Inactive Win7 PC can't connect to one specific website

[Inactive] Win7 PC can't connect to one specific website

Following are the items from http://www.windowsbbs.com/general-i...nks-website-either-firefox-ie.html#post549787 that were requested by MarkMadras

Frank D

================================

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5565

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

1/21/2011 12:45:54 PM
mbam-log-2011-01-21 (12-45-54).txt

Scan type: Quick scan
Objects scanned: 166050
Time elapsed: 5 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

==================================

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-01-21 13:27:48
Windows 6.1.7600
Running: yrdccmky.exe.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application@Sources MSDMine?DfSdk
Reg HKLM\SYSTEM\ControlSet002\services\eventlog\Application@Sources MSDMine?DfSdk

---- EOF - GMER 1.0.15 ----

===================================

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Phoenix Technologies LTD
System Manufacturer: HP-Pavilion
System Product Name: AY587AA-ABA MS225
Logical Drives Mask: 0x0000003c

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`ea900000 (NTFS)
\\.\F: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS)

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
465 GB \\.\PhysicalDrive1 RE: Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!

=========================================

DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Frank at 13:44:02.66 on Fri 01/21/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3838.2507 [GMT -5:00]

AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Zentimo\ZentimoService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Zentimo\Zentimo.exe
C:\Program Files\Hidden Menu\HiddenMenu.exe
C:\Program Files (x86)\Free Wallpaper Changer\CDWC.exe
C:\Windows\explorer.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Software Informer\softinfo.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Process Lasso\processgovernor.exe
C:\Program Files\Process Lasso\processlasso.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files\Listary\Listary.exe
C:\Program Files\Iconoid\iconoid64.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files\Listary\Listary32helper.exe
C:\Program Files (x86)\Microtek\ScanWizard 5\ScannerFinder.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\QuickMonth Calendar\qmc.exe
C:\Program Files (x86)\palmOne\HOTSYNC.EXE
C:\Program Files (x86)\PopTray\PopTray.exe
C:\Program Files\ShellFolderFix\ShellFolderFixUI.exe
C:\Program Files (x86)\TheSage\TheSage.exe
C:\Program Files (x86)\YoWindow\yowindow.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Dicter\Dicter.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Dicter\DicterService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\EditPadLite\EditPadLite.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\msfeedssync.exe
C:\Users\Frank\Downloads\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = Preserve
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
BHO: IEPlugin Class: {11222041-111b-46e3-bd29-efb2449479b1} - C:\PROGRA~2\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL
BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
uRun: [SystemExplorer]
uRun: [Zentimo xStorage Manager] C:\Program Files (x86)\Zentimo\Zentimo.exe /startup
uRun: [Hidden Menu] C:\Program Files\Hidden Menu\HiddenMenu.exe
uRun: [Wallpaper Manager] C:\Program Files (x86)\Free Wallpaper Changer\CDWC.exe -startup
uRun: [Software Informer] "C:\Program Files (x86)\Software Informer\softinfo.exe" -autorun
uRun:
[Listary] "C:\Program Files\Listary\Listary.exe "
uRun: [Iconoid] "C:\Program Files\Iconoid\iconoid64.exe "
uRun: [AntiFreeze] C:\Program Files\AntiFreeze\AntiFreeze.exe /splash
uRun: [fsm]
uRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [DicterRu] C:\Program Files (x86)\Dicter\Dicter.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe "
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
StartupFolder: C:\Users\Frank\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\HOTSYN~1.LNK - C:\Program Files (x86)\palmOne\HOTSYNC.EXE
StartupFolder: C:\Users\Frank\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PopTray.lnk - C:\Program Files (x86)\PopTray\PopTray.exe
StartupFolder: C:\Users\Frank\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SHELLF~1.LNK - C:\Program Files\ShellFolderFix\ShellFolderFixUI.exe
StartupFolder: C:\Users\Frank\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\THESAG~1.LNK - C:\Program Files (x86)\TheSage\TheSage.exe
StartupFolder: C:\Users\Frank\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\YoWindow.lnk - C:\Program Files (x86)\YoWindow\yowindow.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROT~1.LNK - C:\Program Files (x86)\Microtek\ScanWizard 5\ScannerFinder.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKM~1.LNK - C:\Program Files (x86)\QuickMonth Calendar\qmc.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\~DISAB~1\MICROS~2.LNK - C:\Program Files (x86)\MS Office 95\Office\FASTBOOT.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\~DISAB~1\MICROS~1.LNK - C:\Program Files (x86)\MS Office XP\Office10\OSA.EXE
uPolicies-explorer: NoThumbnailCache = 1 (0x1)
uPolicies-explorer: HideClock = 0 (0x0)
uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
uPolicies-explorer: NoCommonGroups = 0 (0x0)
uPolicies-explorer: NoPrinters = 0 (0x0)
uPolicies-explorer: NoRecentDocsNetHood = 0 (0x0)
uPolicies-explorer: NoChangeAnimation = 0 (0x0)
uPolicies-explorer: NoThemesTab = 0 (0x0)
uPolicies-system: NoSecCpl = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
uPolicies-system: NoVisualStyleChoice = 0 (0x0)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: NoResolveTrack = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
Trusted Zone: aol.com\free
Trusted Zone: esl.org
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?40435.6676851852
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: {7BC77401-5212-4B2C-8238-2AF79A39494B} = 208.67.222.222,208.67.220.220
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB-X64: {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - No File
TB-X64: {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File
TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
mRun-x64: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe "

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/reader/view/#stream/user%2F18070088024285993000%2Fstate%2Fcom.google%2Freading-list
FF - prefs.js: network.proxy.type - 2
FF - component: C:\Program Files (x86)\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox\components\nsURLRecordEx.dll
FF - component: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll
FF - component: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - component: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\extensions\optout@dubfire.net\lib\WINNT\ff3\AbineComponent.dll
FF - plugin: C:\Program Files (x86)\Adobe Acrobat 6.0\Acrobat\browser\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: C:\program files (x86)\mozilla firefox\plugins\np_gp.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Users\Frank\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Users\Frank\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
FF - plugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll
FF - plugin: C:\Users\Frank\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Frank\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Users\Frank\AppData\Local\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: CoolPreviews : {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} - %profile%\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
FF - Ext: FireDownload: firedownload@mozilla.org - %profile%\extensions\firedownload@mozilla.org
FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF - Ext: Forecastbar Enhanced: {3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8} - %profile%\extensions\{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}
FF - Ext: Nightly Tester Tools: {8620c15f-30dc-4dba-a131-7c5d20cf4a29} - %profile%\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}
FF - Ext: PriceBlink: info@priceblink.com - %profile%\extensions\info@priceblink.com
FF - Ext: Read It Later: isreaditlater@ideashower.com - %profile%\extensions\isreaditlater@ideashower.com
FF - Ext: Nuke Anything Enhanced: {1ced4832-f06e-413f-aa14-9eb63ad40ace} - %profile%\extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}
FF - Ext: FireShot: {0b457cAA-602d-484a-8fe7-c1d894a011ba} - %profile%\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF - Ext: Tooltip Plus: {f2e5baa8-0711-4113-830c-1b3debd6f2a5} - %profile%\extensions\{f2e5baa8-0711-4113-830c-1b3debd6f2a5}
FF - Ext: SmoothWheel (mozdev.org): {5F590AA2-1221-4113-A6F4-A4BB62414FAC} - %profile%\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
FF - Ext: SmoothWheel (AMO): {5F590AA2-1221-4113-A6F4-A4BB62414FAC} - %profile%\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
FF - Ext: Organize Status Bar: {35106bca-6c78-48c7-ac28-56df30b51d2c} - %profile%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2c}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Greasefire: greasefire@skrul.com - %profile%\extensions\greasefire@skrul.com
FF - Ext: <?xmlversion=1.0?><RDF xmlns=http://www.w3.org/1999/02/22-rdf-syntax-ns# xmlns:em=http://www.mozilla.org/2004/em-rdf#><Description about=urn:mozilla:install-manifest><em:id>{1dacc1f2-0e39-4c79-8b10-aa2f18025bf3}: {1dacc1f2-0e39-4c79-8b10-aa2f18025bf3} - %profile%\extensions\{1dacc1f2-0e39-4c79-8b10-aa2f18025bf3}
FF - Ext: Bookmarks Toolbar Button: bookmarks-button@design-noir.de - %profile%\extensions\bookmarks-button@design-noir.de
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Clear Cache Button: {563e4790-7e70-11da-a72b-0800200c9a66} - %profile%\extensions\{563e4790-7e70-11da-a72b-0800200c9a66}
FF - Ext: Context Font: contextfont@easel.org - %profile%\extensions\contextfont@easel.org
FF - Ext: Theme Font Size Changer: {f69e22c7-bc50-414a-9269-0f5c344cd94c} - %profile%\extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}
FF - Ext: Reader: {20068ab2-1901-4140-9f3c-81207d4dacc4} - %profile%\extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}
FF - Ext: gTranslator: jyboy.yy@gmail.com - %profile%\extensions\jyboy.yy@gmail.com
FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - %profile%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
FF - Ext: Resurrect Pages: {0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3} - %profile%\extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}
FF - Ext: Searchbar Autosizer: {655397ca-4766-496b-b7a8-3a5b176ee4c2} - %profile%\extensions\{655397ca-4766-496b-b7a8-3a5b176ee4c2}
FF - Ext: Screengrab: {02450954-cdd9-410f-b1da-db804e18c671} - %profile%\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
FF - Ext: Window Shopper - Powered by Superfish: superfish@superfish.com - %profile%\extensions\superfish@superfish.com
FF - Ext: PriceTrace: {72938f90-8d8a-11de-8a39-0800200c9a66} - %profile%\extensions\{72938f90-8d8a-11de-8a39-0800200c9a66}
FF - Ext: iReader: ireader@samabox.com - %profile%\extensions\ireader@samabox.com
FF - Ext: My-Translator: My-Translator@eugenche.com - %profile%\extensions\My-Translator@eugenche.com
FF - Ext: Inline Translator: itrans@tenshi - %profile%\extensions\itrans@tenshi
FF - Ext: QuoteURLText: quoteurltext@jay.palat - %profile%\extensions\quoteurltext@jay.palat
FF - Ext: Force-TLS: forcetls@sid.stamm - %profile%\extensions\forcetls@sid.stamm
FF - Ext: Tab Mix Plus: {dc572301-7619-498c-a57d-39143191b318} - %profile%\extensions\{dc572301-7619-498c-a57d-39143191b318}
FF - Ext: TinEye Reverse Image Search: tineye@ideeinc.com - %profile%\extensions\tineye@ideeinc.com
FF - Ext: Default Full Zoom Level: {D9A7CBEC-DE1A-444f-A092-844461596C4D} - %profile%\extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D}
FF - Ext: Google Shortcuts: {5C46D283-ABDE-4dce-B83C-08881401921C} - %profile%\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}
FF - Ext: CustomizeGoogle: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} - %profile%\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
FF - Ext: TACO with Abine: optout@dubfire.net - %profile%\extensions\optout@dubfire.net
FF - Ext: Ghostery: firefox@ghostery.com - %profile%\extensions\firefox@ghostery.com
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Freecorder Community Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - %profile%\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - Ext: <?xmlversion=1.0?><RDF xmlns=http://www.w3.org/1999/02/22-rdf-syntax-ns# xmlns:em=http://www.mozilla.org/2004/em-rdf#><Description about=urn:mozilla:install-manifest><em:id>{a61d3d1d-590c-4922-870c-01229628052b}: {a61d3d1d-590c-4922-870c-01229628052b} - %profile%\extensions\{a61d3d1d-590c-4922-870c-01229628052b}
FF - Ext: Google Dictionary and Google Translate: googledictionary@toptip.ca - %profile%\extensions\googledictionary@toptip.ca
FF - Ext: DictionarySearch: {a0faa0a4-f1a7-4098-9a74-21efc3a92372} - %profile%\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372}
FF - Ext: Hyperwords: {9A752782-D706-479b-98F8-3F66BF921692} - %profile%\extensions\{9A752782-D706-479b-98F8-3F66BF921692}
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: Internet Video Downloader: {B728AB94-9BC7-49b7-B76A-422BB31B2FD0} - C:\Program Files (x86)\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

============= SERVICES / DRIVERS ===============

R0 hotcore3;hc3ServiceName;C:\Windows\System32\drivers\hotcore3.sys [2010-9-16 37456]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\System32\drivers\tdrpm273.sys [2011-1-14 1263200]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-1-13 273488]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-1-4 98208]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-1-14 3246040]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-1-13 20560]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-1-13 62032]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-1-13 40384]
R2 DicterUpdateService;Dicter Service;C:\Program Files (x86)\Dicter\DicterService.exe [2010-11-4 468992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2010-7-18 14112]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-1-19 2250616]
R2 ZentimoService;Zentimo Assistant;C:\Program Files (x86)\Zentimo\ZentimoService.exe [2010-12-2 524248]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2011-1-14 285280]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2010-1-27 139616]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-1-27 34872]
R3 UsbFltr;WayTech USB Filter Driver;C:\Windows\System32\drivers\UsbFltr.sys [2007-4-9 12288]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S0 PCGenFAM;PCGenFAM;C:\Windows\System32\drivers\PCGenFAM.sys [2010-10-20 198600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SolutoService;Soluto PCGenome Core Service;C:\Program Files\Soluto\SolutoService.exe [2010-10-12 330784]
S3 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
S3 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-1-27 203264]
S3 cpuz134;cpuz134;C:\Program Files (x86)\PC Wizard 2010\pcwiz_x64.sys [2010-11-22 21480]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2010-12-8 16776]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2010-12-8 9096]
S3 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-28 136176]
S3 Jasmio.MediaCenter.Service;Media Center Support Service;C:\Program Files\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe [2009-11-10 73144]
S3 PSVolAcc;PSVolAcc;C:\Windows\System32\drivers\PSVolAcc.sys [2010-9-28 12768]
S3 QuickPDFTCPService0719;Quick PDF Tools Background Service;C:\Program Files (x86)\Quick PDF Tools\QuickPDFTCP0719.exe [2010-4-27 1899008]
S3 VhdAttach;VHD Attach;C:\Program Files\VHD Attach\VhdAttachService.exe [2010-11-14 151040]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-17 1255736]

=============== Created Last 30 ================

2011-01-21 15:26:04 7844688 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{A6B405FD-AF58-493F-9EF2-5DDCA48BE606}\mpengine.dll
2011-01-19 16:14:54 -------- d-----w- C:\Users\Frank\AppData\Roaming\LockHunter
2011-01-19 16:12:52 -------- d-----w- C:\Program Files\LockHunter
2011-01-19 16:02:22 -------- d-----w- C:\Users\Frank\AppData\Roaming\JPEGsnoop
2011-01-18 18:35:42 -------- d-----w- C:\Users\Frank\AppData\Local\Martview
2011-01-18 15:28:34 -------- d-----w- C:\Users\Frank\EurekaLog
2011-01-18 15:28:23 14336 ----a-w- C:\Windows\SysWow64\vsmon1.dll
2011-01-18 15:16:38 -------- d-----w- C:\Users\Frank\AppData\Roaming\Expert PDF 7
2011-01-18 14:39:48 -------- d-----w- C:\Program Files (x86)\AnyBizSoft PDFtoWord
2011-01-18 00:46:14 -------- d-----w- C:\Program Files (x86)\Password Generator
2011-01-15 03:24:38 285280 ----a-w- C:\Windows\System32\drivers\afcdp.sys
2011-01-15 03:24:32 1263200 ----a-w- C:\Windows\System32\drivers\tdrpm273.sys
2011-01-15 03:24:24 943712 ----a-w- C:\Windows\System32\drivers\timntr.sys
2011-01-14 22:54:05 -------- d-----w- C:\Program Files (x86)\Spindle Search
2011-01-14 22:32:11 -------- d-----w- C:\Program Files (x86)\HotKeyz
2011-01-14 21:50:00 -------- d-----w- C:\Program Files (x86)\CreateCard
2011-01-14 03:06:55 277088 ----a-w- C:\Windows\System32\drivers\snapman.sys
2011-01-14 01:55:08 -------- d-----w- C:\Program Files (x86)\NTBackup
2011-01-14 01:03:13 62032 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-01-14 01:02:58 38848 ----a-w- C:\Windows\avastSS.scr
2011-01-13 23:33:12 -------- d-----w- C:\PROGRA~3\SoftSwift
2011-01-13 17:50:07 -------- d-----w- C:\Program Files (x86)\Active HotKeys
2011-01-13 17:47:07 -------- d-----w- C:\Users\Frank\AppData\Roaming\Ethervane
2011-01-13 01:48:07 57344 ----a-w- C:\Windows\SysWow64\CleanMem.exe
2011-01-13 01:48:04 -------- d-----w- C:\Windows\CleanMem
2011-01-13 01:48:04 -------- d-----w- C:\Program Files (x86)\CleanMem
2011-01-12 17:10:17 -------- d-----w- C:\Users\Frank\AppData\Roaming\gimagereader
2011-01-12 17:06:32 -------- d-----w- C:\Program Files (x86)\Tesseract-OCR
2011-01-12 17:05:54 -------- d-----w- C:\Program Files (x86)\gimagereader
2011-01-12 03:21:53 87040 ----a-w- C:\Windows\System32\pdfcmnnt.dll
2011-01-12 03:21:53 137000 ----a-w- C:\Windows\SysWow64\MSMAPI32.OCX
2011-01-12 03:21:48 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL
2011-01-12 03:21:48 -------- d-----w- C:\Program Files (x86)\PDFCreator
2011-01-12 00:25:28 -------- d-----w- C:\Philips
2011-01-12 00:25:14 -------- d-----w- C:\temp
2011-01-12 00:24:42 -------- d-----w- C:\Users\Frank\AppData\Local\Programs
2011-01-12 00:24:20 -------- d-----w- C:\Users\Frank\AppData\Local\ArcSoft
2011-01-12 00:24:02 -------- d-----w- C:\PROGRA~3\ArcSoft
2011-01-12 00:23:40 1645320 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2011-01-11 01:53:48 -------- d-----w- C:\New Folder 1
2011-01-09 02:18:29 -------- d-----w- C:\Program Files (x86)\ExamDiff
2011-01-07 16:20:52 -------- d-----w- C:\Program Files\InstalledCodec
2011-01-07 15:45:52 -------- d-----w- C:\Users\Frank\AppData\Roaming\Zoner
2011-01-07 15:45:52 -------- d-----w- C:\Users\Frank\AppData\Local\Zoner
2011-01-06 21:22:54 -------- d-----w- C:\Users\Frank\AppData\Roaming\PDF Experte 7
2011-01-06 21:21:32 -------- d-----w- C:\PROGRA~3\Avanquest Software
2011-01-06 21:19:37 -------- d-----w- C:\Program Files (x86)\Avanquest
2011-01-06 21:19:37 -------- d-----w- C:\PROGRA~3\Expert PDF Jobs
2011-01-06 21:19:37 -------- d-----w- C:\PROGRA~3\Expert PDF 7
2011-01-06 21:19:37 -------- d-----w- C:\PROGRA~3\Avanquest
2011-01-06 17:01:45 -------- d-----w- C:\Program Files (x86)\Auto Shutdown
2011-01-06 15:28:45 -------- d-----w- C:\Users\Frank\AppData\Roaming\DVD Flick
2011-01-06 15:28:18 -------- d-----w- C:\Program Files (x86)\DVD Flick
2011-01-05 02:21:24 -------- d-----w- C:\Windows\SysWow64\RTCOM
2011-01-04 20:33:38 577536 ----a-w- C:\Windows\soundman.exe
2011-01-04 20:33:38 49152 ----a-w- C:\Windows\SysWow64\ChCfg.exe
2011-01-04 20:33:38 4122368 ----a-r- C:\Windows\SysWow64\drivers\alcxwdm.sys
2011-01-04 20:33:38 147456 ----a-w- C:\Windows\SysWow64\RtlCPAPI.dll
2011-01-04 20:33:37 18804736 ----a-w- C:\Windows\SysWow64\alsndmgr.cpl
2011-01-04 20:33:37 10528768 ----a-w- C:\Windows\SysWow64\RTLCPL.exe
2011-01-04 20:30:31 -------- d-----w- C:\Program Files (x86)\Realtek AC97
2011-01-04 20:30:21 315392 ----a-w- C:\Windows\alcupd.exe
2011-01-04 20:30:21 217088 ----a-w- C:\Windows\alcrmv.exe
2011-01-04 17:02:07 -------- d-----w- C:\Program Files (x86)\MP3Gain
2011-01-04 16:23:59 -------- d-----w- C:\Program Files (x86)\The KMPlayer
2011-01-04 16:18:22 191488 ----a-w- C:\Windows\System32\unrar.dll
2011-01-04 16:18:21 136704 ----a-w- C:\Windows\System32\ff_vfw.dll
2011-01-04 16:18:18 -------- d-----w- C:\Program Files\KLCP64
2011-01-01 15:49:03 73728 ----a-w- C:\Windows\SysWow64\TOverlay.ax
2011-01-01 15:49:03 53248 ----a-w- C:\Windows\SysWow64\DSTimeStamp.ax
2011-01-01 15:49:03 40960 ----a-w- C:\Windows\SysWow64\wavdest.ax
2011-01-01 15:49:03 28672 ----a-w- C:\Windows\SysWow64\SpecBarPrj.ocx
2011-01-01 15:49:03 28672 ----a-w- C:\Windows\SysWow64\PCWinSoftPBar.ocx
2011-01-01 15:49:02 630784 ----a-w- C:\Windows\SysWow64\AxisToolBar.ocx
2011-01-01 15:49:02 438976 ----a-w- C:\Windows\SysWow64\MSHFLXGD.OCX
2011-01-01 15:49:02 36864 ----a-w- C:\Windows\SysWow64\Sof2FFTPrj.ocx
2011-01-01 15:49:02 264528 ----a-w- C:\Windows\SysWow64\MPG4DS32.AX
2011-01-01 15:49:02 188416 ----a-w- C:\Windows\SysWow64\UScreenCapture.ax
2011-01-01 15:49:02 126976 ----a-w- C:\Windows\SysWow64\ArielColorCtrl.ocx
2011-01-01 15:49:01 -------- d-----w- C:\Program Files (x86)\1AVCenter
2011-01-01 01:55:02 -------- d-----w- C:\Users\Frank\AppData\Roaming\Soluto
2011-01-01 01:48:55 -------- d-----w- C:\Users\Frank\AppData\Roaming\qliner
2011-01-01 01:31:10 -------- d-----w- C:\Users\Frank\AppData\Roaming\adma
2010-12-31 23:54:03 -------- d-----w- C:\Program Files (x86)\Google Book Downloader
2010-12-31 23:43:19 -------- d-----w- C:\Program Files (x86)\Easy File Joiner
2010-12-31 21:54:20 -------- d-----w- C:\Program Files (x86)\Winsock Repair
2010-12-31 21:50:13 -------- d-----w- C:\Program Files (x86)\cintrep
2010-12-31 21:35:32 -------- d-----w- C:\Program Files\Geosense for Windows
2010-12-31 18:33:05 -------- d-----w- C:\Program Files (x86)\Boxoft PDF to Text (freeware)
2010-12-31 16:44:16 -------- d-----w- C:\Program Files (x86)\Boxoft PDF to HTML (freeware)
2010-12-31 16:41:57 -------- d-----w- C:\Program Files (x86)\gs
2010-12-31 16:40:17 -------- d-----w- C:\Program Files (x86)\Boxoft PDF to JPG (freeware)
2010-12-31 16:14:41 -------- d-----w- C:\Program Files (x86)\A-PDF Text Extractor
2010-12-31 16:12:06 -------- d-----w- C:\Program Files (x86)\Boxoft PDF to WORD (freeware)
2010-12-31 14:57:52 -------- d-----w- C:\PROGRA~3\Boxtools
2010-12-31 14:57:52 -------- d-----w- C:\PROGRA~3\Boxoft
2010-12-31 14:57:47 -------- d-----w- C:\Program Files (x86)\Boxoft Free OCR
2010-12-31 01:01:56 89360 ------w- C:\Windows\SysWow64\VB5DB.DLL
2010-12-31 01:01:51 -------- d-----w- C:\Program Files (x86)\AportisDoc Converter
2010-12-30 16:19:12 -------- d-----w- C:\Users\Frank\.telekast_debug
2010-12-30 16:18:53 -------- d-----w- C:\Users\Frank\AppData\Roaming\Lightscape
2010-12-30 16:18:53 -------- d-----w- C:\Users\Frank\AppData\Local\Lightscape
2010-12-30 16:18:44 -------- d-----w- C:\Program Files (x86)\TeleKast
2010-12-29 15:32:58 -------- d-----w- C:\Program Files (x86)\Gmer
2010-12-29 15:27:08 -------- d-----w- C:\Program Files (x86)\TDSSKiller
2010-12-28 19:43:07 -------- d-----w- C:\Users\Frank\AppData\Local\Adobe
2010-12-28 19:32:01 -------- d-----w- C:\Windows\SysWow64\spool
2010-12-28 18:28:18 -------- d-----w- C:\Program Files (x86)\Advanced Word to Pdf Converter Free
2010-12-28 18:25:19 -------- d-----w- C:\Program Files (x86)\EULAlyzer
2010-12-28 14:21:56 -------- d-----w- C:\Program Files (x86)\Simpo PDF to PowerPoint
2010-12-28 01:18:50 -------- d-----w- C:\Program Files (x86)\Awesome Duplicate Photo Finder
2010-12-27 22:14:12 -------- d-----w- C:\Program Files (x86)\Freemake
2010-12-27 13:29:36 -------- d-----w- C:\Users\Frank\.smplayer
2010-12-27 13:28:22 -------- d-----w- C:\Program Files (x86)\SMPlayer
2010-12-23 03:02:45 -------- d-----w- C:\Users\Frank\AppData\Roaming\PriceGong
2010-12-23 03:02:37 -------- d-----w- C:\Users\Frank\AppData\Local\Conduit
2010-12-23 03:02:36 -------- d-----w- C:\Users\Frank\AppData\Local\Freecorder
2010-12-23 03:02:36 -------- d-----w- C:\Users\Frank\AppData\Local\ConduitEngine
2010-12-22 18:53:33 -------- d-----w- C:\Users\Frank\AppData\Roaming\Comodo
2010-12-22 18:53:32 -------- d-----w- C:\Program Files (x86)\Comodo
2010-12-22 18:53:32 -------- d-----w- C:\PROGRA~3\Comodo

==================== Find3M ====================

2010-12-30 16:59:18 2690280 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2010-12-29 19:30:48 2828904 ----a-w- C:\Windows\System32\RtkAPO64.dll
2010-12-28 20:51:32 608768 ----a-w- C:\Windows\System32\RCoRes64.dat
2010-12-26 22:38:34 26504 ----a-w- C:\Windows\System32\drivers\eufs.sys
2010-12-26 22:38:30 17800 ----a-w- C:\Windows\System32\drivers\eudskacs.sys
2010-12-26 22:38:28 36232 ----a-w- C:\Windows\System32\drivers\eubakup.sys
2010-12-26 22:38:24 193416 ----a-w- C:\Windows\System32\drivers\EuDisk.sys
2010-12-22 16:28:34 2328168 ----a-w- C:\Windows\System32\RtPgEx64.dll
2010-12-20 23:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-12-07 13:08:24 684544 ----a-w- C:\Windows\yowindow.scr
2010-12-02 03:35:18 4280320 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2010-11-29 23:47:42 2578576 ----a-w- C:\Windows\System32\WavesGUILib.dll
2010-11-29 11:31:18 1579520 ----a-w- C:\Windows\System32\drivers\athrx.sys
2010-11-28 21:50:24 88576 ----a-w- C:\nircmd.exe
2010-11-25 19:14:38 54552 ----a-w- C:\Windows\System32\pxc40pm.dll
2010-11-23 23:45:42 1247848 ----a-w- C:\Windows\System32\RTCOM64.dll
2010-11-22 16:39:10 626792 ----a-w- C:\Windows\System32\RtkApi64.dll
2010-11-12 23:53:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-11-11 18:27:00 83048 ----a-w- C:\Windows\System32\RCoInst64.dll
2010-11-11 18:16:51 230352 ----a-w- C:\Windows\System32\drivers\truecrypt.sys
2010-11-08 12:31:30 375128 ----a-w- C:\Windows\System32\RTEEP64A.dll
2010-11-08 12:31:30 101208 ----a-w- C:\Windows\System32\RTEEL64A.dll
2010-11-08 12:31:28 78680 ----a-w- C:\Windows\System32\RTEEG64A.dll
2010-11-08 12:31:28 310104 ----a-w- C:\Windows\System32\RP3DHT64.dll
2010-11-08 12:31:28 310104 ----a-w- C:\Windows\System32\RP3DAA64.dll
2010-11-08 12:31:28 204120 ----a-w- C:\Windows\System32\RTEED64A.dll
2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll
2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec
2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-11-03 23:31:14 1146984 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2010-11-03 23:31:02 332392 ----a-w- C:\Windows\System32\RtlCPAPI64.dll
2010-11-03 23:30:40 149608 ----a-w- C:\Windows\System32\RtkCfg64.dll
2010-11-02 05:21:51 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2010-11-02 05:18:59 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2010-11-02 05:18:59 229888 ----a-w- C:\Windows\System32\XpsRasterService.dll
2010-11-02 05:18:58 470016 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2010-11-02 05:12:53 1133568 ----a-w- C:\Windows\System32\FntCache.dll
2010-11-02 05:12:25 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2010-11-02 05:12:08 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll
2010-11-02 05:12:07 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll
2010-11-02 05:12:06 902656 ----a-w- C:\Windows\System32\d2d1.dll
2010-11-02 05:12:06 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
2010-11-02 04:59:08 144384 ----a-w- C:\Windows\System32\cdd.dll
2010-11-02 04:41:36 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2010-11-02 04:41:36 283648 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2010-11-02 04:41:36 135168 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll
2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-11-02 04:35:51 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2010-11-02 04:35:35 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2010-11-02 04:35:34 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2010-11-02 04:35:34 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2010-11-02 04:35:34 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-11-02 02:50:58 258048 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2010-10-29 15:29:30 1937312 ----a-w- C:\Windows\System32\FMAPO64.dll
2010-10-28 17:23:08 2807936 ----a-w- C:\Windows\System32\BootMan.exe
2010-10-28 17:23:06 2217088 ----a-w- C:\Windows\SysWow64\BootMan.exe
2010-10-28 15:46:10 1251944 ----a-w- C:\Windows\RtlExUpd.dll
2010-10-27 18:28:46 11320 ----a-w- C:\Windows\help\OEM\Scripts\HPSARedirectorLauncher.exe
2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-10-26 15:36:47 44 ----a-w- C:\Users\Frank\KillTask.bat

============= FINISH: 13:45:57.78 ===============

 

Arie, sorry -- my oversight. I didn't realize the DDS wasn't complete and I copied from the DOS window. Copied below are the DDS.txt and Attach.txt files.

======================================


DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Frank at 20:35:04.92 on Fri 01/21/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3838.2325 [GMT -5:00]

AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Zentimo\ZentimoService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Zentimo\Zentimo.exe
C:\Program Files\Hidden Menu\HiddenMenu.exe
C:\Program Files (x86)\Free Wallpaper Changer\CDWC.exe
C:\Windows\explorer.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Software Informer\softinfo.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Process Lasso\processgovernor.exe
C:\Program Files\Process Lasso\processlasso.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files\Listary\Listary.exe
C:\Program Files\Iconoid\iconoid64.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files\Listary\Listary32helper.exe
C:\Program Files (x86)\Microtek\ScanWizard 5\ScannerFinder.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\QuickMonth Calendar\qmc.exe
C:\Program Files (x86)\palmOne\HOTSYNC.EXE
C:\Program Files (x86)\PopTray\PopTray.exe
C:\Program Files\ShellFolderFix\ShellFolderFixUI.exe
C:\Program Files (x86)\TheSage\TheSage.exe
C:\Program Files (x86)\YoWindow\yowindow.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Dicter\DicterService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\EditPadLite\EditPadLite.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Dicter\Dicter.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Frank\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = Preserve
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
BHO: IEPlugin Class: {11222041-111b-46e3-bd29-efb2449479b1} - C:\PROGRA~2\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL
BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
uRun: [SystemExplorer]
uRun: [Zentimo xStorage Manager] C:\Program Files (x86)\Zentimo\Zentimo.exe /startup
uRun: [Hidden Menu] C:\Program Files\Hidden Menu\HiddenMenu.exe
uRun: [Wallpaper Manager] C:\Program Files (x86)\Free Wallpaper Changer\CDWC.exe -startup
uRun: [Software Informer] "C:\Program Files (x86)\Software Informer\softinfo.exe" -autorun
uRun:
[Listary] "C:\Program Files\Listary\Listary.exe "
uRun: [Iconoid] "C:\Program Files\Iconoid\iconoid64.exe "
uRun: [AntiFreeze] C:\Program Files\AntiFreeze\AntiFreeze.exe /splash
uRun: [fsm]
uRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [DicterRu] C:\Program Files (x86)\Dicter\Dicter.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe "
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
StartupFolder: C:\Users\Frank\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\HOTSYN~1.LNK - C:\Program Files (x86)\palmOne\HOTSYNC.EXE
StartupFolder: C:\Users\Frank\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PopTray.lnk - C:\Program Files (x86)\PopTray\PopTray.exe
StartupFolder: C:\Users\Frank\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SHELLF~1.LNK - C:\Program Files\ShellFolderFix\ShellFolderFixUI.exe
StartupFolder: C:\Users\Frank\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\THESAG~1.LNK - C:\Program Files (x86)\TheSage\TheSage.exe
StartupFolder: C:\Users\Frank\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\YoWindow.lnk - C:\Program Files (x86)\YoWindow\yowindow.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROT~1.LNK - C:\Program Files (x86)\Microtek\ScanWizard 5\ScannerFinder.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKM~1.LNK - C:\Program Files (x86)\QuickMonth Calendar\qmc.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\~DISAB~1\MICROS~2.LNK - C:\Program Files (x86)\MS Office 95\Office\FASTBOOT.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\~DISAB~1\MICROS~1.LNK - C:\Program Files (x86)\MS Office XP\Office10\OSA.EXE
uPolicies-explorer: NoThumbnailCache = 1 (0x1)
uPolicies-explorer: HideClock = 0 (0x0)
uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
uPolicies-explorer: NoCommonGroups = 0 (0x0)
uPolicies-explorer: NoPrinters = 0 (0x0)
uPolicies-explorer: NoRecentDocsNetHood = 0 (0x0)
uPolicies-explorer: NoChangeAnimation = 0 (0x0)
uPolicies-explorer: NoThemesTab = 0 (0x0)
uPolicies-system: NoSecCpl = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
uPolicies-system: NoVisualStyleChoice = 0 (0x0)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: NoResolveTrack = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
Trusted Zone: aol.com\free
Trusted Zone: esl.org
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?40435.6676851852
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: {7BC77401-5212-4B2C-8238-2AF79A39494B} = 208.67.222.222,208.67.220.220
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB-X64: {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - No File
TB-X64: {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File
TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
mRun-x64: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe "

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/reader/view/#stream/user%2F18070088024285993000%2Fstate%2Fcom.google%2Freading-list
FF - prefs.js: network.proxy.type - 2
FF - component: C:\Program Files (x86)\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox\components\nsURLRecordEx.dll
FF - component: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll
FF - component: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - component: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\extensions\optout@dubfire.net\lib\WINNT\ff3\AbineComponent.dll
FF - plugin: C:\Program Files (x86)\Adobe Acrobat 6.0\Acrobat\browser\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: C:\program files (x86)\mozilla firefox\plugins\np_gp.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Users\Frank\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Users\Frank\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
FF - plugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\maz74s9a.Default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll
FF - plugin: C:\Users\Frank\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Frank\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Users\Frank\AppData\Local\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: CoolPreviews : {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} - %profile%\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
FF - Ext: FireDownload: firedownload@mozilla.org - %profile%\extensions\firedownload@mozilla.org
FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF - Ext: Forecastbar Enhanced: {3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8} - %profile%\extensions\{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}
FF - Ext: Nightly Tester Tools: {8620c15f-30dc-4dba-a131-7c5d20cf4a29} - %profile%\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}
FF - Ext: PriceBlink: info@priceblink.com - %profile%\extensions\info@priceblink.com
FF - Ext: Read It Later: isreaditlater@ideashower.com - %profile%\extensions\isreaditlater@ideashower.com
FF - Ext: Nuke Anything Enhanced: {1ced4832-f06e-413f-aa14-9eb63ad40ace} - %profile%\extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}
FF - Ext: FireShot: {0b457cAA-602d-484a-8fe7-c1d894a011ba} - %profile%\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF - Ext: Tooltip Plus: {f2e5baa8-0711-4113-830c-1b3debd6f2a5} - %profile%\extensions\{f2e5baa8-0711-4113-830c-1b3debd6f2a5}
FF - Ext: SmoothWheel (mozdev.org): {5F590AA2-1221-4113-A6F4-A4BB62414FAC} - %profile%\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
FF - Ext: SmoothWheel (AMO): {5F590AA2-1221-4113-A6F4-A4BB62414FAC} - %profile%\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
FF - Ext: Organize Status Bar: {35106bca-6c78-48c7-ac28-56df30b51d2c} - %profile%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2c}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Greasefire: greasefire@skrul.com - %profile%\extensions\greasefire@skrul.com
FF - Ext: <?xmlversion=1.0?><RDF xmlns=http://www.w3.org/1999/02/22-rdf-syntax-ns# xmlns:em=http://www.mozilla.org/2004/em-rdf#><Description about=urn:mozilla:install-manifest><em:id>{1dacc1f2-0e39-4c79-8b10-aa2f18025bf3}: {1dacc1f2-0e39-4c79-8b10-aa2f18025bf3} - %profile%\extensions\{1dacc1f2-0e39-4c79-8b10-aa2f18025bf3}
FF - Ext: Bookmarks Toolbar Button: bookmarks-button@design-noir.de - %profile%\extensions\bookmarks-button@design-noir.de
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Clear Cache Button: {563e4790-7e70-11da-a72b-0800200c9a66} - %profile%\extensions\{563e4790-7e70-11da-a72b-0800200c9a66}
FF - Ext: Context Font: contextfont@easel.org - %profile%\extensions\contextfont@easel.org
FF - Ext: Theme Font Size Changer: {f69e22c7-bc50-414a-9269-0f5c344cd94c} - %profile%\extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}
FF - Ext: Reader: {20068ab2-1901-4140-9f3c-81207d4dacc4} - %profile%\extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}
FF - Ext: gTranslator: jyboy.yy@gmail.com - %profile%\extensions\jyboy.yy@gmail.com
FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - %profile%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
FF - Ext: Resurrect Pages: {0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3} - %profile%\extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}
FF - Ext: Searchbar Autosizer: {655397ca-4766-496b-b7a8-3a5b176ee4c2} - %profile%\extensions\{655397ca-4766-496b-b7a8-3a5b176ee4c2}
FF - Ext: Screengrab: {02450954-cdd9-410f-b1da-db804e18c671} - %profile%\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
FF - Ext: Window Shopper - Powered by Superfish: superfish@superfish.com - %profile%\extensions\superfish@superfish.com
FF - Ext: PriceTrace: {72938f90-8d8a-11de-8a39-0800200c9a66} - %profile%\extensions\{72938f90-8d8a-11de-8a39-0800200c9a66}
FF - Ext: iReader: ireader@samabox.com - %profile%\extensions\ireader@samabox.com
FF - Ext: My-Translator: My-Translator@eugenche.com - %profile%\extensions\My-Translator@eugenche.com
FF - Ext: Inline Translator: itrans@tenshi - %profile%\extensions\itrans@tenshi
FF - Ext: QuoteURLText: quoteurltext@jay.palat - %profile%\extensions\quoteurltext@jay.palat
FF - Ext: Force-TLS: forcetls@sid.stamm - %profile%\extensions\forcetls@sid.stamm
FF - Ext: Tab Mix Plus: {dc572301-7619-498c-a57d-39143191b318} - %profile%\extensions\{dc572301-7619-498c-a57d-39143191b318}
FF - Ext: TinEye Reverse Image Search: tineye@ideeinc.com - %profile%\extensions\tineye@ideeinc.com
FF - Ext: Default Full Zoom Level: {D9A7CBEC-DE1A-444f-A092-844461596C4D} - %profile%\extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D}
FF - Ext: Google Shortcuts: {5C46D283-ABDE-4dce-B83C-08881401921C} - %profile%\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}
FF - Ext: CustomizeGoogle: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} - %profile%\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
FF - Ext: TACO with Abine: optout@dubfire.net - %profile%\extensions\optout@dubfire.net
FF - Ext: Ghostery: firefox@ghostery.com - %profile%\extensions\firefox@ghostery.com
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Freecorder Community Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - %profile%\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - Ext: <?xmlversion=1.0?><RDF xmlns=http://www.w3.org/1999/02/22-rdf-syntax-ns# xmlns:em=http://www.mozilla.org/2004/em-rdf#><Description about=urn:mozilla:install-manifest><em:id>{a61d3d1d-590c-4922-870c-01229628052b}: {a61d3d1d-590c-4922-870c-01229628052b} - %profile%\extensions\{a61d3d1d-590c-4922-870c-01229628052b}
FF - Ext: Google Dictionary and Google Translate: googledictionary@toptip.ca - %profile%\extensions\googledictionary@toptip.ca
FF - Ext: DictionarySearch: {a0faa0a4-f1a7-4098-9a74-21efc3a92372} - %profile%\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372}
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: Internet Video Downloader: {B728AB94-9BC7-49b7-B76A-422BB31B2FD0} - C:\Program Files (x86)\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

============= SERVICES / DRIVERS ===============

R0 hotcore3;hc3ServiceName;C:\Windows\System32\drivers\hotcore3.sys [2010-9-16 37456]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\System32\drivers\tdrpm273.sys [2011-1-14 1263200]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-1-13 273488]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-1-4 98208]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-1-14 3246040]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-1-13 20560]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-1-13 62032]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-1-13 40384]
R2 DicterUpdateService;Dicter Service;C:\Program Files (x86)\Dicter\DicterService.exe [2010-11-4 468992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2010-7-18 14112]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-1-19 2250616]
R2 ZentimoService;Zentimo Assistant;C:\Program Files (x86)\Zentimo\ZentimoService.exe [2010-12-2 524248]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2011-1-14 285280]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2010-1-27 139616]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-1-27 34872]
R3 UsbFltr;WayTech USB Filter Driver;C:\Windows\System32\drivers\UsbFltr.sys [2007-4-9 12288]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S0 PCGenFAM;PCGenFAM;C:\Windows\System32\drivers\PCGenFAM.sys [2010-10-20 198600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SolutoService;Soluto PCGenome Core Service;C:\Program Files\Soluto\SolutoService.exe [2010-10-12 330784]
S3 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
S3 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-1-27 203264]
S3 cpuz134;cpuz134;C:\Program Files (x86)\PC Wizard 2010\pcwiz_x64.sys [2010-11-22 21480]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2010-12-8 16776]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2010-12-8 9096]
S3 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-28 136176]
S3 Jasmio.MediaCenter.Service;Media Center Support Service;C:\Program Files\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe [2009-11-10 73144]
S3 PSVolAcc;PSVolAcc;C:\Windows\System32\drivers\PSVolAcc.sys [2010-9-28 12768]
S3 QuickPDFTCPService0719;Quick PDF Tools Background Service;C:\Program Files (x86)\Quick PDF Tools\QuickPDFTCP0719.exe [2010-4-27 1899008]
S3 VhdAttach;VHD Attach;C:\Program Files\VHD Attach\VhdAttachService.exe [2010-11-14 151040]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-17 1255736]

=============== Created Last 30 ================

2011-01-21 15:26:04 7844688 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{A6B405FD-AF58-493F-9EF2-5DDCA48BE606}\mpengine.dll
2011-01-19 16:14:54 -------- d-----w- C:\Users\Frank\AppData\Roaming\LockHunter
2011-01-19 16:12:52 -------- d-----w- C:\Program Files\LockHunter
2011-01-19 16:02:22 -------- d-----w- C:\Users\Frank\AppData\Roaming\JPEGsnoop
2011-01-18 18:35:42 -------- d-----w- C:\Users\Frank\AppData\Local\Martview
2011-01-18 15:28:34 -------- d-----w- C:\Users\Frank\EurekaLog
2011-01-18 15:28:23 14336 ----a-w- C:\Windows\SysWow64\vsmon1.dll
2011-01-18 15:16:38 -------- d-----w- C:\Users\Frank\AppData\Roaming\Expert PDF 7
2011-01-18 14:39:48 -------- d-----w- C:\Program Files (x86)\AnyBizSoft PDFtoWord
2011-01-18 00:46:14 -------- d-----w- C:\Program Files (x86)\Password Generator
2011-01-15 03:24:38 285280 ----a-w- C:\Windows\System32\drivers\afcdp.sys
2011-01-15 03:24:32 1263200 ----a-w- C:\Windows\System32\drivers\tdrpm273.sys
2011-01-15 03:24:24 943712 ----a-w- C:\Windows\System32\drivers\timntr.sys
2011-01-14 22:54:05 -------- d-----w- C:\Program Files (x86)\Spindle Search
2011-01-14 22:32:11 -------- d-----w- C:\Program Files (x86)\HotKeyz
2011-01-14 21:50:00 -------- d-----w- C:\Program Files (x86)\CreateCard
2011-01-14 03:06:55 277088 ----a-w- C:\Windows\System32\drivers\snapman.sys
2011-01-14 01:55:08 -------- d-----w- C:\Program Files (x86)\NTBackup
2011-01-14 01:03:13 62032 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-01-14 01:02:58 38848 ----a-w- C:\Windows\avastSS.scr
2011-01-13 23:33:12 -------- d-----w- C:\PROGRA~3\SoftSwift
2011-01-13 17:50:07 -------- d-----w- C:\Program Files (x86)\Active HotKeys
2011-01-13 17:47:07 -------- d-----w- C:\Users\Frank\AppData\Roaming\Ethervane
2011-01-13 01:48:07 57344 ----a-w- C:\Windows\SysWow64\CleanMem.exe
2011-01-13 01:48:04 -------- d-----w- C:\Windows\CleanMem
2011-01-13 01:48:04 -------- d-----w- C:\Program Files (x86)\CleanMem
2011-01-12 17:10:17 -------- d-----w- C:\Users\Frank\AppData\Roaming\gimagereader
2011-01-12 17:06:32 -------- d-----w- C:\Program Files (x86)\Tesseract-OCR
2011-01-12 17:05:54 -------- d-----w- C:\Program Files (x86)\gimagereader
2011-01-12 03:21:53 87040 ----a-w- C:\Windows\System32\pdfcmnnt.dll
2011-01-12 03:21:53 137000 ----a-w- C:\Windows\SysWow64\MSMAPI32.OCX
2011-01-12 03:21:48 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL
2011-01-12 03:21:48 -------- d-----w- C:\Program Files (x86)\PDFCreator
2011-01-12 00:25:28 -------- d-----w- C:\Philips
2011-01-12 00:25:14 -------- d-----w- C:\temp
2011-01-12 00:24:42 -------- d-----w- C:\Users\Frank\AppData\Local\Programs
2011-01-12 00:24:20 -------- d-----w- C:\Users\Frank\AppData\Local\ArcSoft
2011-01-12 00:24:02 -------- d-----w- C:\PROGRA~3\ArcSoft
2011-01-12 00:23:40 1645320 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2011-01-11 01:53:48 -------- d-----w- C:\New Folder 1
2011-01-09 02:18:29 -------- d-----w- C:\Program Files (x86)\ExamDiff
2011-01-07 16:20:52 -------- d-----w- C:\Program Files\InstalledCodec
2011-01-07 15:45:52 -------- d-----w- C:\Users\Frank\AppData\Roaming\Zoner
2011-01-07 15:45:52 -------- d-----w- C:\Users\Frank\AppData\Local\Zoner
2011-01-06 21:22:54 -------- d-----w- C:\Users\Frank\AppData\Roaming\PDF Experte 7
2011-01-06 21:21:32 -------- d-----w- C:\PROGRA~3\Avanquest Software
2011-01-06 21:19:37 -------- d-----w- C:\Program Files (x86)\Avanquest
2011-01-06 21:19:37 -------- d-----w- C:\PROGRA~3\Expert PDF Jobs
2011-01-06 21:19:37 -------- d-----w- C:\PROGRA~3\Expert PDF 7
2011-01-06 21:19:37 -------- d-----w- C:\PROGRA~3\Avanquest
2011-01-06 17:01:45 -------- d-----w- C:\Program Files (x86)\Auto Shutdown
2011-01-06 15:28:45 -------- d-----w- C:\Users\Frank\AppData\Roaming\DVD Flick
2011-01-06 15:28:18 -------- d-----w- C:\Program Files (x86)\DVD Flick
2011-01-05 02:21:24 -------- d-----w- C:\Windows\SysWow64\RTCOM
2011-01-04 20:33:38 577536 ----a-w- C:\Windows\soundman.exe
2011-01-04 20:33:38 49152 ----a-w- C:\Windows\SysWow64\ChCfg.exe
2011-01-04 20:33:38 4122368 ----a-r- C:\Windows\SysWow64\drivers\alcxwdm.sys
2011-01-04 20:33:38 147456 ----a-w- C:\Windows\SysWow64\RtlCPAPI.dll
2011-01-04 20:33:37 18804736 ----a-w- C:\Windows\SysWow64\alsndmgr.cpl
2011-01-04 20:33:37 10528768 ----a-w- C:\Windows\SysWow64\RTLCPL.exe
2011-01-04 20:30:31 -------- d-----w- C:\Program Files (x86)\Realtek AC97
2011-01-04 20:30:21 315392 ----a-w- C:\Windows\alcupd.exe
2011-01-04 20:30:21 217088 ----a-w- C:\Windows\alcrmv.exe
2011-01-04 17:02:07 -------- d-----w- C:\Program Files (x86)\MP3Gain
2011-01-04 16:23:59 -------- d-----w- C:\Program Files (x86)\The KMPlayer
2011-01-04 16:18:22 191488 ----a-w- C:\Windows\System32\unrar.dll
2011-01-04 16:18:21 136704 ----a-w- C:\Windows\System32\ff_vfw.dll
2011-01-04 16:18:18 -------- d-----w- C:\Program Files\KLCP64
2011-01-01 15:49:03 73728 ----a-w- C:\Windows\SysWow64\TOverlay.ax
2011-01-01 15:49:03 53248 ----a-w- C:\Windows\SysWow64\DSTimeStamp.ax
2011-01-01 15:49:03 40960 ----a-w- C:\Windows\SysWow64\wavdest.ax
2011-01-01 15:49:03 28672 ----a-w- C:\Windows\SysWow64\SpecBarPrj.ocx
2011-01-01 15:49:03 28672 ----a-w- C:\Windows\SysWow64\PCWinSoftPBar.ocx
2011-01-01 15:49:02 630784 ----a-w- C:\Windows\SysWow64\AxisToolBar.ocx
2011-01-01 15:49:02 438976 ----a-w- C:\Windows\SysWow64\MSHFLXGD.OCX
2011-01-01 15:49:02 36864 ----a-w- C:\Windows\SysWow64\Sof2FFTPrj.ocx
2011-01-01 15:49:02 264528 ----a-w- C:\Windows\SysWow64\MPG4DS32.AX
2011-01-01 15:49:02 188416 ----a-w- C:\Windows\SysWow64\UScreenCapture.ax
2011-01-01 15:49:02 126976 ----a-w- C:\Windows\SysWow64\ArielColorCtrl.ocx
2011-01-01 15:49:01 -------- d-----w- C:\Program Files (x86)\1AVCenter
2011-01-01 01:55:02 -------- d-----w- C:\Users\Frank\AppData\Roaming\Soluto
2011-01-01 01:48:55 -------- d-----w- C:\Users\Frank\AppData\Roaming\qliner
2011-01-01 01:31:10 -------- d-----w- C:\Users\Frank\AppData\Roaming\adma
2010-12-31 23:54:03 -------- d-----w- C:\Program Files (x86)\Google Book Downloader
2010-12-31 23:43:19 -------- d-----w- C:\Program Files (x86)\Easy File Joiner
2010-12-31 21:54:20 -------- d-----w- C:\Program Files (x86)\Winsock Repair
2010-12-31 21:50:13 -------- d-----w- C:\Program Files (x86)\cintrep
2010-12-31 21:35:32 -------- d-----w- C:\Program Files\Geosense for Windows
2010-12-31 18:33:05 -------- d-----w- C:\Program Files (x86)\Boxoft PDF to Text (freeware)
2010-12-31 16:44:16 -------- d-----w- C:\Program Files (x86)\Boxoft PDF to HTML (freeware)
2010-12-31 16:41:57 -------- d-----w- C:\Program Files (x86)\gs
2010-12-31 16:40:17 -------- d-----w- C:\Program Files (x86)\Boxoft PDF to JPG (freeware)
2010-12-31 16:14:41 -------- d-----w- C:\Program Files (x86)\A-PDF Text Extractor
2010-12-31 16:12:06 -------- d-----w- C:\Program Files (x86)\Boxoft PDF to WORD (freeware)
2010-12-31 14:57:52 -------- d-----w- C:\PROGRA~3\Boxtools
2010-12-31 14:57:52 -------- d-----w- C:\PROGRA~3\Boxoft
2010-12-31 14:57:47 -------- d-----w- C:\Program Files (x86)\Boxoft Free OCR
2010-12-31 01:01:56 89360 ------w- C:\Windows\SysWow64\VB5DB.DLL
2010-12-31 01:01:51 -------- d-----w- C:\Program Files (x86)\AportisDoc Converter
2010-12-30 16:19:12 -------- d-----w- C:\Users\Frank\.telekast_debug
2010-12-30 16:18:53 -------- d-----w- C:\Users\Frank\AppData\Roaming\Lightscape
2010-12-30 16:18:53 -------- d-----w- C:\Users\Frank\AppData\Local\Lightscape
2010-12-30 16:18:44 -------- d-----w- C:\Program Files (x86)\TeleKast
2010-12-29 15:32:58 -------- d-----w- C:\Program Files (x86)\Gmer
2010-12-29 15:27:08 -------- d-----w- C:\Program Files (x86)\TDSSKiller
2010-12-28 19:43:07 -------- d-----w- C:\Users\Frank\AppData\Local\Adobe
2010-12-28 19:32:01 -------- d-----w- C:\Windows\SysWow64\spool
2010-12-28 18:28:18 -------- d-----w- C:\Program Files (x86)\Advanced Word to Pdf Converter Free
2010-12-28 18:25:19 -------- d-----w- C:\Program Files (x86)\EULAlyzer
2010-12-28 14:21:56 -------- d-----w- C:\Program Files (x86)\Simpo PDF to PowerPoint
2010-12-28 01:18:50 -------- d-----w- C:\Program Files (x86)\Awesome Duplicate Photo Finder
2010-12-27 22:14:12 -------- d-----w- C:\Program Files (x86)\Freemake
2010-12-27 13:29:36 -------- d-----w- C:\Users\Frank\.smplayer
2010-12-27 13:28:22 -------- d-----w- C:\Program Files (x86)\SMPlayer
2010-12-23 03:02:45 -------- d-----w- C:\Users\Frank\AppData\Roaming\PriceGong
2010-12-23 03:02:37 -------- d-----w- C:\Users\Frank\AppData\Local\Conduit
2010-12-23 03:02:36 -------- d-----w- C:\Users\Frank\AppData\Local\Freecorder
2010-12-23 03:02:36 -------- d-----w- C:\Users\Frank\AppData\Local\ConduitEngine

==================== Find3M ====================

2010-12-30 16:59:18 2690280 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2010-12-29 19:30:48 2828904 ----a-w- C:\Windows\System32\RtkAPO64.dll
2010-12-28 20:51:32 608768 ----a-w- C:\Windows\System32\RCoRes64.dat
2010-12-26 22:38:34 26504 ----a-w- C:\Windows\System32\drivers\eufs.sys
2010-12-26 22:38:30 17800 ----a-w- C:\Windows\System32\drivers\eudskacs.sys
2010-12-26 22:38:28 36232 ----a-w- C:\Windows\System32\drivers\eubakup.sys
2010-12-26 22:38:24 193416 ----a-w- C:\Windows\System32\drivers\EuDisk.sys
2010-12-22 16:28:34 2328168 ----a-w- C:\Windows\System32\RtPgEx64.dll
2010-12-20 23:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-12-07 13:08:24 684544 ----a-w- C:\Windows\yowindow.scr
2010-12-02 03:35:18 4280320 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2010-11-29 23:47:42 2578576 ----a-w- C:\Windows\System32\WavesGUILib.dll
2010-11-29 11:31:18 1579520 ----a-w- C:\Windows\System32\drivers\athrx.sys
2010-11-28 21:50:24 88576 ----a-w- C:\nircmd.exe
2010-11-25 19:14:38 54552 ----a-w- C:\Windows\System32\pxc40pm.dll
2010-11-23 23:45:42 1247848 ----a-w- C:\Windows\System32\RTCOM64.dll
2010-11-22 16:39:10 626792 ----a-w- C:\Windows\System32\RtkApi64.dll
2010-11-12 23:53:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-11-11 18:27:00 83048 ----a-w- C:\Windows\System32\RCoInst64.dll
2010-11-11 18:16:51 230352 ----a-w- C:\Windows\System32\drivers\truecrypt.sys
2010-11-08 12:31:30 375128 ----a-w- C:\Windows\System32\RTEEP64A.dll
2010-11-08 12:31:30 101208 ----a-w- C:\Windows\System32\RTEEL64A.dll
2010-11-08 12:31:28 78680 ----a-w- C:\Windows\System32\RTEEG64A.dll
2010-11-08 12:31:28 310104 ----a-w- C:\Windows\System32\RP3DHT64.dll
2010-11-08 12:31:28 310104 ----a-w- C:\Windows\System32\RP3DAA64.dll
2010-11-08 12:31:28 204120 ----a-w- C:\Windows\System32\RTEED64A.dll
2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll
2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec
2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-11-03 23:31:14 1146984 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2010-11-03 23:31:02 332392 ----a-w- C:\Windows\System32\RtlCPAPI64.dll
2010-11-03 23:30:40 149608 ----a-w- C:\Windows\System32\RtkCfg64.dll
2010-11-02 05:21:51 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2010-11-02 05:18:59 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2010-11-02 05:18:59 229888 ----a-w- C:\Windows\System32\XpsRasterService.dll
2010-11-02 05:18:58 470016 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2010-11-02 05:12:53 1133568 ----a-w- C:\Windows\System32\FntCache.dll
2010-11-02 05:12:25 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2010-11-02 05:12:08 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll
2010-11-02 05:12:07 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll
2010-11-02 05:12:06 902656 ----a-w- C:\Windows\System32\d2d1.dll
2010-11-02 05:12:06 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
2010-11-02 04:59:08 144384 ----a-w- C:\Windows\System32\cdd.dll
2010-11-02 04:41:36 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2010-11-02 04:41:36 283648 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2010-11-02 04:41:36 135168 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll
2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-11-02 04:35:51 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2010-11-02 04:35:35 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2010-11-02 04:35:34 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2010-11-02 04:35:34 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2010-11-02 04:35:34 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-11-02 02:50:58 258048 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2010-10-29 15:29:30 1937312 ----a-w- C:\Windows\System32\FMAPO64.dll
2010-10-28 17:23:08 2807936 ----a-w- C:\Windows\System32\BootMan.exe
2010-10-28 17:23:06 2217088 ----a-w- C:\Windows\SysWow64\BootMan.exe
2010-10-28 15:46:10 1251944 ----a-w- C:\Windows\RtlExUpd.dll
2010-10-27 18:28:46 11320 ----a-w- C:\Windows\help\OEM\Scripts\HPSARedirectorLauncher.exe
2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-10-26 15:36:47 44 ----a-w- C:\Users\Frank\KillTask.bat

============= FINISH: 20:36:28.57 ===============




UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/16/2010 3:31:32 PM
System Uptime: 1/21/2011 12:35:43 PM (8 hours ago)

Motherboard: Hewlett-Packard | | Capirona
Processor: AMD Athlon(tm) II X2 250 | Socket S1G2 | 800/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 288 GiB total, 229.804 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 1.523 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 466 GiB total, 140.47 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP488: 1/15/2011 9:52:06 PM - Nightly restore point
RP489: 1/16/2011 8:44:17 PM - Nightly restore point
RP490: 1/17/2011 11:23:24 PM - Nightly restore point
RP491: 1/18/2011 10:07:28 AM - Installed eXPert PDF 5
RP492: 1/18/2011 10:15:31 AM - Installed eXPert PDF 7
RP493: 1/18/2011 10:25:20 AM - Removed eXPert PDF 7
RP494: 1/18/2011 10:27:53 AM - Installed eXPert PDF 5
RP495: 1/18/2011 12:20:29 PM - Removed eXPert PDF 5
RP496: 1/18/2011 12:29:02 PM - Installed eXPert PDF 5
RP497: 1/18/2011 1:07:02 PM - Removed eXPert PDF 5
RP498: 1/18/2011 1:35:17 PM - Installed MartView
RP499: 1/18/2011 9:18:27 PM - Windows Backup
RP500: 1/18/2011 9:20:55 PM - Nightly restore point
RP501: 1/19/2011 4:40:28 PM - Removed Macrium Reflect - Free Edition
RP502: 1/19/2011 4:49:17 PM - Removed Internet TV for Windows Media Center
RP503: 1/21/2011 10:24:49 AM - Windows Update

==== Installed Programs ======================

123 Free Solitaire 2009 v7.2
1AVCenter version 2.2.7.21
A-PDF Text Extractor 1.3
ABBYY FineReader 6.0 Sprint
ABBYY FineReader OCR Engine for Microtek
ABC Amber LIT Converter
Acronis True Image Home
ActiveCheck component for HP Active Support Library
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 6.0.1 Professional
Adobe Acrobat and Reader 6.0.3 Update
Adobe Acrobat and Reader 6.0.4 Update
Adobe Acrobat and Reader 6.0.5 Update
Adobe Acrobat and Reader 6.0.6 Update
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Advanced SystemCare 3
Aimersoft Video Converter Std(Build 4.0.0.0)
Aiseesoft DVD Ripper 6.1.10
Album Cover Art Downloader 1.6.6
AMD USB Filter Driver
Any Audio Converter 3.0.7
Any Video Converter 3.1.2
AnyBizSoft PDF to Word (Build 2.5.3)
AnyBizSoft PDF to Word (Build 3.0.0)
AportisDoc Converter
Artensoft Photo Mosaic Wizard
Ashampoo Burning Studio 2010 Advanced
Ashampoo Photo Commander 7.40
Ashampoo Snap 3.50
Aspell English Dictionary-0.50-2
Aspell French Dictionary-0.50-3
Aspell German Dictionary-0.50-2
Aspell Italian Dictionary-0.50-2
Aspell Spanish Dictionary-0.50-2
Asterisk Key 10.0
Audacity 1.3.12 (Unicode)
Auslogics Disk Defrag
AV Album Art Fixer
avast! Free Antivirus
Awesome Duplicate Photo Finder v. 1.0
Balabolka
Belarc Advisor 8.1
Boxee
Boxoft Free OCR (freeware)
Boxoft PDF to HTML (freeware)
Boxoft PDF to JPG (freeware)
Boxoft PDF to Text (freeware)
Boxoft PDF to WORD (freeware)
Burlington's CD Design Creator
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
cdTree 3 Standard Edition 3.1.4 Std
CleanMem
Compatibility Pack for the 2007 Office system
Conduit Engine
ConvertLIT Graphical User Interface 2.0
CoreDownload Free Wallpaper Changer 2.1
Daniusoft MOD Converter(Build 2.1.0.1)
DICTER 3.05
DirectX for Managed Code Update (Summer 2004)
Disketch CD Label Software
DivX Setup
Do It Again
DriverMax 5
DVD Flick 1.3.0.7
DVD Shrink 3.2
EASEUS Data Recovery Wizard Free Edition 5.0.1
EASEUS Partition Master 6.5.1 Professional
East-Tec Eraser 2010 Version 9.9
Easy File Joiner
ERUNT 1.1j
EULAlyzer 2.0
ExamDiff 1.8 (Build 1.8.0.7)
FFmpeg 2009-01-08 for Audacity
FFmpeg for Audacity on Windows
FILEminimizer Pictures
FormatFactory 2.50
FotoSketcher 1.97
Free DVD Creator version 2.0
Free PDF to Word Doc Converter v1.1
Freecorder
Freecorder Toolbar
Freemake Video Converter version 2.0.0
French Spelling Settings
Gadwin PrintScreen
Gentibus CD 1.49
GNU Aspell 0.50-3
GoGear VIBE Device Manager
Goodsol Solitaire 101 Version 2.01
Google Book Downloader
Google Earth
Google Earth Plug-in
Google Talk (remove only)
Google Talk Plugin
Google Update Helper
GPL Ghostscript 8.71
GPL Ghostscript Lite 8.70
Graph paper printer
Gyazo 0.2
Handy CD Ripper version 2.5.5
HD Video Converter Factory Pro
HostsMan 3.2.73
HotKeyz 2.8.3
HP Advisor
HP Customer Experience Enhancements
HP LaserJet P1000 series
HP Odometer
HP Remote Solution
HP Support Assistant
HP Support Information
HP Update
HPAsset component for HP Active Support Library
hppMSRedist
hppusgP1000
HPSSupply
Hulu Desktop
Iconoid version 3.8.6
ImageConverter Plus 8.0
Inpaint 2.4.1
IrfanView (remove only)
ISpell 1.1.1
IZArc 4.1.2
Java Auto Updater
Java(TM) 6 Update 23
Jet Screenshot v 2.3
JS Text File Merger
Just Great Software EditPad Lite 6.5.2
K-Lite Codec Pack 6.7.0 (Standard)
Karen's Directory Printer
Karen's Version Browser
L&H TTS3000 British English
L&H TTS3000 Deutsch
L&H TTS3000 Español
L&H TTS3000 Français
L&H TTS3000 Italiano
L&H TTS3000 Nederlands
LAME v3.98.2 for Audacity
Lernout & Hauspie TruVoice American English TTS Engine
LightScribe System Software
MacX HD Video Converter Pro For Windows 3.10.2
MakeitOne - MP3AlbumMaker
Malwarebytes' Anti-Malware
MarketResearch
Media Converter for Philips
MediaMonkey 3.2
Mendeley Desktop 0.9.7.1
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional
Microsoft Office Word Viewer 2003
Microsoft Office XP Professional
Microsoft Reader
Microsoft Silverlight
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual C++ Run Time Lib Setup
Moo0 Mp3InfoEditor 1.17
Mouse Recorder Pro 2.0.5.0
MozBackup 1.4.10
Mozilla Firefox (3.6.10)
Mozilla Firefox (3.6.13)
Mozilla Thunderbird (3.1.7)
MP3 Converter V4.7.0
Mp3 Tag Tools v1.2
Mp3tag v2.46a
MpcStar 4.9
MPlayer for Windows (Full Package)
MrvlUsgTracking
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NirSoft BlueScreenView
Palm Desktop
PC Wizard 2010.1.96
PDFCreator
Photocopier 3.05
PhotoWipe 1.0
Picasa 3
PL-2303 USB-to-Serial
PopTray 3.20
PrintFolder 1.3
Process Lasso
Quick PDF Tools 2.1.5.9
QuickMonth Calendar 2.1
QuickTime Alternative 3.2.2
Real Alternative 2.0.2
Realtek AC'97 Audio
Realtek High Definition Audio Driver
Recovery Manager
Rename Master
Revo Uninstaller 1.91
SA32xx Device Manager
Scanned Text Editor 1
ScanWizard 5
SecondRun.tv
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
SetFileDate 2.0
Sikuli
Simpo PDF to PowerPoint 1.0.0.1
Simpo PDF to Word 2.1.1.0
SIW version 2009-09-09
Sketch It! 3.1
SMPlayer 0.6.9
SnowFox Total Video Converter 2.1.1.0
Software Informer 1.0 BETA
SpeedFan (remove only)
SpywareBlaster 4.4
Stalled Printer Repair 1.2
System Explorer 2.3.7
TeamViewer 6
Tesseract-OCR 3.00 - open source OCR engine
The KMPlayer (remove only)
TheSage
TrueCrypt
TWC Customer Controls
TXTcollector
VC80CRTRedist - 8.0.50727.4053
VST Bridge 1.1
WildVoice Studio 1.0
Windows Installer Clean Up
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Media Center Add-in for Silverlight
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
Windows Movie Maker 2.6
WinMend Auto Shutdown 1.2.7
WinMerge 2.12.4
WinPatrol
WinScraper Utility 1.0
WinX DVD Ripper Platinum 6.0.0
WinX HD Video Converter Deluxe 3.10.2
Wondershare DVD Slideshow Builder Standard(Build 6.0.4.25)
Yahoo! Desktop Search
YoWindow
Zentimo 1.0

==== Event Viewer Messages From Past Week ========

1/21/2011 12:36:25 PM, Error: Service Control Manager [7000] - The Folder Size service failed to start due to the following error: The system cannot find the file specified.
1/21/2011 12:36:04 PM, Error: Microsoft-Windows-BitLocker-Driver [24620] - Encrypted volume check: Volume information on \\?\Volume{2704b0ca-3543-11df-8130-806e6f6e6963} cannot be read.
1/21/2011 12:36:01 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
1/21/2011 12:36:01 PM, Error: atikmdag [43029] - Display is not active
1/21/2011 12:36:00 PM, Error: volmgr [46] - Crash dump initialization failed!
1/21/2011 12:31:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
1/21/2011 12:31:12 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
1/21/2011 12:30:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CryptSvc service.
1/21/2011 12:17:40 PM, Error: srv [2000] - The server's call to a system service failed unexpectedly.
1/20/2011 8:53:05 PM, Error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.
1/19/2011 8:13:26 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {0C0A3666-30C9-11D0-8F20-00805F2CD064} and APPID {9209B1A6-964A-11D0-9372-00A0C9034910} to the user Franks-PC\Frank SID (S-1-5-21-1554658206-2804524318-1847147138-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
1/19/2011 10:56:43 PM, Error: Service Control Manager [7043] - The Acronis Nonstop Backup Service service did not shut down properly after receiving a preshutdown control.
1/18/2011 8:28:34 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
1/18/2011 8:28:31 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
1/18/2011 8:24:33 PM, Error: Service Control Manager [7034] - The Macrium Reflect Image Mounting Service service terminated unexpectedly. It has done this 1 time(s).
1/18/2011 6:15:18 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

==== End Of File ===========================

 

HELP! ComboFix would not finish after running it twice, so I followed instructions and switched to Safe Mode (minimal) and ran it. It didn't finish there either. I then rebooted, but my PC reopened in Safe Mode!!!! Now I can't get it to reboot normally. I tried msconfig and checked Start normally, and unchecked Safe Mode, but I can't check any other options. It doesn't respond to mouse clicks to make these changes permanent or anything else. I'm stuck in Safe Mode. Is there a fix for this? (Starting to panic).

Frank D

PS I'm using my XP computer to write this.

 

OK, we can call the dogs off. The patient died.

I called the mfr's hotline. They tried everything and failed. Result: I had to run the Restore feature, which returned my Win7 PC to factory condition. Oh well, no more viruses, if there were any.

Next I get to try my full system backup and see if that works. Never had to use one before.

Frank D

 

Success with restoring system!

Thanks, Broni. Your wishes may have helped.

My PC has been successfully restored to the exact state it was in yesterday morning, before I started testing for malware. My full system with all whistles and bells working was restored from an Acronis True Image Home 2010, non-stop backup (which saves incrementally to disk every 5 minutes and consolidates everything into the previous full backup every 24 hours). Coincidentally I had purchased and installed it only 9 days before. What timing! I had hoped I'd never have to test it in the real world, but today I did and it worked. Needless to say, I'm not going to tempt fate by running any more tests. The system is working fine except for that one website I can't access, which I can get to from my WinXP machine.

Thank you again for your help!

Frank