DDS (Ver_09-11-24.02) - NTFSX64
Run by Kirk Lee at 21:53:29.77 on 27/11/2009
Internet Explorer: 8.0.6001.18828
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.2.1033.18.3998.2282 [GMT -7:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_7477fb4c\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files (x86)\a-squared Free\a2service.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_7477fb4c\AESTSr64.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Cepstral\bin\CepstralLicSrv.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\taskeng.exe
C:\Users\Kirk Lee\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kirk Lee\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Kirk Lee\Desktop\dds.scr
C:\Windows\SysWOW64\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = *.local
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\adobe cs4\/Adobe Contribute CS4/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\adobe cs4\/Adobe Contribute CS4/contributeieplugin.dll
uRun: [AdobeBridge]
uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
uRun: [SUPERAntiSpyware] c:\program files (x86)\superantispyware\SUPERAntiSpyware.exe
uRun: [Google Update] "c:\users\kirk lee\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [avgnt] "c:\program files (x86)\avira\antivir desktop\avgnt.exe" /min
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~2\micros~2\office12\EXCEL.EXE/3000
IE: Save YouTube Video as MP3 - c:\program files (x86)\common files\dvdvideosoft\dll\IEContextMenuY.dll/scriptY2MP3.htm
IE: Sothink SWF Catcher - c:\program files (x86)\common files\sourcetec\swf catcher\InternetExplorer.htm
IE: {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - c:\program files (x86)\common files\sourcetec\swf catcher\InternetExplorer.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: !SASWinLogon - c:\program files (x86)\superantispyware\SASWINLO.dll
AppInit_DLLs: c:\windows\syswow64\guard32.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files (x86)\superantispyware\SASSEH.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files (x86)\common files\lightscribe\LSRunOnce.exe"
BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
mRun-x64: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
AppInit_DLLs-X64: c:\windows\system32\guard64.dll
============= SERVICES / DRIVERS ===============
R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\PxHlpa64.sys [2009-11-21 54480]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-11-27 118600]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-11-27 33128]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt64.inf_7477fb4c\AESTSr64.exe [2009-8-12 88576]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\avira\antivir desktop\sched.exe [2009-11-27 108289]
R2 Cepstral License Server;Cepstral License Server;c:\program files (x86)\cepstral\bin\CepstralLicSrv.exe [2008-6-25 57344]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2008-3-18 23040]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files (x86)\sminst\BLService.exe [2009-3-20 365952]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-12-30 68608]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-9-21 126464]
R3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\drivers\NETw5v64.sys [2009-8-12 4828672]
S1 SASDIFSV;SASDIFSV;c:\program files (x86)\superantispyware\sasdifsv.sys [2009-11-23 9968]
S1 SASKUTIL;SASKUTIL;c:\program files (x86)\superantispyware\SASKUTIL.SYS [2009-11-23 74480]
S2 Norton Internet Security;Norton Internet Security;"c:\program files (x86)\norton internet security\engine\16.0.0.125\ccsvchst.exe" /s "norton internet security" /m "c:\program files (x86)\norton internet security\engine\16.0.0.125\dimaster.dll" /prefetch:1 --> c:\program files (x86)\norton internet security\engine\16.0.0.125\ccSvcHst.exe [?]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-8-31 93184]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\common files\macrovision shared\flexnet publisher\FNPLicensingService64.exe [2009-11-21 1038088]
S3 NETw3v64;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\drivers\NETw3v64.sys [2008-1-20 3154432]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-20 19968]
S3 SASENUM;SASENUM;c:\program files (x86)\superantispyware\SASENUM.SYS [2009-11-23 7408]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk60x64.sys [2006-11-2 273408]
============== File Associations ===============
JSEFile=c:\windows\syswow64\WScript.exe "%1" %*
=============== Created Last 30 ================
2009-11-28 03:27:46 0 d-----w- c:\programdata\Comodo
2009-11-28 03:27:43 33128 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-11-28 03:27:43 239616 ----a-w- c:\windows\system32\guard64.dll
2009-11-28 03:27:43 171552 ----a-w- c:\windows\syswow64\guard32.dll
2009-11-28 03:27:43 118600 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-11-28 03:27:43 0 d-----w- c:\program files\COMODO
2009-11-28 03:08:32 73048 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-28 03:08:31 0 d-----w- c:\programdata\Avira
2009-11-28 03:08:31 0 d-----w- c:\program files (x86)\Avira
2009-11-28 02:49:24 0 d-----w- c:\program files (x86)\SUPERAntiSpyware
2009-11-28 02:49:02 0 d-----w- c:\program files (x86)\common files\Wise Installation Wizard
2009-11-28 02:47:09 0 d-----w- c:\program files (x86)\Trend Micro
2009-11-27 23:48:07 2048 ----a-w- c:\windows\syswow64\tzres.dll
2009-11-27 23:48:07 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-24 23:24:44 0 d-----w- c:\users\kirkle~1\appdata\roaming\Azureus
2009-11-24 23:23:24 1875456 ----a-w- c:\windows\system32\msxml3.dll
2009-11-24 23:23:23 1794560 ----a-w- c:\windows\system32\msxml6.dll
2009-11-24 23:23:22 1399296 ----a-w- c:\windows\syswow64\msxml6.dll
2009-11-24 23:23:20 1257472 ----a-w- c:\windows\syswow64\msxml3.dll
2009-11-24 23:23:06 880640 ----a-w- c:\windows\system32\timedate.cpl
2009-11-24 23:23:06 714240 ----a-w- c:\windows\syswow64\timedate.cpl
2009-11-23 01:29:10 65536 --sha-w- c:\users\kirk lee\NTUSER.DAT{86496397-d7cf-11de-a18f-00235abdd827}.TM.blf
2009-11-23 01:29:10 524288 --sha-w- c:\users\kirk lee\NTUSER.DAT{86496397-d7cf-11de-a18f-00235abdd827}.TMContainer00000000000000000002.regtrans-ms
2009-11-23 01:29:10 524288 --sha-w- c:\users\kirk lee\NTUSER.DAT{86496397-d7cf-11de-a18f-00235abdd827}.TMContainer00000000000000000001.regtrans-ms
2009-11-22 20:55:19 0 d-----w- c:\program files (x86)\Cepstral
2009-11-22 20:50:53 0 d-----w- c:\users\kirkle~1\appdata\roaming\NCH Software
2009-11-22 20:49:05 0 d-----w- c:\program files (x86)\ScanSoft
2009-11-22 20:38:38 0 d-----w- c:\program files (x86)\eSpeak
2009-11-22 20:25:12 0 d-----w- c:\program files (x86)\NCH Swift Sound
2009-11-21 20:47:09 0 d-----w- c:\programdata\ALM
2009-11-21 20:43:08 54480 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2009-11-21 20:43:08 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2009-11-21 20:43:08 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2009-11-21 20:43:07 0 d-----w- c:\program files (x86)\common files\Sonic Shared
2009-11-21 20:28:20 0 d-----w- c:\program files\common files\Macrovision Shared
2009-11-21 20:23:29 0 d-----w- C:\Adobe CS4
2009-11-21 00:04:28 0 d-----w- c:\programdata\NCH Swift Sound
2009-11-16 03:51:29 884 ----a-w- c:\users\kirk lee\.recently-used.xbel
2009-11-11 04:06:02 437248 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-11 04:06:02 351232 ----a-w- c:\windows\syswow64\WSDApi.dll
2009-11-11 04:06:00 2749952 ----a-w- c:\windows\system32\win32k.sys
2009-11-10 23:37:03 0 d-----w- c:\programdata\Minnetonka Audio Software
2009-11-08 23:49:58 0 d-----w- c:\program files (x86)\common files\Macrovision Shared
2009-11-06 01:40:49 0 d-----w- c:\programdata\WindowsSearch
2009-11-04 23:34:49 5939712 ----a-w- c:\windows\syswow64\mshtml.dll
2009-11-04 23:34:47 1638912 ----a-w- c:\windows\syswow64\mshtml.tlb
2009-11-04 23:34:47 1638912 ----a-w- c:\windows\system32\mshtml.tlb
==================== Find3M ====================
2009-11-28 03:39:25 672380 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-28 03:39:25 127578 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-28 03:29:44 86016 ----a-w- c:\windows\inf\infstrng.dat
2009-11-28 03:29:44 51200 ----a-w- c:\windows\inf\infpub.dat
2009-11-28 03:29:42 86016 ----a-w- c:\windows\inf\infstor.dat
2009-11-03 03:42:06 226688 ------w- c:\windows\system32\MpSigStub.exe
2009-10-04 20:33:33 695578 ----a-w- c:\windows\syswow64\unins000.exe
2009-09-10 17:53:48 268800 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 17:33:02 10624000 ----a-w- c:\windows\syswow64\wmp.dll
2009-09-10 17:30:12 213504 ----a-w- c:\windows\syswow64\msv1_0.dll
2009-09-10 15:48:45 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-09-10 15:48:17 372736 ----a-w- c:\windows\system32\unregmp2.exe
2009-09-10 15:21:53 8147456 ----a-w- c:\windows\syswow64\wmploc.DLL
2009-09-10 15:21:07 310784 ----a-w- c:\windows\syswow64\unregmp2.exe
2009-09-04 12:52:46 82944 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 12:24:34 61440 ----a-w- c:\windows\syswow64\msasn1.dll
2009-08-31 14:12:46 375808 ----a-w- c:\windows\system32\psisdecd.dll
2009-08-31 14:12:39 558592 ----a-w- c:\windows\system32\EncDec.dll
2009-08-31 13:55:50 293376 ----a-w- c:\windows\syswow64\psisdecd.dll
2009-08-31 13:55:46 428544 ----a-w- c:\windows\syswow64\EncDec.dll
2009-03-20 12:04:40 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-03-20 11:30:11 37390 ----a-w- c:\windows\inf\perflib\040c\perfd.dat
2009-03-20 11:30:11 37390 ----a-w- c:\windows\inf\perflib\040c\perfc.dat
2009-03-20 11:30:11 340236 ----a-w- c:\windows\inf\perflib\040c\perfi.dat
2009-03-20 11:30:11 340236 ----a-w- c:\windows\inf\perflib\040c\perfh.dat
2008-01-21 03:21:59 174 --sha-w- c:\program files\desktop.ini
2008-01-21 03:21:59 174 --sha-w- c:\program files (x86)\desktop.ini
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-03-20 11:48:58 8192 --sha-w- c:\windows\users\default\NTUSER.DAT
============= FINISH: 21:54:20.33 ===============
---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:45:32 PM, on 27/11/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Adobe CS4\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Adobe CS4\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kirk Lee\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_7477fb4c\AESTSr64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Cepstral License Server - Cepstral, LLC - C:\Program Files (x86)\Cepstral\bin\CepstralLicSrv.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_7477fb4c\STacSV64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8954 bytes
~Thank you, help would be much appreciated~