Stutter.X virus and hard drive hassels

[emacjake]

I reciently lent my external hardrive to somebody, when he returned it, it wouldn't read at all on my computer it would recognise that there was a usb device plugged in but nothing shows in my computer file?

Also my computer started acting really strange, so i did a virus scan and avira showed up Stutter.x

Everything is going really slowly, i'm having lots of trouble using my web browser, also it shows a warning that a program has corupted my search engine

All sorts or other little weird things going on

Please help!!!!

[Allan]

I already responded to your first post and asked you to post your logs in this thread. Again, here's the link with the instructions:

http://www.computerhope.com/forum/index.php/topic,46313.0.html

[emacjake]

I Think i stuck to the steps as close as i could

My log for SUPERAntiSpyware doesn't seem to have saved, should i start it again?

Here is the log for Malwarebytes' Anti-Malware

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7790

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

25/09/2011 1:44:10 AM
mbam-log-2011-09-25 (01-44-10).txt

Scan type: Quick scan
Objects scanned: 198465
Time elapsed: 8 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 4
Files Infected: 275

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\Users\Jake\AppData\Roaming\RegTool (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\Logs (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450 (Rogue.RegTool) -> Quarantined and deleted successfully.

Files Infected:
c:\Windows\Tasks\regtool scan.job (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\resultsw.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\Logs\2009-03-18 10-33-040.log (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\filelist.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-0.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-1.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-10.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-100.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-101.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-102.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-103.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-104.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-105.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-106.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-107.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-108.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-109.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-11.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-110.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-111.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-112.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-113.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-250.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-251.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-252.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-253.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-254.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-255.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-256.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-257.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-258.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-259.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-26.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-260.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-261.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-262.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-263.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-264.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-265.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-266.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-267.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-44.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-45.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-46.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-47.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-48.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-49.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-5.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-50.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-51.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-52.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-53.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-54.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-55.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-56.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-57.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-58.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-59.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-6.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-60.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-62.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-63.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-64.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-65.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-66.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-67.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-68.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-69.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-7.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-70.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-71.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-72.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-73.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-74.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-75.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-76.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-77.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-78.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-79.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-80.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-81.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-82.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-83.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-84.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-85.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-86.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-87.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-88.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-89.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-9.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-90.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-91.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-92.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-93.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-94.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-95.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-96.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-97.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-98.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-99.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-114.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-132.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-150.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-169.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-187.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-204.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-222.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-25.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-268.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-43.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-61.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-8.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-115.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-116.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-117.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-118.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-119.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-12.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-120.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-121.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-122.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-123.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-124.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-125.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-126.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-127.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-128.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-129.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-13.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-130.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-131.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-133.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-134.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-135.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-136.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-137.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-138.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-139.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-14.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-140.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-141.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-142.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-143.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-144.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-145.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-146.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-147.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-148.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-149.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-15.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-151.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-152.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-153.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-154.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-155.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-156.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-157.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-158.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-159.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-16.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-160.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-161.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-162.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-163.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-164.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-165.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-166.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-167.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-168.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-17.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-170.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-171.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-172.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-173.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-174.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-175.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-176.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-177.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-178.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-179.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-18.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-180.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-181.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-182.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-183.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-184.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-185.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-186.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-188.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-189.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-19.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-190.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-191.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-192.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-193.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-194.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-195.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-196.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-197.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-198.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-199.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-2.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-20.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-200.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-201.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-202.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-203.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-205.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-206.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-207.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-208.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-209.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-21.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-210.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-211.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-212.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-213.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-214.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-215.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-216.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-217.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-218.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-219.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-22.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-220.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-221.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-223.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-224.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-225.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-226.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-227.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-228.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-229.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-23.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-230.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-231.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-232.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-233.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-234.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-235.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-236.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-237.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-238.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-239.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-24.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-240.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-241.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-242.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-243.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-244.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-245.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-246.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-247.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-248.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-249.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-269.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-27.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-270.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-28.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-29.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-3.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-30.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-31.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-32.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-33.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-34.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-35.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-36.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-37.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-38.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-39.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-4.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-40.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-41.db (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\Users\Jake\AppData\Roaming\RegTool\quarantinew\2009-03-18 10-34-450\regb-42.db (Rogue.RegTool) -> Quarantined and deleted successfully.

[emacjake]

This is the HiJackThis Log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:24:23 PM, on 25/09/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
C:\Program Files\Telstra\Telstra Turbo Connection Manager\WaHelper.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\ProgramData\Cricket Broadband EC1705\userdata\ouc.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\Hijackthis.exe\Trend Micro\HiJackThis\Sniper.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (file missing)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (file missing)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (file missing)
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O3 - Toolbar: Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
O4 - HKLM\..\Run: [dlcxmon.exe] "C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell PC Fax\fm3032.exe" /s
O4 - HKLM\..\Run: [DLCXCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [PRE7] cmd.exe /c copy /y "%SystemDrive%\Users\Default\AppData\Roaming\Adobe\com.adobe.143.registration" "%UserProfile%\AppData\Roaming\Adobe\com.adobe.143.registration"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [TRUUpdater] "C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe" /bkground
O4 - HKLM\..\Run: [WatcherHelper] "C:\Program files\Telstra\Telstra Turbo Connection Manager\WaHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_Cricket Broadband EC1705] "C:\Program Files\Cricket Broadband EC1705\UpdateDog\ouc.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Sudoku%20Quest/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Sudoku%20Quest/Images/armhelper.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe
O23 - Service: dlcx_device -   - C:\Windows\system32\dlcxcoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 16076 bytes

[SuperDave]

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*******************************************************************
I see you are running Poker Stars. Poker Stars has a history of distributing spyware in their products. However, security experts still question this program as good or bad. I recommend to remove it to prevent spyware, but it is up to you to decide if you want to keep it.

If you would like to uninstall it, do so as follows:

Press Start, and navigate to the Control Panel. When in the control panel enter Add or Remove programs. Search for and locate PokerStars, and either click Change/Remove or Remove.
**************************************************************
Open HijackThis and select Do a system scan only

Place a check mark next to the following entries: (if there)

R3 - URLSearchHook: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (file missing)
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (file missing)
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (file missing)
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

Important: Close all open windows except for HijackThis and then click Fix checked.

Once completed, exit HijackThis.
****************************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Unzip SecurityCheck.zip and a folder named Security Check should appear.
* Open the Security Check folder and double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
***************************************************
Download DDS from HERE or HERE and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.



1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE .Then post your DDS logs. (DDS.txt and Attach.txt )

[emacjake]

 Results of screen317's Security Check version 0.99.18 
 Windows Vista Service Pack 2 (UAC is enabled)
 Internet Explorer 8 
``````````````````````````````
Antivirus/Firewall Check:
 Windows Firewall Enabled! 
 WMI entry may not exist for antivirus; attempting automatic update.
 Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
 Malwarebytes' Anti-Malware   
 CCleaner     
 Adobe Flash Player   
````````````````````````````````
Process Check: 
objlist.exe by Laurent
 Windows Defender MSASCui.exe
 Malwarebytes' Anti-Malware mbamservice.exe 
 Malwarebytes' Anti-Malware mbamgui.exe 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 Windows Defender MSASCui.exe   
``````````End of Log````````````

[emacjake]

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Jake at 16:55:01 on 2011-09-26
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.61.1033.18.3069.1346 [GMT 10:00]
.
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\aestsrv.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\ProgramData\DatacardService\DCService.exe
C:\Windows\system32\dlcxcoms.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
C:\Program Files\Telstra\Telstra Turbo Connection Manager\WaHelper.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\ProgramData\Cricket Broadband EC1705\userdata\ouc.exe
C:\Program Files\Trend Micro\HijackThis\Hijackthis.exe\Trend Micro\HiJackThis\Sniper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Users\Jake\Shared\Desktop\SecurityCheck.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/
uWindow Title = Internet Explorer provided by Dell
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll
mURLSearchHooks: H - No File
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2380.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: @c:\program files\msn toolbar\platform\6.3.2380.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2380.0\npwinext.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll
TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
TB: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [AdobeBridge]
uRun: [HW_OPENEYE_OUC_Cricket Broadband EC1705] "c:\program files\cricket broadband ec1705\updatedog\ouc.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [dscactivate] c:\dell\dsca.exe 3
mRun: [dlcxmon.exe] "c:\program files\dell photo aio printer 926\dlcxmon.exe"
mRun: [FaxCenterServer] "c:\program files\dell pc fax\fm3032.exe" /s
mRun: [DLCXCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCXtime.dll,_RunDLLEntry@16
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\FirstStart.exe" /OM
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [PRE7] cmd.exe /c copy /y "%SystemDrive%\Users\Default\AppData\Roaming\Adobe\com.adobe.143.registration" "%UserProfile%\AppData\Roaming\Adobe\com.adobe.143.registration"
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [TRUUpdater] "c:\program files\sierra wireless inc\webupdater\TRUUpdater.exe" /bkground
mRun: [WatcherHelper] "c:\program files\telstra\telstra turbo connection manager\WaHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [PcSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\program files\avira\antivir desktop\avsda.dll
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Sudoku%20Quest/Images/stg_drm.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Sudoku%20Quest/Images/armhelper.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 10.25.4.1 203.194.27.57 203.50.2.71
TCP: Interfaces\{2BF58E65-EAFD-4D74-BDB7-128C55AFE4F2} : DhcpNameServer = 139.130.4.4 203.50.2.71
TCP: Interfaces\{8F4AE1F3-7B2D-46D4-BE11-29ED320110A9} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FEF285E8-B716-4C0A-90E9-A7956357DBA4} : DhcpNameServer = 10.25.4.1 203.194.27.57 203.50.2.71
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1   www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-4-7 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-2-17 67656]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2007-11-17 73728]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\avira\antivir desktop\avmailc.exe [2009-4-7 340136]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-4-7 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-4-7 269480]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\avira\antivir desktop\avwebgrd.exe [2009-4-7 428200]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-4-7 66616]
R2 DCService.exe;DCService.exe;c:\programdata\datacardservice\DCService.exe [2009-12-22 225280]
R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-15 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-25 366152]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-4-6 1153368]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\vodafone\vodafone mobile connect\bin\VMCService.exe [2008-3-13 24576]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2010-11-18 70656]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-25 22216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-14 135664]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 288112]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2010-11-18 101504]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2010-11-18 116736]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-14 135664]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-6-10 24576]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-2-17 12872]
S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [2009-7-22 197504]
S3 SWUMXA3;Sierra Wireless USB MUX Driver (UMTSA3);c:\windows\system32\drivers\swumxa3.sys [2009-7-22 148992]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-09-26 02:29:34   56200   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{2e6ef9b9-99ad-4b78-b20d-91a62644b943}\offreg.dll
2011-09-25 03:20:03   388096   ----a-r-   c:\users\jake\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-09-25 03:20:02   --------   d-----w-   c:\program files\Trend Micro
2011-09-24 15:07:55   --------   d-----w-   c:\users\jake\appdata\roaming\Malwarebytes
2011-09-24 15:07:36   --------   d-----w-   c:\programdata\Malwarebytes
2011-09-24 15:07:27   22216   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-09-24 15:07:26   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2011-09-24 10:01:01   --------   d-----w-   c:\program files\CCleaner
2011-09-23 14:25:25   7269712   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{2e6ef9b9-99ad-4b78-b20d-91a62644b943}\mpengine.dll
2011-09-21 02:51:21   680   ----a-w-   c:\users\jake\appdata\local\d3d9caps.tmp
2011-09-14 04:32:16   2409784   ----a-w-   c:\program files\windows mail\OESpamFilter.dat
2011-09-09 03:32:57   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-09-09 03:32:57   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-09-09 03:32:57   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-09-09 03:32:57   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-09-09 03:32:57   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-09-09 03:32:57   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-09-09 03:32:57   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin.dll
.
==================== Find3M  ====================
.
2011-09-26 06:17:45   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-26 12:23:52   0   ----a-w-   c:\windows\system32\ConduitEngine.tmp
2011-07-22 02:54:43   1797632   ----a-w-   c:\windows\system32\jscript9.dll
2011-07-22 02:48:26   1126912   ----a-w-   c:\windows\system32\wininet.dll
2011-07-22 02:44:36   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2011-07-12 01:20:54   83816   ----a-w-   c:\windows\system32\dns-sd.exe
2011-07-12 01:20:54   73064   ----a-w-   c:\windows\system32\dnssd.dll
2011-07-11 13:25:35   2048   ----a-w-   c:\windows\system32\tzres.dll
2011-07-06 15:31:47   214016   ----a-w-   c:\windows\system32\drivers\mrxsmb10.sys
2011-07-05 08:37:00   94208   ----a-w-   c:\windows\system32\QuickTimeVR.qtx
2011-07-05 08:37:00   69632   ----a-w-   c:\windows\system32\QuickTime.qts
2011-06-29 04:32:06   66616   ----a-w-   c:\windows\system32\drivers\avgntflt.sys
.
============= FINISH: 16:55:30.98 ===============

[emacjake]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 16/09/2007 2:29:41 PM
System Uptime: 26/09/2011 12:29:10 PM (4 hours ago)
.
Motherboard: Dell Inc. |  | 0UK437
Processor: Intel(R) Core(TM)2 Duo CPU     T7100  @ 1.80GHz | Microprocessor | 1801/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 17.181 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.985 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0003
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #3
PNP Device ID: ROOT\*6TO4MP\0003
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0001
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0001
Service: tunmp
.
==== System Restore Points ===================
.
RP1149: 24/09/2011 12:00:02 AM - Scheduled Checkpoint
RP1150: 24/09/2011 12:24:35 AM - Windows Update
RP1151: 25/09/2011 8:39:59 AM - Removed WinZip 15.5
RP1152: 25/09/2011 12:28:57 PM - Installed WinZip 15.5
RP1153: 25/09/2011 1:13:15 PM - Installed HiJackThis
RP1154: 25/09/2011 1:19:37 PM - Installed HiJackThis
RP1155: 26/09/2011 1:08:05 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.6
Adobe Shockwave Player 11.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
µTorrent
AVS Update Manager 1.0
AVS Video Converter 7
AVS4YOU Software Navigator 1.4
Bing Bar
Bing Bar Platform
Bing Rewards Client Installer
Bonjour
CCleaner
Cities XL 2011
Conduit Engine
Cricket Broadband EC1705
DiRT
e-tax 2010
e-tax 2011
FMS
Google Chrome
Google Earth
Google SketchUp Pro 8
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HTC Driver Installer
iTunes
Java Auto Updater
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Default Manager
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
OpenAL
PokerStars
Portal
QuickTime
RollerCoaster Tycoon 3
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Skype Toolbars
Skype™ 5.3
Steam
Telstra Turbo Connection Manager
TmUnitedForever
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
uTorrentBar Toolbar
Vuze
WinZip 15.5
.
==== Event Viewer Messages From Past Week ========
.
25/09/2011 8:16:54 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
25/09/2011 8:16:54 AM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
25/09/2011 8:16:54 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
25/09/2011 3:43:34 PM, Error: Service Control Manager [7000]  - The SASDIFSV service failed to start due to the following error:  Cannot create a file when that file already exists.
23/09/2011 2:19:24 PM, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 10.25.3.12 for the Network Card with network address 0013E8B23141 has been denied by the DHCP server 10.25.4.1 (The DHCP Server sent a DHCPNACK message).
19/09/2011 11:01:43 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the SigmaTel Audio Service service to connect.
19/09/2011 11:01:43 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 9 service to connect.
19/09/2011 11:01:43 PM, Error: Service Control Manager [7000]  - The SigmaTel Audio Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
19/09/2011 11:01:29 PM, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 10.25.3.24 for the Network Card with network address 0013E8B23141 has been denied by the DHCP server 10.25.4.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================

[SuperDave]

The logs show that you only have 17 Gb's of free space on your harddrive. Windows requires at least 15% (33 Gbs) in order to function properly. You will need to find more free space on that drive. You can do this by uninstalling programs that you no longer use. You can also save important files, photos, videos and music to DVD's or an external harddrive. Otherwise, you computer will start doing weird things like crashing and freezing.

Download OTL to your desktop.

* Open OTL
* Copy and Paste the following text in the codebox into the Custom Scans/Fixes window.

Code: [Select]

:OTL

mURLSearchHooks: H - No File
TB: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

:COMMANDS
[resethosts]
[purity]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.
*************************************************************

Download ComboFix by sUBs from one of the below links.  Be sure to save it to the Desktop.

link # 1
Link # 2
If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Right-click combofix.exe and select Run as Administrator and follow the prompts.
When finished, ComboFix will produce a log for you.
Post the ComboFix login your next reply.

NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.

[emacjake]

========== OTL ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.29.1 log created on 09272011_121355









ComboFix 11-09-26.02 - Jake 27/09/2011  12:24:38.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.61.1033.18.3069.1137 [GMT 10:00]
Running from: c:\users\Jake\Shared\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jake\AppData\Local\ApplicationHistory
c:\users\Jake\AppData\Local\ApplicationHistory\csc.exe.3e4ac0af.ini
c:\users\Jake\AppData\Local\ApplicationHistory\dsca.exe.7999547.ini
c:\users\Jake\AppData\Local\ApplicationHistory\EULALauncher.exe.3f62b452.ini
c:\users\Jake\AppData\Local\ApplicationHistory\ngen.exe.2c05686e.ini
c:\users\Jake\AppData\Local\ApplicationHistory\SPACESTREAM.PrintStudio.exe.face14cf.ini
c:\users\Jake\AppData\Local\ApplicationHistory\VRCupdater.exe.7caeed33.ini
c:\users\Jake\AppData\Roaming\.#
c:\users\Jake\AppData\Roaming\.#\MBX@10D8@17B2768.###
c:\users\Jake\AppData\Roaming\.#\MBX@10D8@17B2798.###
c:\users\Jake\AppData\Roaming\.#\MBX@AD8@1D62768.###
c:\users\Jake\AppData\Roaming\.#\MBX@AD8@1D62798.###
c:\users\Jake\AppData\Roaming\.#\MBX@C54@1AB2768.###
c:\users\Jake\AppData\Roaming\.#\MBX@C54@1AB2798.###
c:\windows\system32\comct332.ocx
.
.
(((((((((((((((((((((((((   Files Created from 2011-08-27 to 2011-09-27  )))))))))))))))))))))))))))))))
.
.
2011-09-27 02:13 . 2011-09-27 02:13   --------   d-----w-   C:\_OTL
2011-09-25 03:20 . 2011-09-25 03:20   388096   ----a-r-   c:\users\Jake\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-09-25 03:20 . 2011-09-25 03:20   --------   d-----w-   c:\program files\Trend Micro
2011-09-25 02:29 . 2011-09-25 02:31   --------   d-----w-   c:\programdata\WinZip
2011-09-24 15:07 . 2011-09-24 15:07   --------   d-----w-   c:\users\Jake\AppData\Roaming\Malwarebytes
2011-09-24 15:07 . 2011-09-24 15:07   --------   d-----w-   c:\programdata\Malwarebytes
2011-09-24 15:07 . 2011-08-31 07:00   22216   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-09-24 15:07 . 2011-09-24 15:30   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2011-09-24 10:01 . 2011-09-24 10:02   --------   d-----w-   c:\program files\CCleaner
2011-09-23 14:25 . 2011-09-12 23:14   7269712   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{2E6EF9B9-99AD-4B78-B20D-91A62644B943}\mpengine.dll
2011-09-21 02:51 . 2011-09-26 20:52   680   ----a-w-   c:\users\Jake\AppData\Local\d3d9caps.tmp
2011-09-14 04:32 . 2011-08-10 12:14   2409784   ----a-w-   c:\program files\Windows Mail\OESpamFilter.dat
2011-09-09 03:32 . 2011-09-09 03:32   159744   ----a-w-   c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2011-09-09 03:32 . 2011-09-09 03:32   159744   ----a-w-   c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2011-09-09 03:32 . 2011-09-09 03:32   159744   ----a-w-   c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2011-09-09 03:32 . 2011-09-09 03:32   159744   ----a-w-   c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2011-09-09 03:32 . 2011-09-09 03:32   159744   ----a-w-   c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2011-09-09 03:32 . 2011-09-09 03:32   159744   ----a-w-   c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2011-09-09 03:32 . 2011-09-09 03:32   159744   ----a-w-   c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2011-09-09 03:32 . 2011-09-09 03:32   --------   d-----w-   c:\program files\QuickTime
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-26 06:17 . 2011-05-16 01:10   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-26 12:23 . 2011-08-26 12:23   0   ----a-w-   c:\windows\system32\ConduitEngine.tmp
2011-07-22 02:54 . 2011-08-11 08:30   1797632   ----a-w-   c:\windows\system32\jscript9.dll
2011-07-22 02:48 . 2011-08-11 08:30   1126912   ----a-w-   c:\windows\system32\wininet.dll
2011-07-22 02:44 . 2011-08-11 08:30   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2011-07-12 01:20 . 2011-07-12 01:20   83816   ----a-w-   c:\windows\system32\dns-sd.exe
2011-07-12 01:20 . 2011-07-12 01:20   73064   ----a-w-   c:\windows\system32\dnssd.dll
2011-07-11 13:25 . 2011-08-25 04:37   2048   ----a-w-   c:\windows\system32\tzres.dll
2011-07-06 15:31 . 2011-08-11 08:35   214016   ----a-w-   c:\windows\system32\drivers\mrxsmb10.sys
2011-07-05 08:37 . 2011-07-05 08:37   94208   ----a-w-   c:\windows\system32\QuickTimeVR.qtx
2011-07-05 08:37 . 2011-07-05 08:37   69632   ----a-w-   c:\windows\system32\QuickTime.qts
2011-06-29 04:32 . 2009-04-07 00:52   66616   ----a-w-   c:\windows\system32\drivers\avgntflt.sys
2011-06-29 04:32 . 2009-04-07 00:52   138192   ----a-w-   c:\windows\system32\drivers\avipbb.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-03-28 16:22   176936   ----a-w-   c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-03-28 16:22   176936   ----a-w-   c:\program files\uTorrentBar\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-03-28 176936]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-08 39408]
"HW_OPENEYE_OUC_Cricket Broadband EC1705"="c:\program files\Cricket Broadband EC1705\UpdateDog\ouc.exe" [2010-11-17 196608]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PRE7"="copy" [X]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-05-25 17920]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-04-18 159744]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-10 36864]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-10 86960]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]
"dscactivate"="c:\dell\dsca.exe" [2007-07-30 16384]
"dlcxmon.exe"="c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe" [2007-01-12 292336]
"FaxCenterServer"="c:\program files\Dell PC Fax\fm3032.exe" [2006-11-04 312200]
"DLCXCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll" [2006-10-16 106496]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-02 281768]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-03-11 611712]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-06 405504]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-15 13793824]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-06-15 92704]
"TRUUpdater"="c:\program files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe" [2009-08-25 562456]
"WatcherHelper"="c:\program files\Telstra\Telstra Turbo Connection Manager\WaHelper.exe" [2009-08-26 62744]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-9-16 50688]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-7-20 1180952]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2011-8-2 610120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-12 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-10-13 23:03   548352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-13 135664]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2009-03-12 288112]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-11-17 101504]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-11-17 116736]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-13 135664]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-06-09 24576]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys

R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-08-29 3739080]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-20 12872]
R3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\DRIVERS\swnc8ua3.sys [2009-07-22 197504]
R3 SWUMXA3;Sierra Wireless USB MUX Driver (UMTSA3);c:\windows\system32\DRIVERS\swumxa3.sys [2009-07-22 148992]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-20 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-05-26 67656]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-08-29 73728]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2011-06-29 340136]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-06-29 428200]
S2 DCService.exe;DCService.exe;c:\programdata\DatacardService\DCService.exe [2009-12-22 225280]
S2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe [2006-11-04 537480]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-03-13 24576]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-11-17 70656]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - SASDIFSV
*Deregistered* - BMLoad
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation   REG_MULTI_SZ      FontCache
bthsvcs   REG_MULTI_SZ      BthServ
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-08 00:56]
.
2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-13 20:17]
.
2011-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-13 20:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 10.25.4.1 203.194.27.57 203.50.2.71
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-OM2_Monitor - c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-OM2_Monitor - c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe
HKU-Default-Run-PcSync - c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
AddRemove-PokerStars - c:\program files\PokerStars\PokerStarsUninstall.exe
.
.
.
**************************************************************************
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  DLCXCATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16??
.
scanning hidden files ... 
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2161100293-1564272172-3960802703-1000\Software\SecuROM\License information*]
"datasecu"=hex:9c,89,8d,71,0a,66,19,2e,e6,0b,3c,7d,e4,db,e6,67,10,0d,68,76,03,
   d4,16,b1,aa,bd,2a,21,99,5a,21,9d,5e,ba,8f,0b,9f,ef,b3,1a,50,58,f2,ca,ce,46,\
"rkeysecu"=hex:a9,c4,bc,28,59,15,e6,95,98,0f,17,e8,2b,f1,e0,80
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-09-27  12:46:19
ComboFix-quarantined-files.txt  2011-09-27 02:46
.
Pre-Run: 18,226,843,648 bytes free
Post-Run: 19,579,543,552 bytes free
.
- - End Of File - - CB97D5E0AA21724DB2B6B1DFADC0CBE3

[emacjake]

I bought a new hard drive to back some more stuff up and clear my computer out, but im worried to plug it in, incase it gets infrected also???

[SuperDave]

I bought a new hard drive to back some more stuff up and clear my computer out, but im worried to plug it in, incase it gets infrected also???

Only a few more scans to go and we should be in the clear. BTW, how's your computer running now?

SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

http://sites.google.com/site/sysprotantirootkit/

Unzip it into a folder on your desktop.

• Double click Sysprot.exe to start the program.
• Click on the Log tab.
• In the Write to log box select the following items.
• Process << Selected
  
• Kernel Modules << Selected
  
• SSDT << Selected
  
• Kernel Hooks << Selected
  
• IRP Hooks << NOT Selected
  
• Ports << NOT Selected
  
• Hidden Files << Selected
  
• At the bottom of the page
• Hidden Objects Only << Selected
  
• Click on the Create Log button on the bottom right.
• After a few seconds a new window should appear.
• Select Scan Root Drive. Click on the Start button.
• When it is complete a new window will appear to indicate that the scan is finished.
• The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

[emacjake]

You are the man SuperDave, thanks so much for helping!!!

My computer has deffiantly improved alot since a few days ago, there are still a few strange things happening!

Eg. I still get a message every time I open internet explorer,

A program on your computer has corrupted your default search provider setting for internet explorer.
Internet Explorer has reset this setting to your original search provider, Google (www.google.com).
Internet Explorer will now open Search Settings, where you can change this setting or install more search providers.

I press OK and a Manage Add Ons window opens where google is already enabled as default so i press close, but it happens every time?

I did delete a few things it's at about 30gb free space now
I also removed PokerStars

What are your thoughts on uTorrent, Safe/Not Safe?





SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

No Hidden Processes found

******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \SystemRoot\System32\Drivers\dump_iaStor.sys
Service Name: ---
Module Base: 90B20000
Module End: 90BDE000
Hidden: Yes

******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwCreateSection
Address: 904D5E06
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwSetContextThread
Address: 904D5E0B
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwTerminateProcess
Address: 904D5DA7
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

******************************************************************************************
******************************************************************************************
No Kernel Hooks found

******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: C:\Qoobox\BackEnv\AppData.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Cache.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Cookies.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Desktop.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Favorites.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\History.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\LocalAppData.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\LocalSettings.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Music.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\NetHood.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Personal.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Pictures.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\PrintHood.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Profiles.Folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Programs.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Recent.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SendTo.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SetPath.bat
Status: Access denied

Object: C:\Qoobox\BackEnv\StartMenu.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\StartUp.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SysPath.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Templates.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\VikPev00
Status: Access denied

Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
Status: Access denied

Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl
Status: Access denied

Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
Status: Access denied

Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
Status: Access denied

Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMsMpPsSession.etl
Status: Access denied

Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMuroc System Trace.etl
Status: Access denied

[emacjake]

Sorry to ask so many questions, this is all pretty new to me its the first time i've had to deal with computer problems!

Can you tell if these problems i've been having are from my doing ie. dowloading things or using the web,

or from the guy that borrowed my old external hard drive that doesnt seem to work, as the problems started when he returned it and i pluged it in?

[SuperDave]

What are your thoughts on uTorrent, Safe/Not Safe?

All P2P programs are by themselves, safe but the crap you download is the problem.

Can you tell if these problems i've been having are from my doing ie. dowloading things or using the web,

or from the guy that borrowed my old external hard drive that doesnt seem to work, as the problems started when he returned it and i pluged it in?

There are many ways to get infected. It's almost impossible to pinpoint exactly how your computer became infected but, in this case, it was most likely an infection on the harddrive. You should tell your friend that his computer is probably infected.

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt