Okay, I did all the scans and followed all directions:
First, my computer seems to be working fine. The only problem that I can think of is the IE7 keeps crashing, or at least it did, I haven't used it in days...
Combofix log:
ComboFix 09-01-21.04 - Tyler 2009-01-29 20:27:42.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1493 [GMT -5:00]
Running from: c:\documents and settings\Tyler\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Tyler\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1296 [VPS 090129-0] *On-access scanning disabled* (Updated)
* Created a new restore point
FILE ::
c:\windows\~GLC0000.TMP
c:\windows\~GLC0001.TMP
c:\windows\~GLC0002.TMP
c:\windows\~GLC0004.TMP
c:\windows\~GLC0005.TMP
c:\windows\~GLC0006.TMP
c:\windows\~GLC0007.TMP
c:\windows\~GLH0000.TMP
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\~GLC0000.TMP
c:\windows\~GLC0001.TMP
c:\windows\~GLC0002.TMP
c:\windows\~GLC0004.TMP
c:\windows\~GLC0005.TMP
c:\windows\~GLC0006.TMP
c:\windows\~GLC0007.TMP
c:\windows\~GLH0000.TMP
.
((((((((((((((((((((((((( Files Created from 2008-12-28 to 2009-01-30 )))))))))))))))))))))))))))))))
.
2009-01-29 20:07 . 2009-01-29 20:08 <DIR> d-------- c:\program files\ERUNT
2009-01-28 18:53 . 2009-01-28 18:53 <DIR> d-------- c:\documents and settings\Tyler\.GalleryRemote
2009-01-25 23:01 . 2009-01-25 23:01 <DIR> d-------- c:\program files\Adobe Audition 2.0 Classroom In A Book
2009-01-25 19:59 . 2009-01-25 19:59 0 --a------ c:\windows\DVEdit.INI
2009-01-24 08:27 . 2009-01-24 08:27 <DIR> d-------- C:\vcs5BGEffects
2009-01-23 13:26 . 2009-01-23 13:31 <DIR> d-------- C:\Rooter$
2009-01-23 13:24 . 2009-01-23 13:25 <DIR> d-------- C:\rsit
2009-01-20 11:44 . 2009-01-22 10:29 <DIR> d-------- c:\windows\ie8updates
2009-01-19 17:56 . 2009-01-19 17:56 <DIR> d--hs---- c:\documents and settings\Tyler\PrivacIE
2009-01-19 17:47 . 2007-08-13 18:45 78,336 --a------ c:\windows\system32\ieencode.dll
2009-01-19 17:47 . 2007-08-13 18:45 78,336 --a--c--- c:\windows\system32\dllcache\ieencode.dll
2009-01-19 16:18 . 2009-01-23 17:40 1,374 --a------ c:\windows\imsins.BAK
2009-01-19 14:05 . 2009-01-19 14:23 <DIR> d-------- c:\program files\Rosetta Stone - German I & 2
2009-01-19 02:07 . 2009-01-19 14:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\Rosetta Stone
2009-01-19 00:46 . 1998-09-02 03:02 194,320 --a------ c:\windows\system32\qcut.dll
2009-01-19 00:46 . 1998-08-26 23:51 182,032 --a------ c:\windows\system32\dxtmsft3.dll
2009-01-19 00:46 . 1998-08-20 06:02 140,800 --a------ c:\windows\system32\tm20dec.ax
2009-01-19 00:46 . 1998-09-02 03:28 63,488 --a------ c:\windows\system32\unam4ie.exe
2009-01-19 00:46 . 1998-09-02 03:28 38,160 --a------ c:\windows\system32\LMRTREND.dll
2009-01-19 00:46 . 1998-08-17 04:21 11,776 --a------ c:\windows\system32\mciqtz.drv
2009-01-19 00:46 . 1998-08-17 04:21 10,240 --a------ c:\windows\system32\vidx16.dll
2009-01-19 00:46 . 1998-08-17 04:21 5,672 --a------ c:\windows\system32\quartz.vxd
2009-01-19 00:46 . 2009-01-19 00:46 4,608 --a------ c:\windows\system32\w95inf32.dll
2009-01-19 00:46 . 2009-01-19 00:46 2,272 --a------ c:\windows\system32\w95inf16.dll
2009-01-19 00:45 . 2009-01-19 00:46 <DIR> d-------- C:\TELL ME MORE SI
2009-01-19 00:24 . 2009-01-19 00:24 <DIR> d-------- c:\program files\Intense Language Office
2009-01-19 00:10 . 2009-01-19 01:03 <DIR> d-------- c:\program files\Web Publish
2009-01-19 00:10 . 2009-01-19 00:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\Broderbund Software
2009-01-19 00:10 . 2009-01-19 00:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\Broderbund LLC
2009-01-19 00:06 . 2009-01-19 00:07 <DIR> d-------- c:\program files\Common Files\Broderbund
2009-01-19 00:06 . 1999-04-21 04:08 29,184 --------- c:\windows\system32\Popup.ocx
2009-01-18 23:22 . 2009-01-18 23:26 417 --a------ c:\windows\TLC.INI
2009-01-18 23:13 . 2009-01-18 23:13 351 --a------ c:\windows\ADDICT.CFG
2009-01-18 23:10 . 2009-01-18 23:10 <DIR> d-------- c:\documents and settings\Tyler\Application Data\Cambridge
2009-01-18 23:09 . 2009-01-18 23:09 <DIR> d-------- c:\program files\TEXTware
2009-01-18 23:04 . 2009-01-18 23:04 <DIR> d-------- c:\program files\Cambridge
2009-01-18 23:04 . 2003-01-23 08:41 66,614 --a------ c:\windows\system\TWADIB04.BMP
2009-01-18 16:45 . 2009-01-18 16:45 <DIR> d-------- c:\documents and settings\Tyler\Application Data\Absolutist.com
2009-01-18 16:30 . 2009-01-18 16:41 <DIR> d-------- c:\program files\Checkers
2009-01-18 16:21 . 2009-01-18 16:21 <DIR> d-------- c:\program files\Novel Games
2009-01-18 16:12 . 2009-01-18 16:12 <DIR> d-------- c:\program files\Magicwand
2009-01-18 15:05 . 2009-01-18 15:05 <DIR> d--h----- c:\windows\PIF
2009-01-18 02:52 . 2009-01-18 02:52 <DIR> d-------- c:\program files\Common Files\Download Manager
2009-01-15 22:47 . 2009-01-19 16:09 <DIR> d-------- c:\documents and settings\Administrator
2009-01-15 02:58 . 2009-01-29 18:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\FLEXnet
2009-01-15 02:45 . 2009-01-15 02:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\ALM
2009-01-15 02:24 . 2008-04-07 05:38 45,392 -ra------ c:\windows\system32\AdobePDF.dll
2009-01-15 02:24 . 2008-04-07 05:38 22,872 -ra------ c:\windows\system32\AdobePDFUI.dll
2009-01-15 02:08 . 2009-01-15 02:08 <DIR> d-------- c:\program files\Adobe Media Player
2009-01-15 02:05 . 2009-01-15 02:05 <DIR> d-------- c:\program files\Common Files\Adobe AIR
2009-01-15 01:43 . 2009-01-15 01:43 <DIR> d-------- c:\program files\Common Files\Macrovision Shared
2009-01-14 22:13 . 2009-01-14 22:13 <DIR> d-------- c:\documents and settings\Tyler\Application Data\Corel
2009-01-14 22:13 . 2009-01-14 22:17 2,828 --ahs---- c:\windows\system32\KGyGaAvL.sys
2009-01-14 22:13 . 2009-01-14 22:13 88 -r-hs---- c:\windows\system32\B4A6406724.sys
2009-01-14 22:10 . 2009-01-14 22:10 <DIR> d-------- c:\program files\Corel
2009-01-14 22:10 . 2009-01-14 22:11 <DIR> d-------- c:\program files\Common Files\Corel
2009-01-14 21:43 . 2009-01-14 21:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\Corel
2009-01-14 20:25 . 2009-01-14 20:25 43,520 --a------ c:\windows\system32\CmdLineExt03.dll
2009-01-14 14:52 . 2009-01-14 14:52 <DIR> d-------- C:\YDKJ V1.5 (XL)
2009-01-14 11:57 . 2009-01-14 11:57 <DIR> d-------- c:\program files\ChordWizard Gold 2.0
2009-01-14 03:22 . 2009-01-14 03:22 <DIR> d--hs---- c:\windows\ftpcache
2009-01-14 02:51 . 2009-01-14 17:52 <DIR> d-------- c:\program files\Call of Duty Game of the Year Edition
2009-01-14 02:49 . 2009-01-14 03:10 745 --a------ c:\windows\CoD.INI
2009-01-14 02:34 . 1996-11-05 16:13 299,008 --a------ c:\windows\uninst.exe
2009-01-14 02:33 . 2009-01-14 02:33 <DIR> d-------- c:\documents and settings\Tyler\WINDOWS
2009-01-14 02:24 . 2009-01-14 02:24 <DIR> d-------- c:\documents and settings\Tyler\Application Data\Quark
2009-01-14 02:23 . 2009-01-14 02:23 <DIR> d-------- c:\windows\system32\QuickTime
2009-01-14 02:21 . 2009-01-14 02:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\Quark
2009-01-14 02:05 . 2009-01-14 02:06 <DIR> d-------- c:\program files\War Chess
2009-01-14 01:28 . 2009-01-14 01:28 10 --a------ c:\windows\system32\HCPQMYSGWTM.SYS
2009-01-14 01:26 . 2009-01-14 01:26 <DIR> d-------- c:\program files\D'Accord Music Software
2009-01-13 12:57 . 2009-01-13 12:57 <DIR> d-------- c:\program files\High-Logic
2009-01-13 12:57 . 2009-01-13 12:57 <DIR> d-------- c:\documents and settings\Tyler\Application Data\FontCreator
2009-01-13 04:12 . 2009-01-13 04:13 <DIR> d-------- c:\program files\Common Files\SWF Studio
2009-01-13 04:09 . 2009-01-13 04:09 <DIR> d-------- c:\program files\Jellyvision
2009-01-13 03:51 . 2009-01-13 03:51 <DIR> d-------- c:\program files\ChordWizard Songtrix Gold 3.0
2009-01-13 03:23 . 2009-01-13 03:23 <DIR> d-------- c:\program files\ChordWizard Music Theory 3.0
2009-01-13 03:22 . 2009-01-13 03:22 <DIR> d-------- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-01-13 03:13 . 2009-01-13 03:13 <DIR> d-------- c:\documents and settings\Tyler\Application Data\Thinstall
2009-01-13 03:01 . 2009-01-13 03:01 <DIR> d-------- c:\program files\MSXML 4.0
2009-01-13 02:45 . 2009-01-13 02:46 <DIR> d-------- c:\program files\Winamp
2009-01-13 02:45 . 2009-01-22 12:02 <DIR> d-------- c:\documents and settings\Tyler\Application Data\Winamp
2009-01-13 01:55 . 2009-01-13 01:55 <DIR> d-------- c:\program files\SONY
2009-01-13 01:53 . 2009-01-13 01:53 <DIR> d-------- c:\program files\Summitsoft.Logo.Design.Studio.v3.5
2009-01-13 01:50 . 2009-01-13 01:50 <DIR> d-------- c:\documents and settings\Tyler\Application Data\Summitsoft
2009-01-13 01:48 . 2009-01-13 01:48 <DIR> d-------- c:\documents and settings\Tyler\Application Data\VCDEasy
2009-01-13 01:47 . 2009-01-13 01:47 <DIR> d-------- c:\program files\VCDEasy
2009-01-13 01:42 . 2009-01-13 01:42 <DIR> d-------- c:\program files\Common Files\Digidesign
2009-01-13 01:42 . 2009-01-13 01:42 <DIR> d-------- c:\program files\Antares Audio Technologies
2009-01-13 01:42 . 2003-06-20 13:28 1,777,664 --a------ c:\windows\system32\gdiplus.dll
2009-01-13 01:39 . 2009-01-13 01:39 <DIR> d-------- c:\program files\ASIO4ALL v2
2009-01-13 01:37 . 2009-01-13 01:42 <DIR> d-------- c:\program files\VstPlugins
2009-01-13 01:37 . 2009-01-13 01:37 <DIR> d-------- c:\program files\Outsim
2009-01-13 01:37 . 2002-07-07 17:14 1,294,336 --a------ c:\windows\system32\vorbis.acm
2009-01-13 01:37 . 2006-06-20 03:56 225,280 --a------ c:\windows\system32\rewire.dll
2009-01-13 01:35 . 2009-01-13 01:39 <DIR> d-------- c:\program files\Image-Line
2009-01-13 00:53 . 2004-03-29 16:23 90,112 --a------ c:\windows\unvise32.exe
2009-01-13 00:52 . 2009-01-13 01:03 <DIR> d-------- c:\program files\The Logo Creator v5
2009-01-13 00:44 . 2009-01-13 00:44 <DIR> d-------- c:\program files\Common Files\Adobe Systems Shared
2009-01-13 00:35 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-01-13 00:35 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-01-13 00:34 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-01-13 00:32 . 2009-01-13 00:32 <DIR> d-------- c:\documents and settings\Tyler\Application Data\Aim
2009-01-13 00:31 . 2009-01-13 00:31 <DIR> d-------- C:\AIM-Old
2009-01-12 22:59 . 2009-01-29 01:10 116 --a------ c:\windows\NeroDigital.ini
2009-01-12 22:55 . 2009-01-12 22:55 <DIR> d-------- c:\program files\Smart Projects
2009-01-12 22:02 . 2009-01-13 22:29 <DIR> d-------- c:\documents and settings\Tyler\Tracing
2009-01-12 21:59 . 2009-01-12 21:59 <DIR> d-------- c:\program files\Windows Live SkyDrive
2009-01-12 21:59 . 2009-01-12 21:59 <DIR> d-------- c:\program files\Microsoft
2009-01-12 21:58 . 2009-01-12 21:59 <DIR> d-------- c:\program files\Windows Live
2009-01-12 21:50 . 2009-01-12 21:50 <DIR> d-------- c:\program files\Common Files\Windows Live
2009-01-12 18:10 . 2009-01-12 18:10 <DIR> d-------- C:\SIERRA
2009-01-12 18:10 . 2009-01-12 18:10 <DIR> d-------- c:\program files\Sierra On-Line
2009-01-12 11:27 . 2009-01-12 11:30 <DIR> d-------- C:\YDKJ
2009-01-12 11:27 . 1996-01-10 17:01 31,776 --a------ c:\windows\UNWISE.EXE
2009-01-12 01:19 . 2009-01-12 01:19 <DIR> d-------- c:\documents and settings\Tyler\Application Data\ArcSoft
2009-01-12 00:35 . 2009-01-12 00:35 <DIR> d-------- c:\documents and settings\Tyler\Application Data\MixMeister Technology
2009-01-12 00:31 . 2009-01-12 00:35 <DIR> d-------- c:\program files\MixMeister Fusion 7.2.2
2009-01-11 23:56 . 2009-01-11 23:56 <DIR> d-------- c:\program files\Guitar Pro 5
2009-01-11 22:51 . 2009-01-11 22:51 <DIR> d-------- c:\program files\Kontakt Player 2
2009-01-11 22:51 . 2009-01-11 22:57 <DIR> d-------- c:\program files\Garritan Instruments for Finale
2009-01-11 22:47 . 2009-01-13 02:11 <DIR> d-------- c:\program files\Finale 2008
2009-01-11 22:09 . 2009-01-11 22:10 74 --a------ c:\windows\Pool3DWin.ini
2009-01-11 21:30 . 2009-01-11 21:31 <DIR> d-------- c:\documents and settings\Tyler\Application Data\Ulead Systems
2009-01-11 21:28 . 2009-01-11 21:28 <DIR> d-------- c:\program files\Common Files\InterVideo
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-07 15:45 --------- d-----w c:\program files\microsoft frontpage
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
.
((((((((((((((((((((((((((((( snapshot@2009-01-23_18.42.19.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 17:02:28 163,328 ----a-w c:\windows\ERDNT\1-29-2009\ERDNT.EXE
+ 2009-01-30 01:08:41 9,236,480 ----a-w c:\windows\ERDNT\1-29-2009\Users\
00000001\NTUSER.DAT
+ 2009-01-30 01:08:41 200,704 ----a-w c:\windows\ERDNT\1-29-2009\Users\
00000002\UsrClass.dat
+ 2005-10-20 17:02:28 163,328 ----a-w c:\windows\ERDNT\2009-01-29\ERDNT.EXE
+ 2009-01-30 01:24:24 9,236,480 ----a-w c:\windows\ERDNT\2009-01-29\Users\
00000001\NTUSER.DAT
+ 2009-01-30 01:24:24 200,704 ----a-w c:\windows\ERDNT\2009-01-29\Users\
00000002\UsrClass.dat
- 2009-01-18 08:07:14 71,250 ----a-w c:\windows\system32\perfc009.dat
+ 2009-01-28 22:26:47 72,094 ----a-w c:\windows\system32\perfc009.dat
- 2009-01-18 08:07:14 441,184 ----a-w c:\windows\system32\perfh009.dat
+ 2009-01-28 22:26:47 444,088 ----a-w c:\windows\system32\perfh009.dat
+ 2009-01-30 01:34:11 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_694.dat
+ 2009-01-30 01:34:05 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_7e4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2007-12-01 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"Seagate Scheduler2 Service"="c:\program files\Common Files\Seagate\Schedule2\schedhlp.exe" [2008-06-24 136472]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-01-14 399504]
"AcronisTimounterMonitor"="c:\program files\Seagate\DiscWizard\TimounterMonitor.exe" [2008-06-24 904768]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2009-01-09 01:18 210168 c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Dynex Wireless Networking Utility.lnk]
backup=c:\windows\pss\Dynex Wireless Networking Utility.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
--a------ 2008-06-11 22:43 640376 l:\program files\Program Files\Acrobat 9.0\Acrobat\acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
--a------ 2008-06-12 02:25 37232 l:\program files\Program Files\Acrobat 9.0\Acrobat\acrobat_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
--a------ 2008-08-14 07:58 611712 c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
--a------ 2008-08-15 05:46 378224 c:\progra~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
--a------ 2005-09-06 11:10 450560 c:\program files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2005-11-24 15:38 94208 c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager]
--a------ 2007-06-14 15:48 1282048 c:\windows\system32\wltray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
--a------ 2007-08-28 12:00 531272 c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2007-12-01 00:26 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiscWizardMonitor.exe]
--a------ 2008-06-24 19:52 1325848 c:\program files\Seagate\DiscWizard\DiscWizardMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
--a------ 2007-08-14 03:44 113136 c:\program files\Roxio\CinePlayer\DMXLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX5000 Series]
--a------ 2006-02-13 23:00 131072 c:\windows\system32\spool\drivers\w32x86\3\E_FATIBVA.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 07:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
--a------ 2007-07-25 16:02 563984 c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
--a------ 2007-07-25 16:06 2027792 c:\program files\Logitech\QuickCam\Quickcam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
--a------ 2009-01-14 16:11 399504 c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
--a------ 2008-11-05 21:59 4347120 c:\program files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msmsgs]
--------- 2007-12-01 00:26 1695232 c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2007-08-06 19:05 200704 c:\program files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidTool]
--a------ 2004-10-11 14:54 589824 c:\program files\VIA\RAID\raid_tool.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
--a------ 2008-07-08 16:41 2828184 c:\program files\Registry Mechanic\RegMech.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
--a------ 2007-08-24 15:52 240112 c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seagate Scheduler2 Service]
--a------ 2008-06-24 19:56 136472 c:\program files\Common Files\Seagate\Schedule2\schedhlp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-09-16 12:16 1833296 c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2009-01-09 00:15 136600 c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2009-01-19 20:53 1830128 c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
--------- 2007-07-23 13:55 341232 c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
--a------ 2006-08-11 14:56 17920 c:\windows\CTHELPER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
--a------ 2006-08-11 14:56 18944 c:\windows\system32\CTXFIHLP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Intense Registry Service]
--a------ 2002-10-14 18:30 53760 c:\windows\system32\intedreg.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"f:\\GAMES\\Warcraft III\\Warcraft III.exe"=
"f:\\Program Files\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\GAMES\\Quake III Arena\\Quake3\\quake3.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\AIM-Old\\aim.exe"=
"c:\\AIM\\aim.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"f:\\Program Files\\Program Files\\utorrent.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server
"<NO NAME>"=
R0 dontgo;Promise Removable Disk Control Driver;c:\windows\system32\drivers\dontgo.sys [2009-01-07 7680]
R0 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [2009-01-07 125952]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-01-09 111184]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-12-22 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-12-22 55024]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-01-09 15504]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-01-09 20560]
R4 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\Common Files\Seagate\Schedule2\schedul2.exe [2008-06-24 431384]
R4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2009-01-08 24652]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 gwiopm;gwiopm;\??\c:\program files\Unknown Device Identifier\gwiopm.sys --> c:\program files\Unknown Device Identifier\gwiopm.sys [?]
S3 ICDUSB2;Sony IC Recorder (P);c:\windows\system32\drivers\IcdUsb2.sys [2009-01-13 39048]
S3 NdisWDM;Dynex Wireless G USB Network Adapter Service;c:\windows\system32\drivers\NdisWDM.sys [2009-01-10 198528]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2007-08-24 72176]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2007-08-24 1083888]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-12-22 7408]
S4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-01-09 170640]
S4 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\Roxio\Digital Home 10\RoxioUpnpService10.exe [2007-08-24 362992]
S4 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2007-08-24 309744]
S4 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2007-08-24 166384]
S4 SessionLauncher;SessionLauncher;c:\docume~1\Tyler\LOCALS~1\Temp\DX9\SessionLauncher.exe --> c:\docume~1\Tyler\LOCALS~1\Temp\DX9\SessionLauncher.exe [?]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
\Shell\AutoRun\command - wd_windows_tools\setup.exe
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Tyler\Application Data\Mozilla\Firefox\Profiles\aljq7c09.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.com/FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: l:\program files\Program Files\Acrobat 9.0\Acrobat\browser\nppdf32.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-01-29 20:36:18
Windows 5.1.2600 Service Pack 3, v.5657 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•A~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1136)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
c:\windows\System32\BCMLogon.dll
c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll
- - - - - - - > 'lsass.exe'(1192)
c:\windows\system32\relog_ap.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\wltrysvc.exe
c:\windows\system32\bcmwltry.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\PSIService.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-01-29 20:40:15 - machine was rebooted [Tyler]
ComboFix-quarantined-files.txt 2009-01-30 01:40:11
ComboFix2.txt 2009-01-23 23:43:38
Pre-Run: 19,892,846,592 bytes free
Post-Run: 19,878,739,968 bytes free
386 --- E O F --- 2009-01-23 22:40:33
MBAM log:
Malwarebytes' Anti-Malware 1.33
Database version: 1707
Windows 5.1.2600 Service Pack 3, v.5657
2/2/2009 12:35:55 PM
mbam-log-2009-02-02 (12-35-55).txt
Scan type: Full Scan (C:\|F:\|G:\|H:\|J:\|K:\|L:\|M:\|)
Objects scanned: 1873481
Time elapsed: 40 hour(s), 44 minute(s), 51 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files\D'Accord Music Software\D'Accord Personal Guitarist 1.2\DAccordPersonalGuitaristv12_Crack.exe (Trojan.Agent) -> Not selected for removal.
H:\H BITS\BIT MUSIC PROGRAMS\Personal Guitarist v 1.2\Crack\DAccordPersonalGuitaristv12_Crack.exe (Trojan.Agent) -> Not selected for removal.
L:\F2 BITS\BIT MUSIC PROGRAMS\Sonic Foundry Acis pro 4.0 (keygen) + Sound Forge 7.0 keygen) + Manuals\Sound Forge 7.0 + ssg keygen\keygen.exe (Trojan.Downloader) -> Not selected for removal.
M:\TAKE 3\Program Files\Freecorder\tbFre1.dll (Adware.Shopper) -> Quarantined and deleted successfully.
HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:41:37 PM, on 2/2/2009
Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=74005O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - L:\Program Files\Program Files\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - L:\Program Files\Program Files\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Seagate Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Append Link Target to Existing PDF -
res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF -
res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF -
res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF -
res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -
http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/ ... 586-jc.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\Tyler\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: Seagate Scheduler2 Service (SgtSch2Svc) - Seagate - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
--
End of file - 10925 bytes
Thanks again,
Tyler