1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help cleaning computer

Discussion in 'Virus & Other Malware Removal' started by computer_weasel, Feb 23, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. computer_weasel

    computer_weasel Thread Starter

    Joined:
    Sep 28, 2011
    Messages:
    41
    Hi Everyone,

    I recently got help on this forum to clean my laptop, which had a couple of undesirables on it. My desktop is running fine but I presume it could be infected with the same stuff that was on the laptop. Would somebody please help me check the desktop for stuff that antivirus might miss?

    Cheers!
    Maya
     
  2. Cheeseball81

    Cheeseball81 Moderator Malware Specialist

    Joined:
    Mar 3, 2004
    Messages:
    83,939
    Hi Maya! Sure we can take a look.

    Click here to download HijackThis.exe
    • Save it to your desktop.
    • Doubleclick on the HijackThis.exe icon on your desktop.
    • Click on Install.
    • Once installed, it will launch Hijackthis.
    • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and Paste the log in your next reply.
    • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
     
  3. computer_weasel

    computer_weasel Thread Starter

    Joined:
    Sep 28, 2011
    Messages:
    41
    Great! ok:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:00:37 AM, on 25/02/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Lexmark 2500 Series\lxddmon.exe
    C:\Program Files (x86)\Lexmark 2500 Series\lxddamon.exe
    C:\Program Files (x86)\Windows Sidebar\sidebar.exe
    C:\ProgramData\GameXN\GameXNGO.exe
    C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
    C:\Users\The Weasel\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
    C:\Program Files (x86)\CyberLink\Shared files\brs.exe
    C:\Program Files (x86)\AVG\AVG9\avgtray.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
    C:\Program Files (x86)\Freecorder\FLVSrvc.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
    C:\Program Files (x86)\Memeo\AutoBackup\MemeoUpdater.exe
    C:\Program Files (x86)\Opera\opera.exe
    C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
    C:\Users\The Weasel\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
    R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll
    O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
    O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player

    \npdivx32.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
    O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:

    \Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: CStat - {DD92DE22-ED91-4560-B788-DEE2B26612E6} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\IEHelper.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
    O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
    O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe
    O4 - HKLM\..\Run: [InstantBurn] C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go"

    UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector"

    UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
    O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
    O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
    O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
    O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer"

    UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
    O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite"

    UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
    O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    O4 - HKLM\..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\RunOnce: [GBTUpd] C:\Program Files (x86)\GIGABYTE\GBTUpd\PreRun.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
    O4 - HKCU\..\Run: [GameXN (update)] "C:\ProgramData\GameXN\GameXNGO.exe" /u
    O4 - HKCU\..\Run: [GameXN (news)] "C:\ProgramData\GameXN\GameXNGO.exe" /n
    O4 - HKCU\..\Run: [GameXN] "C:\ProgramData\GameXN\GameXNGO.exe" /silent
    O4 - Startup: Dropbox.lnk = The Weasel\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: Nikon Monitor.lnk = C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
    O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX

    \AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
    O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: lxddCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxddserv.exe
    O23 - Service: lxdd_device - - C:\Windows\system32\lxddcoms.exe
    O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of
     

    Attached Files:

  4. Cheeseball81

    Cheeseball81 Moderator Malware Specialist

    Joined:
    Mar 3, 2004
    Messages:
    83,939
    Please download DDS by sUBs to your desktop from one of the following locations:

    http://download.bleepingcomputer.com/sUBs/dds.scr
    http://www.forospyware.com/sUBs/dds

    Disable any script blocker you may have, as they may interfere and then double-click the DDS.scr to run the tool.

    When DDS has finished scanning, it will open two logs named as follows:

    DDS.txt
    Attach.txt



    Copy and paste the contents of the DDS.txt file.
    Upload as an attachment the Attach.txt file.


    ======================================================================================

    Please download Malwarebytes' Anti-Malware from Here or Here

    Double click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note:
    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
     
  5. computer_weasel

    computer_weasel Thread Starter

    Joined:
    Sep 28, 2011
    Messages:
    41
    can't work out, how do I disable script blocker?
     
  6. Cheeseball81

    Cheeseball81 Moderator Malware Specialist

    Joined:
    Mar 3, 2004
    Messages:
    83,939
    Since it's AVG, you probably need to temporarily disable the resident shield
     
  7. computer_weasel

    computer_weasel Thread Starter

    Joined:
    Sep 28, 2011
    Messages:
    41
    ok, disabled resident shield but when I run dds it says "This program cannot be run in DOS mode". What do I do?
     
  8. Cheeseball81

    Cheeseball81 Moderator Malware Specialist

    Joined:
    Mar 3, 2004
    Messages:
    83,939
    Let's try this instead

    Download OTL to your Desktop. Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted. Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    Please post both logfiles in your next reply.
     
  9. computer_weasel

    computer_weasel Thread Starter

    Joined:
    Sep 28, 2011
    Messages:
    41
    OTL logfile created on: 27/02/2012 1:14:16 PM - Run 1
    OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\The Weasel\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

    7.99 Gb Total Physical Memory | 5.89 Gb Available Physical Memory | 73.72% Memory free
    15.98 Gb Paging File | 13.57 Gb Available in Paging File | 84.89% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 931.41 Gb Total Space | 87.39 Gb Free Space | 9.38% Space Free | Partition Type: NTFS
    Drive F: | 1.89 Gb Total Space | 1.79 Gb Free Space | 94.53% Space Free | Partition Type: FAT

    Computer Name: THEWEASEL-PC | User Name: The Weasel | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/02/27 11:13:12 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\The Weasel\Desktop\OTL.exe
    PRC - [2012/02/24 11:07:22 | 000,347,008 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\GameXN\GameXNGO.exe
    PRC - [2012/02/15 10:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\The Weasel\AppData\Roaming\Dropbox\bin\Dropbox.exe
    PRC - [2012/01/27 20:23:11 | 002,077,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
    PRC - [2011/06/06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2011/04/23 09:36:55 | 000,311,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
    PRC - [2011/03/22 05:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    PRC - [2011/01/25 05:36:28 | 000,085,272 | ---- | M] (Memeo Inc.) -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoUpdater.exe
    PRC - [2011/01/25 05:35:30 | 000,324,320 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
    PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    PRC - [2010/12/29 11:26:10 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
    PRC - [2010/12/09 08:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
    PRC - [2010/11/25 18:49:45 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
    PRC - [2010/11/20 23:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
    PRC - [2010/07/21 23:03:59 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
    PRC - [2010/07/17 18:03:06 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
    PRC - [2010/06/27 03:09:18 | 000,167,936 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files (x86)\Freecorder\FLVSrvc.exe
    PRC - [2010/02/03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    PRC - [2009/07/06 15:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
    PRC - [2009/07/03 12:27:34 | 000,681,256 | ---- | M] (CyberLink Corporation.) -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
    PRC - [2009/06/22 20:47:18 | 000,212,232 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
    PRC - [2009/06/03 20:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    PRC - [2009/04/27 13:37:18 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\lxddamon.exe
    PRC - [2009/04/27 13:37:16 | 000,291,496 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\lxddmon.exe
    PRC - [2008/07/03 17:06:46 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
    PRC - [2008/03/25 17:21:56 | 000,219,656 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe


    ========== Modules (No Company Name) ==========

    MOD - [2011/11/15 16:18:22 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\08d608378aa405adc844f3cf36974b8c\Microsoft.VisualBasic.ni.dll
    MOD - [2011/11/15 16:17:28 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\System.Management.ni.dll
    MOD - [2011/11/15 16:16:34 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\20008c75bb41e2febf84d4d4aea5b4e8\System.ServiceProcess.ni.dll
    MOD - [2011/11/15 16:16:29 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
    MOD - [2011/11/15 16:16:07 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1e85062785e286cd9eae9c26d2c61f73\System.Data.ni.dll
    MOD - [2011/11/15 16:16:03 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
    MOD - [2011/11/15 16:16:01 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\da5da08245467818759aa44c4eb948e1\System.Web.ni.dll
    MOD - [2011/11/15 16:15:52 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
    MOD - [2011/11/15 16:15:38 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
    MOD - [2011/11/15 16:15:35 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
    MOD - [2011/11/15 16:15:34 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
    MOD - [2011/11/15 16:15:29 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
    MOD - [2011/03/22 05:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    MOD - [2011/03/22 05:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    MOD - [2011/02/27 19:06:56 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
    MOD - [2011/01/25 05:35:58 | 002,896,608 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll
    MOD - [2011/01/25 05:35:54 | 000,026,848 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
    MOD - [2011/01/25 05:35:30 | 000,324,320 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
    MOD - [2010/11/05 12:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
    MOD - [2010/03/23 09:59:46 | 000,504,293 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.dll
    MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2009/07/23 11:08:48 | 002,236,487 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
    MOD - [2009/07/22 18:57:56 | 000,262,144 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.dll
    MOD - [2009/07/07 15:37:48 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
    MOD - [2009/07/02 16:00:02 | 000,327,747 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\work.dll
    MOD - [2009/06/16 16:06:12 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
    MOD - [2009/06/03 20:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
    MOD - [2009/06/03 20:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
    MOD - [2009/04/27 13:37:18 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\lxddamon.exe
    MOD - [2009/04/27 13:37:16 | 000,291,496 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\lxddmon.exe
    MOD - [2009/04/16 14:31:28 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
    MOD - [2009/03/13 11:30:44 | 000,109,096 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
    MOD - [2009/02/23 00:21:28 | 004,296,704 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\AODAPI.dll
    MOD - [2008/09/01 14:26:32 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
    MOD - [2008/05/16 12:35:22 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\App4R.Monitor.Core.dll
    MOD - [2008/05/16 12:35:22 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\App4R.Monitor.Common.dll
    MOD - [2008/05/16 12:34:18 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.dll
    MOD - [2008/05/07 15:22:58 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
    MOD - [2008/03/25 17:21:56 | 000,219,656 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
    MOD - [2007/04/30 08:20:26 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll
    MOD - [2007/04/30 08:19:52 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\App4R.DevMons.ScanDevMon.dll
    MOD - [2007/04/30 08:19:48 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\App4R.DevMons.NetworkCardDevMon.dll
    MOD - [2007/04/10 15:01:02 | 008,357,424 | ---- | M] () -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\Res.dll
    MOD - [2007/03/06 08:16:48 | 000,589,824 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\lxdddatr.dll
    MOD - [2007/01/09 17:10:06 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\lxddscw.dll
    MOD - [2006/12/28 11:47:42 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2500 Series\lxddcats.dll
    MOD - [2006/10/04 15:25:42 | 000,651,334 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\aticlocklib.dll
    MOD - [2003/02/14 14:11:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2011/05/25 14:03:38 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2010/03/17 19:32:49 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
    SRV:64bit: - [2009/07/14 12:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2007/05/25 09:42:22 | 000,034,224 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxddserv.exe -- (lxddCATSCustConnectService)
    SRV:64bit: - [2007/05/25 09:42:12 | 000,567,216 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxddcoms.exe -- (lxdd_device)
    SRV - [2011/06/06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/01/25 05:35:36 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
    SRV - [2010/11/20 23:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
    SRV - [2010/11/20 23:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
    SRV - [2010/11/20 23:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
    SRV - [2010/07/21 23:03:59 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc)
    SRV - [2010/07/17 18:03:06 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
    SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/13 21:20:48 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
    SRV - [2009/06/22 20:47:18 | 000,212,232 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
    SRV - [2009/06/11 08:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2007/05/25 09:41:38 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxddcoms.exe -- (lxdd_device)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/09/17 10:08:41 | 000,035,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
    DRV:64bit: - [2011/06/07 09:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
    DRV:64bit: - [2011/05/25 15:26:56 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
    DRV:64bit: - [2011/05/25 15:26:56 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
    DRV:64bit: - [2011/05/25 13:25:42 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
    DRV:64bit: - [2011/05/06 22:52:35 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
    DRV:64bit: - [2011/02/16 18:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2010/11/20 22:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/09/28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2010/09/02 12:48:40 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
    DRV:64bit: - [2010/07/17 18:02:40 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
    DRV:64bit: - [2010/06/10 10:01:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
    DRV:64bit: - [2010/04/19 21:29:18 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
    DRV:64bit: - [2010/03/25 17:51:03 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
    DRV:64bit: - [2010/01/29 01:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV:64bit: - [2009/07/18 02:32:04 | 000,109,408 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
    DRV:64bit: - [2009/07/14 12:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2009/07/14 12:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2009/07/14 12:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 12:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 12:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/07/14 12:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/14 11:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
    DRV:64bit: - [2009/07/14 11:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
    DRV:64bit: - [2009/07/14 11:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
    DRV:64bit: - [2009/06/30 15:59:22 | 000,024,560 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLBStor.sys -- (CLBStor)
    DRV:64bit: - [2009/06/30 15:59:20 | 000,372,720 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\CLBUDF.sys -- (CLBUDF)
    DRV:64bit: - [2009/06/11 07:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/11 07:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/11 07:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/11 07:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2007/07/23 22:00:18 | 000,009,216 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\etScan64.sys -- (ScanUSBET)
    DRV:64bit: - [2007/07/23 21:59:12 | 000,527,744 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\etDevice64.sys -- (DCamUSBET)
    DRV:64bit: - [2007/06/14 17:11:12 | 000,281,088 | ---- | M] (eMPIA Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\etFilter64.sys -- (FiltUSBET)
    DRV:64bit: - [2007/01/25 13:17:38 | 000,271,872 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sis163u.sys -- (SIS163u)
    DRV - [2012/02/27 10:59:49 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
    DRV - [2012/02/27 10:59:31 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
    DRV - [2011/01/01 22:08:45 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
    DRV - [2010/12/29 11:26:08 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/09/17 02:08:46] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
    DRV - [2010/03/25 17:51:03 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
    DRV - [2009/09/01 17:59:44 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/03/10 22:24:59] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
    DRV - [2009/07/14 12:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009/02/23 00:21:54 | 000,014,904 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys -- (AODDriver)
    DRV - [2006/07/19 12:25:10 | 000,014,608 | R--- | M] (ATI Technologies Inc.) [Kernel | Disabled | Running] -- C:\Program Files (x86)\GIGABYTE\ET6\atillk64.sys -- (atillk64)
    DRV - [2006/07/19 12:25:10 | 000,012,048 | R--- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\GIGABYTE\ET6\atidgllk.sys -- (atidgllk)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-AU
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 65 A4 A5 49 12 46 CC 01 [binary data]
    IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll (Conduit Ltd.)
    IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
    FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
    FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2
    FF - prefs.js..extensions.enabledItems: [email protected]otcom:1.0
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

    FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2011/09/24 18:24:38 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010/12/11 00:28:19 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010/12/11 00:28:19 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/27 16:54:27 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/17 10:05:56 | 000,000,000 | ---D | M]

    [2010/03/10 22:38:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Weasel\AppData\Roaming\Mozilla\Extensions
    [2011/05/12 16:57:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\The Weasel\AppData\Roaming\Mozilla\Firefox\Profiles\4o19956y.default\extensions
    [2010/04/29 23:50:25 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\The Weasel\AppData\Roaming\Mozilla\Firefox\Profiles\4o19956y.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
    [2011/02/10 06:44:04 | 000,000,000 | ---D | M] (vShare) -- C:\Users\The Weasel\AppData\Roaming\Mozilla\Firefox\Profiles\4o19956y.default\extensions\vshare@toolbar
    [2010/09/02 12:48:56 | 000,002,059 | ---- | M] () -- C:\Users\The Weasel\AppData\Roaming\Mozilla\Firefox\Profiles\4o19956y.default\searchplugins\daemon-search.xml
    [2010/04/30 23:37:15 | 000,001,244 | ---- | M] () -- C:\Users\The Weasel\AppData\Roaming\Mozilla\Firefox\Profiles\4o19956y.default\searchplugins\winamp-search.xml
    [2011/06/29 12:15:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2010/12/31 23:12:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
    [2010/06/15 18:09:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/08/11 12:06:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010/11/27 18:38:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    [2011/04/15 18:54:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    [2011/06/29 12:15:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    [2011/06/27 16:54:26 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2011/05/04 05:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2010/07/13 03:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
    [2011/05/12 22:54:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

    O1 HOSTS File: ([2010/04/30 15:56:09 | 000,001,798 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 activate.adobe.com
    O1 - Hosts: 127.0.0.1 practivate.adobe.com
    O1 - Hosts: 127.0.0.1 ereg.adobe.com
    O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
    O1 - Hosts: 127.0.0.1 wip3.adobe.com
    O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
    O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
    O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
    O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
    O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
    O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
    O1 - Hosts: 127.0.0.1 adobe.activate.com
    O1 - Hosts: 127.0.0.1 adobeereg.com
    O1 - Hosts: 127.0.0.1 www.adobeereg.com
    O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
    O1 - Hosts: 127.0.0.1 125.252.224.90
    O1 - Hosts: 127.0.0.1 125.252.224.91
    O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
    O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
    O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
    O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll (Conduit Ltd.)
    O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    O2 - BHO: (BHO Class) - {DD92DE22-ED91-4560-B788-DEE2B26612E6} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\IEHelper.dll (DeviceVM, Inc.)
    O3 - HKLM\..\Toolbar: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
    O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
    O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O3 - HKCU\..\Toolbar\WebBrowser: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files (x86)\Freecorder\tbFree.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [etMonitor] C:\Windows\etMon.exe File not found
    O4:64bit: - HKLM..\Run: [lxddamon] C:\Program Files (x86)\Lexmark 2500 Series\lxddamon.exe ()
    O4:64bit: - HKLM..\Run: [lxddmon.exe] C:\Program Files (x86)\Lexmark 2500 Series\lxddmon.exe ()
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
    O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
    O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe ()
    O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
    O4 - HKLM..\Run: [InstantBurn] C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.)
    O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
    O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
    O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKCU..\Run: [AdobeBridge] File not found
    O4 - HKCU..\Run: [GameXN] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
    O4 - HKCU..\Run: [GameXN (news)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
    O4 - HKCU..\Run: [GameXN (update)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
    O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
    O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
    O4 - HKLM..\RunOnce: [GBTUpd] C:\Program Files (x86)\GIGABYTE\GBTUpd\PreRun.exe (PreRun)
    O4 - Startup: C:\Users\The Weasel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\The Weasel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O4 - Startup: C:\Users\The Weasel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O8:64bit: - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
    O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
    O8:64bit: - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
    O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
    O8:64bit: - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
    O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
    O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FDD50CA-7B08-4E5F-934B-CA7700204EFD}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\vsharechrome - No CLSID value found
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
    O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/02/27 11:13:12 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\The Weasel\Desktop\OTL.exe
    [2012/02/26 20:13:25 | 000,000,000 | ---D | C] -- C:\Users\The Weasel\Desktop\Third Year
    [2012/02/26 14:38:46 | 000,000,000 | ---D | C] -- C:\Users\The Weasel\AppData\Roaming\AVG9
    [2012/02/25 17:29:39 | 000,607,260 | ---- | C] (Swearware) -- C:\Users\The Weasel\Desktop\dds.scr
    [2012/02/25 09:57:30 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\The Weasel\Desktop\HijackThis.exe
    [2012/02/24 11:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\GameXN
    [2012/02/24 11:07:03 | 000,000,000 | ---D | C] -- C:\Users\The Weasel\AppData\Roaming\go
    [2012/02/24 11:07:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO
    [2012/02/24 09:59:10 | 000,000,000 | ---D | C] -- C:\Users\The Weasel\Desktop\_Archive
    [2012/02/24 09:48:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2012/02/23 11:32:22 | 000,000,000 | ---D | C] -- C:\Users\The Weasel\Desktop\Print Me
    [2012/02/23 11:15:30 | 000,000,000 | ---D | C] -- C:\Users\The Weasel\Desktop\Centrelink Appeal Feb 2011
    [5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
    [5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
    [2 C:\Users\The Weasel\*.tmp files -> C:\Users\The Weasel\*.tmp -> ]
    [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/02/27 12:22:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/02/27 11:13:12 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\The Weasel\Desktop\OTL.exe
    [2012/02/27 11:06:22 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/02/27 11:06:22 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/02/27 11:03:56 | 093,563,539 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
    [2012/02/27 10:59:49 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
    [2012/02/27 10:59:49 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
    [2012/02/27 10:58:26 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/02/27 10:58:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/02/27 10:57:42 | 2140,790,783 | -HS- | M] () -- C:\hiberfil.sys
    [2012/02/26 14:15:22 | 000,854,178 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/02/26 14:15:22 | 000,719,888 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/02/26 14:15:22 | 000,143,642 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/02/25 17:29:45 | 000,607,260 | ---- | M] (Swearware) -- C:\Users\The Weasel\Desktop\dds.scr
    [2012/02/25 15:59:39 | 000,001,036 | ---- | M] () -- C:\Users\The Weasel\Desktop\Dropbox.lnk
    [2012/02/25 15:59:39 | 000,001,016 | ---- | M] () -- C:\Users\The Weasel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    [2012/02/25 10:44:25 | 000,019,126 | ---- | M] () -- C:\Users\The Weasel\Desktop\FILELOAD.pdf
    [2012/02/25 10:00:22 | 000,079,103 | ---- | M] () -- C:\Users\The Weasel\Desktop\hijackthis note.JPG
    [2012/02/25 09:57:30 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\The Weasel\Desktop\HijackThis.exe
    [2012/02/24 13:37:52 | 000,142,465 | ---- | M] () -- C:\Users\The Weasel\Desktop\About Thesis Year.JPG
    [2012/02/24 11:07:23 | 000,001,605 | ---- | M] () -- C:\Users\The Weasel\Desktop\Play games (GameXN).lnk
    [2012/02/23 08:10:38 | 000,227,865 | ---- | M] () -- C:\Users\The Weasel\Desktop\experiencing world.jpg
    [5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
    [5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
    [2 C:\Users\The Weasel\*.tmp files -> C:\Users\The Weasel\*.tmp -> ]
    [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/02/25 10:42:26 | 000,019,126 | ---- | C] () -- C:\Users\The Weasel\Desktop\FILELOAD.pdf
    [2012/02/25 10:00:22 | 000,079,103 | ---- | C] () -- C:\Users\The Weasel\Desktop\hijackthis note.JPG
    [2012/02/24 13:37:52 | 000,142,465 | ---- | C] () -- C:\Users\The Weasel\Desktop\About Thesis Year.JPG
    [2012/02/24 11:07:23 | 000,001,635 | ---- | C] () -- C:\Users\The Weasel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play games (GameXN).lnk
    [2012/02/24 11:07:23 | 000,001,605 | ---- | C] () -- C:\Users\The Weasel\Desktop\Play games (GameXN).lnk
    [2012/02/23 08:10:38 | 000,227,865 | ---- | C] () -- C:\Users\The Weasel\Desktop\experiencing world.jpg
    [2011/05/25 00:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
    [2011/04/20 13:38:17 | 000,002,048 | ---- | C] () -- C:\Users\The Weasel\AppData\Roaming\PhotobooksExpress.com.au Prefs
    [2011/03/18 04:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
    [2010/10/29 20:56:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2010/10/18 01:28:24 | 000,798,494 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010/05/20 01:59:58 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Grand Piano
    [2010/05/20 01:59:58 | 000,000,268 | RH-- | C] () -- C:\Users\The Weasel\AppData\Roaming\Galactic Static
    [2010/05/20 01:59:58 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
    [2010/05/19 23:14:07 | 000,000,600 | ---- | C] () -- C:\Users\The Weasel\AppData\Local\PUTTY.RND
    [2010/03/22 00:14:22 | 001,232,896 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddserv.dll
    [2010/03/22 00:14:22 | 000,999,424 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddusb1.dll
    [2010/03/22 00:14:22 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddpmui.dll
    [2010/03/22 00:14:22 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddinpa.dll
    [2010/03/22 00:14:22 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddiesc.dll
    [2010/03/22 00:14:22 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxddcomx.dll
    [2010/03/22 00:14:22 | 000,286,720 | ---- | C] () -- C:\Windows\SysWow64\LXDDinst.dll
    [2010/03/22 00:14:21 | 000,700,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddhbn3.dll
    [2010/03/22 00:14:21 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddcomc.dll
    [2010/03/22 00:14:21 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddlmpm.dll
    [2010/03/22 00:14:21 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddcoms.exe
    [2010/03/22 00:14:21 | 000,425,984 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddcomm.dll
    [2010/03/22 00:14:21 | 000,394,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddcfg.exe
    [2010/03/22 00:14:21 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddih.exe
    [2010/03/22 00:14:21 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddppls.exe
    [2010/03/22 00:14:21 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddprox.dll
    [2010/03/22 00:14:21 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxddpplc.dll
    [2010/03/10 21:55:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2010/03/10 21:44:34 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
    [2010/03/10 20:45:30 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini

    ========== LOP Check ==========

    [2010/09/06 02:18:11 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\Autodesk
    [2012/02/26 14:38:46 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\AVG9
    [2011/01/09 22:00:19 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\BSplayer
    [2010/03/12 22:53:22 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\BSplayer Pro
    [2010/12/31 23:12:59 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\CheckPoint
    [2010/03/25 15:31:57 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\com.adobe.ExMan
    [2011/03/14 00:55:26 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2010/09/02 12:52:40 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\DAEMON Tools Lite
    [2010/09/02 12:44:38 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\DAEMON Tools Pro
    [2012/02/27 10:59:09 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\Dropbox
    [2010/05/19 23:57:25 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\FileZilla
    [2012/02/27 10:58:57 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\go
    [2011/04/15 20:37:15 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\Leadertech
    [2010/03/22 00:15:45 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\Lexmark Productivity Studio
    [2010/12/11 00:28:21 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\Local
    [2011/04/15 20:42:20 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\Memeo
    [2010/05/20 03:01:17 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\Nikon
    [2010/03/12 21:45:23 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\OpenOffice.org
    [2011/01/29 18:44:55 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\Opera
    [2011/04/16 18:44:40 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\PACE Anti-Piracy
    [2011/04/20 13:38:07 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\PhotobooksExpress.com.au
    [2011/01/14 00:38:59 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\RePack by paskits
    [2012/02/26 17:07:09 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\Spotify
    [2011/03/31 15:33:30 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2012/02/24 13:41:18 | 000,000,000 | ---D | M] -- C:\Users\The Weasel\AppData\Roaming\uTorrent
    [2011/06/04 13:21:13 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 227 bytes -> C:\ProgramData\Temp:13019F4B
    @Alternate Data Stream - 222 bytes -> C:\ProgramData\Temp:70E897B5
    @Alternate Data Stream - 221 bytes -> C:\ProgramData\Temp:D8D58038
    @Alternate Data Stream - 194 bytes -> C:\ProgramData\Temp:C66222F3
    @Alternate Data Stream - 1060 bytes -> C:\Users\The Weasel\AppData\Local\Temp:ngxHeTLrx5RF0aZ8NGk

    < End of report >


    OTL Extras logfile created on: 27/02/2012 1:14:16 PM - Run 1
    OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\The Weasel\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

    7.99 Gb Total Physical Memory | 5.89 Gb Available Physical Memory | 73.72% Memory free
    15.98 Gb Paging File | 13.57 Gb Available in Paging File | 84.89% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 931.41 Gb Total Space | 87.39 Gb Free Space | 9.38% Space Free | Partition Type: NTFS
    Drive F: | 1.89 Gb Total Space | 1.79 Gb Free Space | 94.53% Space Free | Partition Type: FAT

    Computer Name: THEWEASEL-PC | User Name: The Weasel | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
    "{18155797-EF2E-4699-9A16-FE787C4C10DB}" = iTunes
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
    "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
    "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
    "{39024C9F-4BEF-4B91-A35C-ACD8BCA7B1CD}" = ATI AVIVO64 Codecs
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
    "{54E192A6-AA33-1963-C96A-26AA7A3B41B4}" = ccc-utility64
    "{5783F2D7-8001-0409-0102-0060B0CE6BBA}" = AutoCAD 2010 - English
    "{5783F2D7-8001-0409-1102-0060B0CE6BBA}" = AutoCAD 2010 Language Pack - English
    "{5857E7BE-2F6F-D41A-42B2-B668B19A5F30}" = AMD Media Foundation Decoders
    "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
    "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
    "{8A61B820-598D-05B2-5F8D-7388E15AE2DB}" = AMD Drag and Drop Transcoding
    "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
    "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
    "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
    "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{CFF9D801-1EC4-B8F5-2CAB-4A1790C95A18}" = ATI Catalyst Install Manager
    "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
    "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
    "AutoCAD 2010 - English" = AutoCAD 2010 - English
    "CutePDF Writer Installation" = CutePDF Writer 2.8
    "E7404B0DC21387A65950F274181CC6A697090ACF" = Windows Driver Package - Silicon Integrated Systems Corp.(1.09d.00) (SIS163u) Net (01/25/2007 6.0.1039.1094)
    "Lexmark 2500 Series" = Lexmark 2500 Series
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "SiS163u" = Jensen AirLink 7554
    "WinRAR archiver" = WinRAR archiver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
    "{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
    "{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
    "{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
    "{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
    "{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
    "{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
    "{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
    "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
    "{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
    "{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
    "{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD_3D Advisor 2.0
    "{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
    "{30D659E4-4405-6925-CDCF-EB8CD0C80DAC}" = Catalyst Control Center Graphics Previews Common
    "{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft VC80 Support DLLs
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3AB65E95-37D6-4DD7-8862-29AED3AFD54B}" = Google SketchUp Pro 8
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
    "{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
    "{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B09.0723.1
    "{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
    "{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.0721.1
    "{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
    "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
    "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
    "{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility
    "{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}" = Rhinoceros 4.0
    "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
    "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
    "{60DE7978-4F13-5584-5E53-DCEE1CB115A5}" = Catalyst Control Center
    "{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
    "{805A7890-3138-44E4-8DAA-480C55516989}" = MainConcept MJPEG Codec Demo
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{85268C72-C609-E50A-7AB3-9B3582DFEE66}" = CCC Help English
    "{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
    "{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
    "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
    "{8C264441-3025-8760-396B-CEF83ADA7C88}" = HydraVision
    "{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{96F9B265-1367-4E1A-B8B9-F8530EF3AA62}" = Add or Remove Adobe Premiere Pro CS5
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
    "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC54E544-3E42-443C-A91D-A00A6974C592}" = NVIDIA PhysX v8.10.13
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
    "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
    "{AFF8C8F4-E4BB-891F-8636-5E71F946C5B6}" = Catalyst Control Center InstallProxy
    "{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
    "{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS Ver.2.06
    "{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
    "{C078C299-C2C2-4110-A6EF-8D5E66C228DA}" = e-tax 2011
    "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
    "{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
    "{D7960C39-E3FD-4B46-8E97-A1E9D128F913}" = Rhinoceros 4.0 SR3
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
    "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
    "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype&#8482; 5.1
    "{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
    "{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{F9766AC1-1461-1033-B862-DF8FE1C033BE}" = Adobe InDesign CS5
    "{FBE569CA-BFEB-4E57-A674-F94D938E1AEF}" = e-tax 2010
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "AC3Filter_is1" = AC3Filter 1.63b
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
    "AVG9Uninstall" = AVG Free 9.0
    "BFG-Azada" = Azada &reg;
    "BFG-Dracula Origin" = Dracula Origin
    "BFG-Grim Facade - Mystery of Venice Collectors Edition" = Grim Facade: Mystery of Venice Collector&#8217;s Edition
    "BFG-Magic Encyclopedia - Illusions" = Magic Encyclopedia: Illusions
    "BSPlayerf" = BS.Player FREE
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
    "DivX Setup.divx.com" = DivX Setup
    "FileZilla Client" = FileZilla Client 3.3.2.1
    "Freecorder Toolbar" = Freecorder Toolbar
    "Freecorder4.1" = Freecorder
    "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B09.0723.1
    "InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.0721.1
    "InstallShield_{805A7890-3138-44E4-8DAA-480C55516989}" = MainConcept MJPEG Codec Demo
    "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
    "InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
    "InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
    "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "MCMJPG" = MainConcept MJPG software codec (Remove Only)
    "MediaMonkey_is1" = MediaMonkey 3.2
    "Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
    "Opera 11.61.1250" = Opera 11.61
    "SopCast" = SopCast 3.2.9
    "Spotify" = Spotify
    "VLC media player" = VLC media player 1.0.5
    "vShare" = vShare Plugin
    "Winamp" = Winamp
    "Winamp Toolbar" = Winamp Toolbar
    "ZoneAlarm" = ZoneAlarm

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Dropbox" = Dropbox
    "Game Organizer" = GameXN GO
    "PhotobooksExpress.com.au" = PhotobooksExpress.com.au
    "Winamp Detect" = Winamp Detector Plug-in

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 31/05/2011 10:18:10 PM | Computer Name = TheWeasel-PC | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "C:\Program Files (x86)\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
    Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
    "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
    "version" in element "assemblyIdentity" is invalid.

    Error - 2/06/2011 12:48:03 AM | Computer Name = TheWeasel-PC | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "C:\Program Files (x86)\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
    Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
    "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
    "version" in element "assemblyIdentity" is invalid.

    Error - 4/06/2011 4:10:28 AM | Computer Name = TheWeasel-PC | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "C:\Program Files (x86)\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
    Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
    "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
    "version" in element "assemblyIdentity" is invalid.

    Error - 4/06/2011 7:32:45 PM | Computer Name = TheWeasel-PC | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "C:\Program Files (x86)\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
    Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
    "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
    "version" in element "assemblyIdentity" is invalid.

    Error - 6/06/2011 7:24:48 AM | Computer Name = TheWeasel-PC | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "C:\Program Files (x86)\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
    Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
    "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
    "version" in element "assemblyIdentity" is invalid.

    Error - 7/06/2011 10:34:36 PM | Computer Name = TheWeasel-PC | Source = Application Hang | ID = 1002
    Description = The program opera.exe version 11.10.2092.0 stopped interacting with
    Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: 818 Start
    Time: 01cc257e43d7e211 Termination Time: 5 Application Path: C:\Program Files (x86)\Opera\opera.exe

    Report
    Id: a9c04634-9177-11e0-8cbf-00241dd9211c

    Error - 11/06/2011 9:55:16 AM | Computer Name = TheWeasel-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: DivX Plus Player.exe, version: 10.2.1.20,
    time stamp: 0x4cdc8b7a Faulting module name: DPXDownloadManagerPlugin.dll, version:
    10.2.1.20, time stamp: 0x4cdc8b08 Exception code: 0xc0000005 Fault offset: 0x00008c17
    Faulting
    process id: 0x1d8c Faulting application start time: 0x01cc283f2a409d58 Faulting application
    path: C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe Faulting
    module path: C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll
    Report
    Id: 6f453568-9432-11e0-a255-00241dd9211c

    Error - 12/06/2011 11:11:06 AM | Computer Name = TheWeasel-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: Photoshop.exe, version: 11.0.2.0, time
    stamp: 0x4bf2d91c Faulting module name: Photoshop.exe, version: 11.0.2.0, time stamp:
    0x4bf2d91c Exception code: 0xc0000005 Fault offset: 0x0000000000857f69 Faulting process
    id: 0x1784 Faulting application start time: 0x01cc28bc18db4d3c Faulting application
    path: C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe Faulting
    module path: C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe Report
    Id: 31db4366-9506-11e0-8c68-00241dd9211c

    Error - 13/06/2011 11:44:48 PM | Computer Name = TheWeasel-PC | Source = Application Hang | ID = 1002
    Description = The program Photoshop.exe version 11.0.2.0 stopped interacting with
    Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: d68 Start
    Time: 01cc2a3a750fd5d5 Termination Time: 27 Application Path: C:\Program Files\Adobe\Adobe
    Photoshop CS4 (64 Bit)\Photoshop.exe Report Id:

    Error - 21/06/2011 6:57:07 AM | Computer Name = TheWeasel-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: InDesign.exe, version: 7.0.4.553, time
    stamp: 0x4d890440 Faulting module name: LINKS.RPLN, version: 7.0.0.355, time stamp:
    0x4bad04e5 Exception code: 0xc0000005 Fault offset: 0x00067a30 Faulting process id:
    0x558 Faulting application start time: 0x01cc2fb72b5a894f Faulting application path:
    C:\Program Files (x86)\Adobe\Adobe InDesign CS5\InDesign.exe Faulting module path:
    C:\Program Files (x86)\Adobe\Adobe InDesign CS5\Required\LINKS.RPLN Report Id: 3441781e-9bf5-11e0-866c-00241dd9211c

    [ System Events ]
    Error - 26/02/2012 8:00:44 PM | Computer Name = TheWeasel-PC | Source = Application Popup | ID = 1060
    Description = \??\C:\Program Files (x86)\GIGABYTE\ET6\atidgllk.sys has been blocked
    from loading due to incompatibility with this system. Please contact your software
    vendor for a compatible version of the driver.

    Error - 26/02/2012 8:00:44 PM | Computer Name = TheWeasel-PC | Source = Service Control Manager | ID = 7000
    Description = The atidgllk service failed to start due to the following error: %%1275

    Error - 26/02/2012 8:00:45 PM | Computer Name = TheWeasel-PC | Source = Application Popup | ID = 1060
    Description = \??\C:\Program Files (x86)\GIGABYTE\ET6\atidgllk.sys has been blocked
    from loading due to incompatibility with this system. Please contact your software
    vendor for a compatible version of the driver.

    Error - 26/02/2012 8:00:45 PM | Computer Name = TheWeasel-PC | Source = Service Control Manager | ID = 7000
    Description = The atidgllk service failed to start due to the following error: %%1275

    Error - 26/02/2012 8:00:46 PM | Computer Name = TheWeasel-PC | Source = Application Popup | ID = 1060
    Description = \??\C:\Program Files (x86)\GIGABYTE\ET6\atidgllk.sys has been blocked
    from loading due to incompatibility with this system. Please contact your software
    vendor for a compatible version of the driver.

    Error - 26/02/2012 8:00:46 PM | Computer Name = TheWeasel-PC | Source = Service Control Manager | ID = 7000
    Description = The atidgllk service failed to start due to the following error: %%1275

    Error - 26/02/2012 8:00:46 PM | Computer Name = TheWeasel-PC | Source = Application Popup | ID = 1060
    Description = \??\C:\Program Files (x86)\GIGABYTE\ET6\atidgllk.sys has been blocked
    from loading due to incompatibility with this system. Please contact your software
    vendor for a compatible version of the driver.

    Error - 26/02/2012 8:00:46 PM | Computer Name = TheWeasel-PC | Source = Service Control Manager | ID = 7000
    Description = The atidgllk service failed to start due to the following error: %%1275

    Error - 26/02/2012 8:00:47 PM | Computer Name = TheWeasel-PC | Source = Application Popup | ID = 1060
    Description = \??\C:\Program Files (x86)\GIGABYTE\ET6\atidgllk.sys has been blocked
    from loading due to incompatibility with this system. Please contact your software
    vendor for a compatible version of the driver.

    Error - 26/02/2012 8:00:47 PM | Computer Name = TheWeasel-PC | Source = Service Control Manager | ID = 7000
    Description = The atidgllk service failed to start due to the following error: %%1275


    < End of report >
     
  10. Cheeseball81

    Cheeseball81 Moderator Malware Specialist

    Joined:
    Mar 3, 2004
    Messages:
    83,939
    The Freecorder Toolbar is open to debate. Is this something you use?

    The vShare Toolbar is classified as malware. That should be uninstalled.


    Run Hijack This and click Open the Misc Tools section.
    Click Open Uninstall Manager > Save list and save the log to your Desktop.
    A list of programs will open in Notepad. Post the contents of this log.
     
  11. computer_weasel

    computer_weasel Thread Starter

    Joined:
    Sep 28, 2011
    Messages:
    41
    I've uninstalled both of them. There is also something called just "Freecorder". Should I remove that too?

    @BIOS Ver.2.06
    AC3Filter 1.63b
    Acrobat.com
    Acrobat.com
    Add or Remove Adobe Premiere Pro CS5
    Adobe After Effects CS4
    Adobe After Effects CS4 Presets
    Adobe After Effects CS4 Third Party Content
    Adobe AIR
    Adobe AIR
    Adobe Anchor Service CS4
    Adobe Bridge CS4
    Adobe CMaps CS4
    Adobe Color - Photoshop Specific CS4
    Adobe Color EU Extra Settings CS4
    Adobe Color JA Extra Settings CS4
    Adobe Color NA Recommended Settings CS4
    Adobe Color Video Profiles AE CS4
    Adobe Color Video Profiles CS CS4
    Adobe Community Help
    Adobe Community Help
    Adobe Contribute CS4
    Adobe Creative Suite 4 Master Collection
    Adobe Creative Suite 4 Master Collection
    Adobe CS4 American English Speech Analysis Models
    Adobe CSI CS4
    Adobe Default Language CS4
    Adobe Device Central CS4
    Adobe Drive CS4
    Adobe Dynamiclink Support
    Adobe ExtendScript Toolkit CS4
    Adobe Extension Manager CS4
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Fonts All
    Adobe Illustrator CS4
    Adobe InDesign CS4
    Adobe InDesign CS4 Application Feature Set Files (Roman)
    Adobe InDesign CS4 Common Base Files
    Adobe InDesign CS4 Icon Handler
    Adobe InDesign CS5
    Adobe Linguistics CS4
    Adobe Media Encoder CS4
    Adobe Media Encoder CS4 Additional Exporter
    Adobe Media Player
    Adobe Media Player
    Adobe MotionPicture Color Files CS4
    Adobe Output Module
    Adobe PDF Library Files CS4
    Adobe Photoshop CS4
    Adobe Photoshop CS4 Support
    Adobe Reader X (10.1.1)
    Adobe Search for Help
    Adobe Service Manager Extension
    Adobe Setup
    Adobe SGM CS4
    Adobe SING CS4
    Adobe Soundbooth CS4
    Adobe Soundbooth CS4 Codecs
    Adobe Type Support CS4
    Adobe Update Manager CS4
    Adobe WinSoft Linguistics Plugin
    Adobe XMP Panels CS4
    AdobeColorCommonSetCMYK
    AdobeColorCommonSetRGB
    Apple Application Support
    Apple Software Update
    ATI Catalyst Registration
    AVG Free 9.0
    Azada &reg;
    Browser Configuration Utility
    BS.Player FREE
    Catalyst Control Center - Branding
    Connect
    CyberLink BD_3D Advisor 2.0
    CyberLink Blu-ray Disc Suite
    CyberLink Blu-ray Disc Suite
    CyberLink InstantBurn
    CyberLink PhotoNow
    CyberLink PhotoNow
    CyberLink Power2Go
    CyberLink Power2Go
    CyberLink PowerDirector
    CyberLink PowerDirector
    CyberLink PowerDVD 10
    CyberLink PowerDVD 10
    CyberLink PowerDVD 9
    CyberLink PowerDVD 9
    CyberLink PowerProducer
    CyberLink PowerProducer
    DivX Setup
    Dracula Origin
    Easy Tune 6 B09.0723.1
    e-tax 2010
    e-tax 2011
    FileZilla Client 3.3.2.1
    Freecorder
    Gigabyte Raid Configurer
    Google Earth
    Google SketchUp Pro 8
    Google Update Helper
    Grim Facade: Mystery of Venice Collector&#8217;s Edition
    HydraVision
    Java(TM) 6 Update 26
    kuler
    Magic Encyclopedia: Illusions
    MainConcept MJPEG Codec Demo
    MainConcept MJPG software codec (Remove Only)
    Malwarebytes' Anti-Malware
    MediaMonkey 3.2
    Memeo Instant Backup
    Microsoft VC80 Support DLLs
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft_VC80_ATL_x86
    Microsoft_VC80_CRT_x86
    Microsoft_VC80_MFC_x86
    Microsoft_VC80_MFCLOC_x86
    Microsoft_VC90_ATL_x86
    Microsoft_VC90_CRT_x86
    Microsoft_VC90_MFC_x86
    Mozilla Firefox 5.0 (x86 en-US)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Nikon Message Center
    Nikon Transfer
    NVIDIA PhysX v8.10.13
    OpenOffice.org 3.3
    Opera 11.61
    PDF Settings CS4
    PDF Settings CS5
    Photoshop Camera Raw
    Pixel Bender Toolkit
    PxMergeModule
    QuickTime
    Realtek Ethernet Controller Driver
    Realtek High Definition Audio Driver
    Rhinoceros 4.0
    Rhinoceros 4.0 SR3
    Safari
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Skype&#8482; 5.1
    SopCast 3.2.9
    Spelling Dictionaries Support For Adobe Reader 9
    Spotify
    Suite Shared Configuration CS4
    The Lord of the Rings FREE Trial
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update Manager B09.0721.1
    VC80CRTRedist - 8.0.50727.4053
    Visual C++ 8.0 Runtime Setup Package (x64)
    VLC media player 1.0.5
    Winamp
    Winamp Toolbar
    Windows Media Player Firefox Plugin
    ZoneAlarm
     
  12. Cheeseball81

    Cheeseball81 Moderator Malware Specialist

    Joined:
    Mar 3, 2004
    Messages:
    83,939
    Yes, uninstall Freecorder as well.

    Your Java is also outdated.

    Go to Start > Control Panel > Java
    Click on the Update tab, then below you will see a button "Update Now"
    Press that and allow Java to update
     
  13. computer_weasel

    computer_weasel Thread Starter

    Joined:
    Sep 28, 2011
    Messages:
    41
    I updated Java.

    Trouble uninstalling Freecorder - it says 'invalid uninstall control file' (message attached)
     

    Attached Files:

  14. Cheeseball81

    Cheeseball81 Moderator Malware Specialist

    Joined:
    Mar 3, 2004
    Messages:
    83,939
  15. computer_weasel

    computer_weasel Thread Starter

    Joined:
    Sep 28, 2011
    Messages:
    41
    ok, that worked. :) anything else I should do?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1042439