\Clayton\AppData\Local\{3CF89C04-4C8D-46BA-81FE-7DB59B0CDCAF}
2011-06-07 03:20:45 -------- d-----w- C:\Users\Clayton\AppData\Local\{44320DE1-2F65-4590-A75E-6A05F6DDE1B4}
2011-06-03 05:45:18 410112 ---ha-w- C:\ProgramData\19781860.exe
2011-06-03 00:41:10 -------- d-----w- C:\Users\Clayton\AppData\Local\{A083B687-7E59-40C3-A6CA-7D59F89B83FB}
2011-06-02 12:34:20 -------- d-----w- C:\Users\Clayton\AppData\Local\{8E7A525C-ED44-4104-8B1D-8F1119F6E131}
2011-06-02 00:33:26 -------- d-----w- C:\Users\Clayton\AppData\Local\{94165CAC-8DA2-49CC-84A4-B1509B414B3D}
2011-06-01 10:26:16 -------- d-----w- C:\Users\Clayton\AppData\Local\{7502FF34-F202-4A57-8228-C7036A0A1663}
2011-05-31 22:25:38 -------- d-----w- C:\Users\Clayton\AppData\Local\{D29838DA-CF10-4254-AE30-1153681BC57F}
2011-05-30 19:00:36 -------- d-----w- C:\Users\Clayton\AppData\Local\{95A43BD8-0D0D-4FA9-A6A1-0168910C996E}
2011-05-29 21:58:28 -------- d-----w- C:\Users\Clayton\AppData\Local\{63435288-AC88-452E-A9E1-FBEFD1F49440}
2011-05-28 21:57:24 -------- d-----w- C:\Users\Clayton\AppData\Local\{E8684CD6-0947-4DAC-96B6-7ED591BA204D}
2011-05-28 02:34:48 -------- d--h--w- C:\Program Files (x86)\tamasoftware
2011-05-27 22:37:57 567808 ----a-w- C:\Windows\System32\lxbcutil.dll
2011-05-27 18:41:17 -------- d-----w- C:\Users\Clayton\AppData\Local\{6A6EBB4E-777A-4155-9B74-BF71F9E80C87}
2011-05-27 05:13:48 -------- d-----w- C:\Users\Clayton\AppData\Local\{0AD9B49F-3F11-4EA7-A4C5-6C87DAD6AB6E}
2011-05-27 01:26:29 600920 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-05-26 23:55:04 179712 ------w- C:\Windows\System32\BrfxDA5b.dll
2011-05-26 23:55:03 5120 ------w- C:\Windows\SysWow64\BrDctF2L.dll
2011-05-26 23:55:03 176128 ------w- C:\Windows\SysWow64\BroSNMP.dll
2011-05-26 23:55:02 73728 ------w- C:\Windows\SysWow64\BrDctF2.dll
2011-05-26 23:55:02 3072 ------w- C:\Windows\SysWow64\BrDctF2S.dll
2011-05-26 23:54:54 167936 ------w- C:\Windows\SysWow64\NSSearch.dll
2011-05-26 23:54:54 -------- d--h--w- C:\Program Files (x86)\Brother
2011-05-26 23:53:58 -------- d--h--w- C:\ProgramData\Brother
2011-05-26 23:53:43 65536 ---ha-w- C:\Program Files (x86)\Mozilla Firefox\mflpro\MFC-240C\Setup.exe
2011-05-26 23:53:43 385968 ---ha-w- C:\Program Files (x86)\Mozilla Firefox\mflpro\Data\Disk1\_Setup.dll
2011-05-26 23:53:42 455600 ---ha-w- C:\Program Files (x86)\Mozilla Firefox\mflpro\Data\Disk1\setup.exe
2011-05-26 23:53:41 552214 ---ha-w- C:\Program Files (x86)\Mozilla Firefox\mflpro\Data\Disk1\ISSetup.dll
2011-05-26 23:53:40 45056 ---ha-w- C:\Program Files (x86)\Mozilla Firefox\mflpro\Data\Disk1\Brolink\Brolink0.exe
2011-05-26 17:13:12 -------- d-----w- C:\Users\Clayton\AppData\Local\{455F2E9B-FCFD-4EA3-BC1F-EE4735D9B259}
2011-05-26 05:12:36 -------- d-----w- C:\Users\Clayton\AppData\Local\{54BDF48E-0121-4819-BC0A-392C7ABCD7B4}
2011-05-25 17:18:15 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-05-25 17:11:52 -------- d-----w- C:\Users\Clayton\AppData\Local\{A375F1B0-542F-4F21-8B9B-8149F494B853}
2011-05-24 13:42:01 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-05-24 13:42:01 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-05-24 12:03:40 -------- d-----w- C:\Users\Clayton\AppData\Local\{0A5EE18C-EBD9-414A-B0B5-DF32DF861859}
2011-05-23 16:20:42 -------- d-----w- C:\Users\Clayton\AppData\Local\{3101D79B-1F58-4B63-8B20-636ED718D2E3}
2011-05-22 06:12:18 -------- d-----w- C:\Users\Clayton\AppData\Local\{0F089FA5-0413-4F50-A14C-2940131F48D2}
2011-05-21 10:02:59 -------- d-----w- C:\Users\Clayton\AppData\Local\{8D32F69D-6901-4259-A3F0-1E2095BA3DF3}
2011-05-20 22:02:17 -------- d-----w- C:\Users\Clayton\AppData\Local\{174F2CA2-AFA8-4FCD-8CC1-6475ED34194E}
2011-05-19 08:05:20 -------- d-----w- C:\Users\Clayton\AppData\Local\{4F37226C-565B-459B-BC9F-BB46F930A8EE}
2011-05-18 04:28:54 -------- d-----w- C:\Users\Clayton\AppData\Local\{B1816854-F44B-4464-AEF9-9B9CF8F8CEFC}
2011-05-17 04:27:53 -------- d-----w- C:\Users\Clayton\AppData\Local\{FB35897F-FE58-434F-BFEF-FBF94C448BCA}
2011-05-16 13:19:10 -------- d-----w- C:\Users\Clayton\AppData\Local\{1BF6498B-505E-4422-9E15-F3EBC65E659C}
2011-05-15 18:40:02 -------- d-----w- C:\Users\Clayton\AppData\Local\{83DF009F-11A5-476D-B5A3-0012AB5E9C30}
2011-05-15 00:10:47 -------- d-----w- C:\Users\Clayton\AppData\Local\{B097BC08-1F79-4937-84ED-1D7A178B6AAB}
2011-05-14 04:22:16 -------- d-----w- C:\Users\Clayton\AppData\Local\{59EB06BA-74D3-4806-A3B0-1219107B786A}
2011-05-14 04:21:42 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-13 04:15:08 -------- d-----w- C:\Users\Clayton\AppData\Local\{F7E3864C-FABD-4D8C-88C5-2087A8017BD0}
2011-05-12 16:18:21 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2011-05-12 16:14:24 -------- d-----w- C:\Users\Clayton\AppData\Local\{1C1ABAC1-9E36-435C-AE80-30ADFEA11DAB}
2011-05-11 23:19:22 -------- d-----w- C:\Users\Clayton\AppData\Local\{774E8C05-8F0E-44AC-BECE-B594401B127C}
2011-05-11 14:37:53 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-11 14:37:52 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-11 14:37:52 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-11 11:18:39 -------- d-----w- C:\Users\Clayton\AppData\Local\{9EEFB277-DD0D-4666-8751-4AAC8A8C47D2}
2011-05-10 16:38:13 -------- d-----w- C:\Users\Clayton\AppData\Local\{B252B55E-9246-4FC1-B9FE-FC54D82B3FE9}
2011-05-09 20:50:27 -------- d-----w- C:\Users\Clayton\AppData\Local\{ADCB6A94-1744-47E4-A646-09374BE382E5}
2011-05-09 03:53:42 -------- d-----w- C:\Users\Clayton\AppData\Local\{0928673F-A718-41AE-BB91-4E445FA98B7E}
.
==================== Find3M ====================
.
2011-05-10 12:10:59 40112 ----a-w- C:\Windows\avastSS.scr
2011-05-10 11:59:48 64344 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-03-12 12:03:46 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-03-12 11:31:58 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-03-11 06:23:13 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-03-11 06:23:06 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-03-11 06:23:06 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-03-11 06:23:06 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-03-11 06:23:00 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-03-11 06:22:41 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-03-11 06:22:40 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 06:18:20 2566144 ----a-w- C:\Windows\System32\esent.dll
2011-03-11 06:15:54 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-11 05:39:35 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2011-03-11 05:37:34 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
.
============= FINISH: 14:06:33.80 ===============

Thank you for replying. I haven't started your instructions yet because I need to ask you how I can backup my stuff first. Are there any websites I can backup all of my stuff on?

OTL logfile created on: 6/16/2011 12:29:51 AM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Clayton\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: M/dd/yy

3.93 Gb Total Physical Memory | 2.08 Gb Available Physical Memory | 52.91% Memory free
7.86 Gb Paging File | 5.92 Gb Available in Paging File | 75.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.99 Gb Total Space | 230.78 Gb Free Space | 80.70% Space Free | Partition Type: NTFS

Computer Name: CLAYTON-PC | User Name: Clayton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/16 00:26:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Clayton\Desktop\OTL.exe
PRC - [2011/05/10 08:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/04/29 00:14:44 | 000,924,632 | -H-- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/03/22 13:53:56 | 002,403,024 | -H-- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/06/11 18:14:22 | 000,312,152 | -H-- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe
PRC - [2009/10/29 07:47:34 | 000,419,112 | -H-- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009/10/21 22:53:42 | 000,181,480 | -H-- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009/10/13 15:25:54 | 000,186,904 | -H-- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/10/13 15:25:30 | 000,354,840 | -H-- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/09/10 09:42:30 | 000,349,480 | -H-- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/28 05:38:58 | 001,150,496 | -H-- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009/08/18 05:42:08 | 001,157,128 | -H-- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009/08/04 01:09:34 | 000,199,464 | -H-- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009/07/03 22:47:12 | 000,240,160 | -H-- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/03/30 15:00:54 | 000,221,184 | -H-- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 16:31:10 | 001,153,368 | -H-- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/07/29 20:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2006/12/22 08:31:50 | 000,108,712 | -H-- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
PRC - [2006/12/22 08:29:56 | 000,067,752 | -H-- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
PRC - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe


========== Modules (SafeList) ==========

MOD - [2011/06/16 00:26:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Clayton\Desktop\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/10/29 15:10:02 | 000,844,320 | -H-- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/03 22:47:12 | 000,240,160 | -H-- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2007/03/30 21:06:22 | 001,574,448 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Tablet.exe -- (TabletService)
SRV:64bit: - [2007/03/16 01:24:18 | 000,566,704 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxbccoms.exe -- (lxbc_device)
SRV - [2010/06/11 18:14:22 | 000,312,152 | -H-- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe -- (IS360service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/15 09:55:26 | 002,792,280 | -H-- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009/10/13 15:25:30 | 000,354,840 | -H-- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/09/10 09:42:46 | 000,305,448 | -H-- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 05:38:58 | 001,150,496 | -H-- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 14:02:20 | 000,250,616 | -H-- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/01/26 16:31:10 | 001,153,368 | -H-- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2007/03/16 01:24:02 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxbccoms.exe -- (lxbc_device)
SRV - [2006/12/22 08:31:50 | 000,108,712 | -H-- | M] () [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0)
SRV - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/10 07:59:48 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/23 16:50:12 | 000,018,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/10/13 15:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/20 23:00:44 | 001,537,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/01 21:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/08/21 05:18:16 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/27 03:04:36 | 000,058,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/18 08:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 07:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 07:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 07:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/05 04:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 04:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/03/13 03:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam)
DRV:64bit: - [2007/02/16 15:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2007/02/16 14:30:12 | 000,014,640 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009/09/01 21:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/03/25 23:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\Drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5732z&r=27361209a255l0324z1h5t5852x499
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5732z&r=27361209a255l0324z1h5t5852x499
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5732z&r=27361209a255l0324z1h5t5852x499
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5732z&r=27361209a255l0324z1h5t5852x499


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3939859704-664869843-1754823899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5732z&r=27361209a255l0324z1h5t5852x499
IE - HKU\S-1-5-21-3939859704-664869843-1754823899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5732z&r=27361209a255l0324z1h5t5852x499
IE - HKU\S-1-5-21-3939859704-664869843-1754823899-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.ca/ig?hl=en"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.94
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {11483926-db67-4190-91b1-ef20fcec5f33}:0.4.3
FF - prefs.js..extensions.enabledItems: {1cff04ef-0c75-4621-ba2a-2efb77346996}:2.3
FF - prefs.js..extensions.enabledItems: {5F590AA2-1221-4113-A6F4-A4BB62414FAC}:0.45.6.20100202.1
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.60


FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/05/26 21:26:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/04/29 00:14:46 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/26 21:16:30 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b8\extensions\\Components: C:\Users\Clayton\Desktop\components
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b8\extensions\\Plugins: C:\Users\Clayton\Desktop\plugins

[2009/12/25 10:38:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Clayton\AppData\Roaming\Mozilla\Extensions
[2011/06/02 20:42:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Clayton\AppData\Roaming\Mozilla\Firefox\Profiles\7j8lb8zu.default\extensions
[2010/03/26 04:37:03 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\Clayton\AppData\Roaming\Mozilla\Firefox\Profiles\7j8lb8zu.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/12/31 09:31:40 | 000,000,000 | ---D | M] ("FxIF") -- C:\Users\Clayton\AppData\Roaming\Mozilla\Firefox\Profiles\7j8lb8zu.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}
[2010/02/21 20:20:27 | 000,000,000 | ---D | M] ("ChromaTabs Plus") -- C:\Users\Clayton\AppData\Roaming\Mozilla\Firefox\Profiles\7j8lb8zu.default\extensions\{1cff04ef-0c75-4621-ba2a-2efb77346996}
[2010/02/21 20:26:31 | 000,000,000 | ---D | M] (SmoothWheel (mozdev.org)) -- C:\Users\Clayton\AppData\Roaming\Mozilla\Firefox\Profiles\7j8lb8zu.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
[2011/03/10 14:05:57 | 000,000,000 | ---D | M] ("BabelFish") -- C:\Users\Clayton\AppData\Roaming\Mozilla\Firefox\Profiles\7j8lb8zu.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}
[2011/02/18 05:55:00 | 000,000,000 | ---D | M] ("Exif Viewer") -- C:\Users\Clayton\AppData\Roaming\Mozilla\Firefox\Profiles\7j8lb8zu.default\extensions\exif_viewer@mozilla.doslash.org
[2011/03/12 16:48:43 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Clayton\AppData\Roaming\Mozilla\Firefox\Profiles\7j8lb8zu.default\extensions\personas@christopher.beard
[2011/03/25 04:14:25 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
[2011/05/26 21:26:26 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
() (No name found) -- C:\USERS\CLAYTON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7J8LB8ZU.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\CLAYTON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7J8LB8ZU.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/04/29 00:14:44 | 000,142,296 | -H-- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | -H-- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/04/22 16:32:59 | 000,432,840 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14894 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [PLFSetL] C:\Windows\\PLFSetL.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Livestream Procaster] C:\Program Files (x86)\Livestream Procaster\Procaster.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3939859704-664869843-1754823899-1000..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKU\S-1-5-21-3939859704-664869843-1754823899-1000..\Run: [kqAIrvwyxLeS] File not found
O4 - HKU\S-1-5-21-3939859704-664869843-1754823899-1000..\Run: [RESTART_STICKY_NOTES] File not found
O4 - HKU\S-1-5-21-3939859704-664869843-1754823899-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-3939859704-664869843-1754823899-1000..\RunOnce: [FlashPlayerUpdate] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3939859704-664869843-1754823899-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/16 00:26:53 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Clayton\Desktop\OTL.exe
[2011/06/16 00:21:35 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{75D534A6-8FB2-474A-9C31-3397F59A4F82}
[2011/06/07 11:34:54 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{3CF89C04-4C8D-46BA-81FE-7DB59B0CDCAF}
[2011/06/06 23:20:45 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{44320DE1-2F65-4590-A75E-6A05F6DDE1B4}
[2011/06/03 01:45:52 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery
[2011/06/02 20:41:10 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{A083B687-7E59-40C3-A6CA-7D59F89B83FB}
[2011/06/02 08:34:20 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{8E7A525C-ED44-4104-8B1D-8F1119F6E131}
[2011/06/01 20:33:26 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{94165CAC-8DA2-49CC-84A4-B1509B414B3D}
[2011/06/01 06:26:16 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{7502FF34-F202-4A57-8228-C7036A0A1663}
[2011/05/31 18:25:38 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{D29838DA-CF10-4254-AE30-1153681BC57F}
[2011/05/30 15:00:36 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{95A43BD8-0D0D-4FA9-A6A1-0168910C996E}
[2011/05/29 17:58:28 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{63435288-AC88-452E-A9E1-FBEFD1F49440}
[2011/05/28 17:57:24 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{E8684CD6-0947-4DAC-96B6-7ED591BA204D}
[2011/05/27 22:34:48 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\tamasoftware
[2011/05/27 22:34:48 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pepakura Designer 3
[2011/05/27 18:38:27 | 000,000,000 | -H-D | C] -- C:\Program Files\Lexmark Z500-Z600 Series
[2011/05/27 18:38:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark Z500-Z600 Series
[2011/05/27 18:38:13 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Lexmark Z500-Z600 Series
[2011/05/27 18:38:11 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcserv.dll
[2011/05/27 18:38:11 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcusb1.dll
[2011/05/27 18:38:11 | 000,983,107 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lxbcgf.dll
[2011/05/27 18:38:11 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcpmui.dll
[2011/05/27 18:38:11 | 000,434,176 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbcjswr.dll
[2011/05/27 18:38:11 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcinpa.dll
[2011/05/27 18:38:11 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbciesc.dll
[2011/05/27 18:38:11 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcppls.exe
[2011/05/27 18:38:11 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcprox.dll
[2011/05/27 18:38:11 | 000,155,648 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbcinsb.dll
[2011/05/27 18:38:11 | 000,131,072 | ---- | C] (Lexmark ) -- C:\Windows\SysWow64\lxbcins.dll
[2011/05/27 18:38:11 | 000,094,208 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbccur.dll
[2011/05/27 18:38:11 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcpplc.dll
[2011/05/27 18:38:11 | 000,086,016 | ---- | C] (Lexmark ) -- C:\Windows\SysWow64\lxbcinsr.dll
[2011/05/27 18:38:11 | 000,073,728 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbccu.dll
[2011/05/27 18:38:10 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbchbn3.dll
[2011/05/27 18:38:10 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccomc.dll
[2011/05/27 18:38:10 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbclmpm.dll
[2011/05/27 18:38:10 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccoms.exe
[2011/05/27 18:38:10 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccomm.dll
[2011/05/27 18:38:10 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcih.exe
[2011/05/27 18:38:10 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccfg.exe
[2011/05/27 18:38:10 | 000,073,728 | ---- | C] (Lexmark International) -- C:\Windows\SysWow64\LXBCcfg.dll
[2011/05/27 18:37:57 | 001,418,240 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcserv.dll
[2011/05/27 18:37:57 | 001,099,776 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcusb1.dll
[2011/05/27 18:37:57 | 000,305,664 | ---- | C] ( ) -- C:\Windows\SysNative\LXBChcp.dll
[2011/05/27 18:37:57 | 000,238,592 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcinpa.dll
[2011/05/27 18:37:57 | 000,226,816 | ---- | C] ( ) -- C:\Windows\SysNative\lxbciesc.dll
[2011/05/27 18:37:57 | 000,035,328 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcprox.dll
[2011/05/27 18:37:56 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysNative\lxbccomc.dll
[2011/05/27 18:37:56 | 000,660,480 | ---- | C] ( ) -- C:\Windows\SysNative\lxbchbn3.dll
[2011/05/27 18:37:56 | 000,566,704 | ---- | C] ( ) -- C:\Windows\SysNative\lxbccoms.exe
[2011/05/27 18:37:56 | 000,488,448 | ---- | C] ( ) -- C:\Windows\SysNative\lxbclmpm.dll
[2011/05/27 18:37:56 | 000,416,768 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbcjswr.dll
[2011/05/27 18:37:56 | 000,410,112 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcpmui.dll
[2011/05/27 18:37:56 | 000,249,856 | ---- | C] ( ) -- C:\Windows\SysNative\lxbccomm.dll
[2011/05/27 18:37:56 | 000,236,464 | ---- | C] ( ) -- C:\Windows\SysNative\lxbccfg.exe
[2011/05/27 18:37:56 | 000,233,392 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcih.exe
[2011/05/27 18:37:56 | 000,177,664 | ---- | C] (Lexmark ) -- C:\Windows\SysNative\lxbcins.dll
[2011/05/27 18:37:56 | 000,135,168 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbcinsb.dll
[2011/05/27 18:37:56 | 000,077,824 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbccu.dll
[2011/05/27 18:37:56 | 000,076,800 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbccur.dll
[2011/05/27 18:37:56 | 000,072,192 | ---- | C] (Lexmark ) -- C:\Windows\SysNative\lxbcinsr.dll
[2011/05/27 18:37:56 | 000,062,464 | ---- | C] (Lexmark International) -- C:\Windows\SysNative\LXBCcfg.dll
[2011/05/27 18:37:56 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcpplc.dll
[2011/05/27 18:37:14 | 000,000,000 | ---D | C] -- C:\drivers
[2011/05/27 14:41:17 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{6A6EBB4E-777A-4155-9B74-BF71F9E80C87}
[2011/05/27 01:13:48 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{0AD9B49F-3F11-4EA7-A4C5-6C87DAD6AB6E}
[2011/05/26 21:26:29 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/05/26 19:55:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2011/05/26 19:55:04 | 000,179,712 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrfxDA5b.dll
[2011/05/26 19:55:03 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BroSNMP.dll
[2011/05/26 19:55:03 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2L.dll
[2011/05/26 19:55:02 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2.dll
[2011/05/26 19:55:02 | 000,003,072 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2S.dll
[2011/05/26 19:54:54 | 000,167,936 | ---- | C] (brother) -- C:\Windows\SysWow64\NSSearch.dll
[2011/05/26 19:54:54 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Brother
[2011/05/26 19:53:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\Brother
[2011/05/26 13:13:12 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{455F2E9B-FCFD-4EA3-BC1F-EE4735D9B259}
[2011/05/26 01:12:36 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{54BDF48E-0121-4819-BC0A-392C7ABCD7B4}
[2011/05/25 13:18:15 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011/05/25 13:11:52 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{A375F1B0-542F-4F21-8B9B-8149F494B853}
[2011/05/24 09:42:01 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/05/24 09:42:01 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/05/24 08:03:40 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{0A5EE18C-EBD9-414A-B0B5-DF32DF861859}
[2011/05/23 12:20:42 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{3101D79B-1F58-4B63-8B20-636ED718D2E3}
[2011/05/22 02:12:18 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{0F089FA5-0413-4F50-A14C-2940131F48D2}
[2011/05/21 06:02:59 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{8D32F69D-6901-4259-A3F0-1E2095BA3DF3}
[2011/05/20 18:02:17 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{174F2CA2-AFA8-4FCD-8CC1-6475ED34194E}
[2011/05/19 04:05:20 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{4F37226C-565B-459B-BC9F-BB46F930A8EE}
[2011/05/18 00:28:54 | 000,000,000 | ---D | C] -- C:\Users\Clayton\AppData\Local\{B1816854-F44B-4464-AEF9-9B9CF8F8CEFC}
[2010/01/02 01:06:20 | 000,172,032 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/16 00:32:30 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/16 00:32:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/16 00:26:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Clayton\Desktop\OTL.exe
[2011/06/16 00:22:11 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/16 00:20:28 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/16 00:20:27 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2011/06/16 00:20:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/16 00:20:06 | 3166,154,752 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/03 03:43:31 | 001,007,108 | ---- | M] () -- C:\Users\Clayton\Desktop\iExplore.exe
[2011/06/03 01:46:26 | 000,000,152 | -H-- | M] () -- C:\ProgramData\~19781860r
[2011/06/03 01:46:26 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~19781860
[2011/06/03 01:45:58 | 000,000,639 | ---- | M] () -- C:\Users\Clayton\Desktop\Windows 7 Recovery.lnk
[2011/06/03 01:45:30 | 000,000,344 | -H-- | M] () -- C:\ProgramData\19781860
[2011/06/03 01:45:18 | 000,410,112 | ---- | M] () -- C:\ProgramData\19781860.exe
[2011/05/31 03:56:45 | 000,000,348 | ---- | M] () -- C:\Windows\Lexstat.ini
[2011/05/27 22:34:49 | 000,002,286 | ---- | M] () -- C:\Users\Clayton\Desktop\Pepakura Viewer 3.lnk
[2011/05/27 18:40:47 | 000,005,185 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
[2011/05/26 21:26:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/05/26 21:23:07 | 000,375,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/05/26 21:12:35 | 000,000,321 | ---- | M] () -- C:\Windows\Brpfx04a.ini
[2011/05/26 20:01:59 | 000,002,137 | ---- | M] () -- C:\Users\Clayton\Desktop\ControlCenter3.lnk
[2011/05/26 19:55:55 | 000,000,094 | ---- | M] () -- C:\Windows\brpcfx.ini
[2011/05/26 19:55:22 | 000,000,050 | ---- | M] () -- C:\Windows\SysNative\bridf06a.dat
[2011/05/26 19:39:29 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/26 19:39:29 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/26 19:39:29 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/26 19:39:14 | 000,000,435 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2011/05/26 19:39:14 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/03 03:44:36 | 001,007,108 | ---- | C] () -- C:\Users\Clayton\Desktop\iExplore.exe
[2011/06/03 01:46:26 | 000,000,152 | -H-- | C] () -- C:\ProgramData\~19781860r
[2011/06/03 01:46:26 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~19781860
[2011/06/03 01:45:58 | 000,000,639 | ---- | C] () -- C:\Users\Clayton\Desktop\Windows 7 Recovery.lnk
[2011/06/03 01:45:30 | 000,000,344 | -H-- | C] () -- C:\ProgramData\19781860
[2011/06/03 01:45:18 | 000,410,112 | ---- | C] () -- C:\ProgramData\19781860.exe
[2011/05/27 22:34:49 | 000,002,286 | ---- | C] () -- C:\Users\Clayton\Desktop\Pepakura Viewer 3.lnk
[2011/05/27 18:38:57 | 000,000,348 | ---- | C] () -- C:\Windows\Lexstat.ini
[2011/05/27 18:38:11 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbcutil.dll
[2011/05/27 18:38:11 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBCinst.dll
[2011/05/27 18:38:10 | 000,001,858 | ---- | C] () -- C:\Windows\SysWow64\lxbc.loc
[2011/05/27 18:37:57 | 000,567,808 | ---- | C] () -- C:\Windows\SysNative\lxbcutil.dll
[2011/05/27 18:37:57 | 000,194,048 | ---- | C] () -- C:\Windows\SysNative\LXBCinst.dll
[2011/05/27 18:37:57 | 000,005,185 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
[2011/05/27 18:37:56 | 000,001,858 | ---- | C] () -- C:\Windows\SysNative\lxbc.loc
[2011/05/26 20:01:59 | 000,002,137 | ---- | C] () -- C:\Users\Clayton\Desktop\ControlCenter3.lnk
[2011/05/26 19:55:55 | 000,000,321 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011/05/26 19:55:55 | 000,000,094 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011/05/26 19:55:22 | 000,000,050 | ---- | C] () -- C:\Windows\SysNative\bridf06a.dat
[2011/05/26 19:55:04 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2011/05/26 19:39:14 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011/05/26 12:53:01 | 007,652,870 | ---- | C] () -- C:\Users\Clayton\Desktop\Alchemy.exe
[2010/10/16 20:37:49 | 000,000,435 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/10/16 20:37:49 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2040.DAT
[2010/08/25 20:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 20:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 20:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/08/11 22:07:36 | 000,000,000 | ---- | C] () -- C:\Users\Clayton\AppData\Roaming\wklnhst.dat
[2010/07/10 15:09:26 | 000,169,934 | ---- | C] () -- C:\Windows\hpoins14.dat.temp
[2010/07/10 15:09:26 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat.temp
[2010/02/23 03:14:54 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2010/02/23 03:14:54 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010/02/23 03:14:54 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2010/02/23 03:14:54 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2010/01/02 01:06:23 | 001,749,376 | ---- | C] () -- C:\Windows\SysWow64\drivers\snp2uvc.sys
[2010/01/02 01:06:23 | 000,028,032 | ---- | C] () -- C:\Windows\SysWow64\drivers\sncduvc.sys
[2010/01/02 01:06:21 | 001,749,376 | ---- | C] () -- C:\Windows\SysWow64\snp2uvc.sys
[2010/01/02 01:06:20 | 000,028,032 | ---- | C] () -- C:\Windows\SysWow64\sncduvc.sys
[2010/01/02 01:06:19 | 000,000,131 | ---- | C] () -- C:\Windows\SysWow64\PidList.ini
[2009/12/30 20:36:53 | 000,000,437 | ---- | C] () -- C:\Users\Clayton\AppData\Roaming\ImageTuner.ini
[2009/12/25 16:32:38 | 000,000,019 | ---- | C] () -- C:\Windows\popcinfo.dat
[2009/12/25 12:15:52 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/12/25 10:37:16 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/11/06 23:01:12 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 21:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\SysWow64\PSIService.exe

< End of report >

OTL Extras logfile created on: 6/16/2011 12:29:51 AM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Clayton\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: M/dd/yy

3.93 Gb Total Physical Memory | 2.08 Gb Available Physical Memory | 52.91% Memory free
7.86 Gb Paging File | 5.92 Gb Available in Paging File | 75.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.99 Gb Total Space | 230.78 Gb Free Space | 80.70% Space Free | Partition Type: NTFS

Computer Name: CLAYTON-PC | User Name: Clayton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3939859704-664869843-1754823899-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HDMI" = Intel® Graphics Media Accelerator Driver
"Lexmark Z500-Z600 Series" = Lexmark Z500-Z600 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 18
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye Webcam Video Class Camera
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{5A88C46B-C38D-48C6-BE6D-BBC92BC30DAA}" = Livestream Procaster
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{7E48AFD3-F28A-4E54-99A8-9F3A4A27DBC4}" = Brother MFL-Pro Suite MFC-240C
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.4 MUI
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5408C28-8D1F-4D65-AA49-02FBD56136FF}" = WolfQuest
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"AIM_7" = AIM 7
"avast" = avast! Free Antivirus
"Game Booster_is1" = Game Booster
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"IObit Security 360_is1" = IObit Security 360
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus!" = Messenger Plus! 5
"mIRC" = mIRC
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"OpenAL" = OpenAL
"pepakura_viewer3en" = Pepakura Viewer 3
"Smart Defrag 2_is1" = Smart Defrag 2
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Tablet Driver" = Tablet
"The Endless Forest_is1" = The Endless Forest
"WildTangent acer Master Uninstall" = Acer Games
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Zoo Tycoon 2" = Zoo Tycoon 2

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 1/1/2010 4:50:32 AM | Computer Name = Clayton-PC | Source = avast! | ID = 33554522
Description =

Error - 1/5/2010 7:39:52 AM | Computer Name = Clayton-PC | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 6/1/2011 5:47:19 AM | Computer Name = Clayton-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/06/01 05:47:19.208]: [00004992]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 6/1/2011 5:47:20 AM | Computer Name = Clayton-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/06/01 05:47:20.708]: [00004992]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 6/1/2011 5:47:22 AM | Computer Name = Clayton-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/06/01 05:47:22.208]: [00004992]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 6/1/2011 5:47:23 AM | Computer Name = Clayton-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/06/01 05:47:23.709]: [00004992]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 6/1/2011 5:47:25 AM | Computer Name = Clayton-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/06/01 05:47:25.209]: [00004992]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 6/1/2011 5:47:26 AM | Computer Name = Clayton-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/06/01 05:47:26.709]: [00004992]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 6/1/2011 5:47:28 AM | Computer Name = Clayton-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/06/01 05:47:28.209]: [00004992]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 6/1/2011 5:47:29 AM | Computer Name = Clayton-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/06/01 05:47:29.709]: [00004992]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 6/1/2011 5:47:31 AM | Computer Name = Clayton-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/06/01 05:47:31.209]: [00004992]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 6/1/2011 5:47:32 AM | Computer Name = Clayton-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2011/06/01 05:47:32.709]: [00004992]: lperrcode->api
= 1 , lperrcode->code = 2

[ System Events ]
Error - 6/6/2011 11:40:53 PM | Computer Name = Clayton-PC | Source = DCOM | ID = 10005
Description =

Error - 6/6/2011 11:40:53 PM | Computer Name = Clayton-PC | Source = DCOM | ID = 10005
Description =

Error - 6/6/2011 11:40:53 PM | Computer Name = Clayton-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 6/6/2011 11:40:53 PM | Computer Name = Clayton-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 6/6/2011 11:40:53 PM | Computer Name = Clayton-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 6/6/2011 11:40:53 PM | Computer Name = Clayton-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 6/6/2011 11:40:53 PM | Computer Name = Clayton-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 6/6/2011 11:40:53 PM | Computer Name = Clayton-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 6/6/2011 11:40:53 PM | Computer Name = Clayton-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 6/6/2011 11:40:53 PM | Computer Name = Clayton-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068


< End of report >

Unhide by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2011 Bleepingcomputer.com

Please be patient while your files are made visible again.

Processing C:\

Yes, please proceed with the next instruction in my previous post.

Also, what items are missing from your Start Menu.

========== SERVICES/DRIVERS ==========
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3939859704-664869843-1754823899-1000\Software\Microsoft\Windows\CurrentVersion\Run\\kqAIrvwyxLeS deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3939859704-664869843-1754823899-1000\Software\Microsoft\Windows\CurrentVersion\Run\\RESTART_STICKY_NOTES deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3939859704-664869843-1754823899-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Clayton\AppData\Local\{75D534A6-8FB2-474A-9C31-3397F59A4F82} folder moved successfully.
C:\Users\Clayton\AppData\Local\{3CF89C04-4C8D-46BA-81FE-7DB59B0CDCAF} folder moved successfully.
C:\Users\Clayton\AppData\Local\{44320DE1-2F65-4590-A75E-6A05F6DDE1B4} folder moved successfully.
C:\Users\Clayton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery folder moved successfully.
C:\Users\Clayton\AppData\Local\{A083B687-7E59-40C3-A6CA-7D59F89B83FB} folder moved successfully.
C:\Users\Clayton\AppData\Local\{8E7A525C-ED44-4104-8B1D-8F1119F6E131} folder moved successfully.
C:\Users\Clayton\AppData\Local\{94165CAC-8DA2-49CC-84A4-B1509B414B3D} folder moved successfully.
C:\Users\Clayton\AppData\Local\{7502FF34-F202-4A57-8228-C7036A0A1663} folder moved successfully.
C:\Users\Clayton\AppData\Local\{D29838DA-CF10-4254-AE30-1153681BC57F} folder moved successfully.
C:\Users\Clayton\AppData\Local\{95A43BD8-0D0D-4FA9-A6A1-0168910C996E} folder moved successfully.
C:\Users\Clayton\AppData\Local\{63435288-AC88-452E-A9E1-FBEFD1F49440} folder moved successfully.
C:\Users\Clayton\AppData\Local\{E8684CD6-0947-4DAC-96B6-7ED591BA204D} folder moved successfully.
C:\Users\Clayton\AppData\Local\{6A6EBB4E-777A-4155-9B74-BF71F9E80C87} folder moved successfully.
C:\Users\Clayton\AppData\Local\{0AD9B49F-3F11-4EA7-A4C5-6C87DAD6AB6E} folder moved successfully.
C:\Users\Clayton\AppData\Local\{455F2E9B-FCFD-4EA3-BC1F-EE4735D9B259} folder moved successfully.
C:\Users\Clayton\AppData\Local\{54BDF48E-0121-4819-BC0A-392C7ABCD7B4} folder moved successfully.
C:\Users\Clayton\AppData\Local\{A375F1B0-542F-4F21-8B9B-8149F494B853} folder moved successfully.
C:\Users\Clayton\AppData\Local\{0A5EE18C-EBD9-414A-B0B5-DF32DF861859} folder moved successfully.
C:\Users\Clayton\AppData\Local\{3101D79B-1F58-4B63-8B20-636ED718D2E3} folder moved successfully.
C:\Users\Clayton\AppData\Local\{0F089FA5-0413-4F50-A14C-2940131F48D2} folder moved successfully.
C:\Users\Clayton\AppData\Local\{8D32F69D-6901-4259-A3F0-1E2095BA3DF3} folder moved successfully.
C:\Users\Clayton\AppData\Local\{174F2CA2-AFA8-4FCD-8CC1-6475ED34194E} folder moved successfully.
C:\Users\Clayton\AppData\Local\{4F37226C-565B-459B-BC9F-BB46F930A8EE} folder moved successfully.
C:\Users\Clayton\AppData\Local\{B1816854-F44B-4464-AEF9-9B9CF8F8CEFC} folder moved successfully.
C:\ProgramData\~19781860r moved successfully.
C:\ProgramData\~19781860 moved successfully.
C:\Users\Clayton\Desktop\Windows 7 Recovery.lnk moved successfully.
C:\ProgramData\19781860 moved successfully.
C:\ProgramData\19781860.exe moved successfully.
File C:\ProgramData\~19781860r not found.
File C:\ProgramData\~19781860 not found.
File C:\Users\Clayton\Desktop\Windows 7 Recovery.lnk not found.
File C:\ProgramData\19781860 not found.
File C:\ProgramData\19781860.exe not found.
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Clayton\Desktop\cmd.bat deleted successfully.
C:\Users\Clayton\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.24.0 log created on 06162011_202108

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6873

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

6/16/11 8:42:14 PM
mbam-log-2011-06-16 (20-42-14).txt

Scan type: Quick scan
Objects scanned: 165253
Time elapsed: 4 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

C:\Users\Clayton\AppData\Local\Mozilla\Firefox\Profiles\7j8lb8zu.default\Cache\3\2D\76371d01 JS/Kryptik.AQ.Gen trojan
C:\Users\Clayton\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\e2648a4-424a29d7 multiple threats
C:\Users\Clayton\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\6e45fa36-18aafb6e Java/TrojanDownloader.OpenStream.NCA trojan
C:\Users\Clayton\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\48d91209-27c07d2a a variant of Win32/Kryptik.NYJ trojan
C:\Users\Clayton\Downloads\MsgPlusLive-483.exe a variant of Win32/Adware.CiDHelp application
C:\Users\Clayton\Downloads\MsgPlusLive-490(2).exe a variant of Win32/MessengerPlus application
C:\Users\Clayton\Downloads\MsgPlusLive-490.exe a variant of Win32/MessengerPlus application
C:\_OTL\MovedFiles\06162011_202108\C_ProgramData\19781860.exe a variant of Win32/Kryptik.OWH trojan

Results of screen317's Security Check version 0.99.13
Windows 7 (UAC is disabled!)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Free Antivirus
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java™ 6 Update 18
Out of date Java installed!
Adobe Flash Player 10.3.181.14
Adobe Reader 9.4.5 MUI
Out of date Adobe Reader installed!
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Symantec Norton Online Backup NOBuAgent.exe
Symantec Norton Online Backup NOBuClient.exe
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 AvastUI.exe
``````````End of Log````````````

C:\_OTL\MovedFiles\06162011_202108\C_ProgramData\19781860.exe a variant of Win32/Kryptik.OWH trojan

C:\Users\Clayton\AppData\Local\Mozilla\Firefox\Profiles\7j8lb8zu.default\Cache\3\2D\76371d01 JS/Kryptik.AQ.Gen trojan
C:\Users\Clayton\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\e2648a4-424a29d7 multiple threats
C:\Users\Clayton\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\6e45fa36-18aafb6e Java/TrojanDownloader.OpenStream.NCA trojan
C:\Users\Clayton\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\48d91209-27c07d2a a variant of Win32/Kryptik.NYJ trojan