When running Combofix as administrator, I got a BSOD. I tried two more times with the same result. Booted into safe mode and ran as administrator and it completed, however it threw a BSOD again once the log was generated at the end. Logs for HJT and Combofix are posted below.
As for the trusted zone, I only use it for my NAS drive, and that is the only time I use IE at all. However, I went ahead and disabled it for the time being until this is cleared up.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:24:33 AM, on 2/13/2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\The Raddish\Documents\AHK\setup\Zoë.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\firefox.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugin-container.exe
C:\Users\The Raddish\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://raddishes.mvix.net/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [OnekeyDM] C:\Program Files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: dpclat.exe
O4 - Startup: Zoë.exe.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O15 - Trusted Zone:
http://raddishes.mvix.netO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8381 bytes
ComboFix 11-02-13.01 - The Raddish 02/13/2011 22:54:12.1.2 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4091.3214 [GMT -6:00]
Running from: c:\users\The Raddish\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
FW: PC Tools Firewall Plus *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
c:\users\The Raddish\AppData\Roaming\inst.exe
c:\users\The Raddish\Desktop\Battlestar Galactica - Miniseries - Pilot
c:\users\The Raddish\EULA.txt
.
((((((((((((((((((((((((( Files Created from 2011-01-14 to 2011-02-14 )))))))))))))))))))))))))))))))
.
2011-02-14 05:00 . 2011-02-14 05:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-14 04:35 . 2011-02-14 04:36 -------- d-----w- c:\users\The Raddish\AppData\Roaming\PCToolsFirewallPlus
2011-02-14 04:33 . 2010-03-29 17:06 233488 ----a-w- c:\windows\system32\drivers\PCTCore64.sys
2011-02-14 04:33 . 2010-11-17 16:20 331368 ----a-w- c:\windows\system32\drivers\pctgntdi64.sys
2011-02-14 04:33 . 2010-11-17 16:20 136168 ----a-w- c:\windows\system32\drivers\pctwfpfilter64.sys
2011-02-14 04:32 . 2011-02-14 04:33 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2011-02-14 04:32 . 2010-11-24 15:18 119688 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter64.sys
2011-02-14 04:32 . 2010-07-08 15:49 79000 ----a-w- c:\windows\system32\drivers\pctNdis64.sys
2011-02-14 04:32 . 2010-02-05 15:26 42968 ----a-w- c:\windows\system32\drivers\pctNdis-DNS64.sys
2011-02-14 04:31 . 2010-11-25 16:42 179464 ----a-w- c:\windows\system32\drivers\pctplfw64.sys
2011-02-14 04:31 . 2011-02-14 04:36 -------- d-----w- c:\program files (x86)\PC Tools Firewall Plus
2011-02-13 13:09 . 2011-01-13 10:20 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FF1E68B-93F8-4AC2-9591-72DCF361AB51}\mpengine.dll
2011-02-13 02:44 . 2011-02-13 02:44 -------- d-----w- c:\users\The Raddish\AppData\Roaming\SUPERAntiSpyware.com
2011-02-13 02:44 . 2011-02-13 02:44 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-02-13 02:44 . 2011-02-13 02:44 -------- d-----w- c:\programdata\!SASCORE
2011-02-13 02:44 . 2011-02-13 02:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-02-12 23:50 . 2011-02-12 23:50 -------- d-----w- c:\program files\CCleaner
2011-02-12 15:21 . 2011-02-12 15:21 -------- d-----w- c:\users\The Raddish\AppData\Roaming\Malwarebytes
2011-02-12 15:20 . 2010-12-21 00:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-12 15:20 . 2011-02-12 15:20 -------- d-----w- c:\programdata\Malwarebytes
2011-02-12 15:20 . 2010-12-21 00:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-12 15:20 . 2011-02-12 15:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-02-12 14:54 . 2011-02-12 14:54 -------- d-----w- c:\program files (x86)\Trend Micro
2011-02-10 02:44 . 2011-02-10 02:44 -------- d-----w- c:\users\The Raddish\AppData\Local\ElevatedDiagnostics
2011-02-10 00:20 . 2010-12-21 06:16 214016 ----a-w- c:\windows\system32\winsrv.dll
2011-02-10 00:17 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll
2011-02-10 00:17 . 2010-12-18 05:29 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-02-10 00:17 . 2011-01-05 06:20 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-02-10 00:17 . 2011-01-05 05:37 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-02-10 00:17 . 2010-10-27 05:18 5510528 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-10 00:17 . 2010-10-27 05:16 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-02-10 00:17 . 2010-10-27 04:40 1293120 ----a-w- c:\windows\SysWow64\ntdll.dll
2011-02-10 00:17 . 2010-10-27 04:43 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-02-10 00:17 . 2010-10-27 04:43 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-02-10 00:08 . 2011-01-07 05:49 366080 ----a-w- c:\windows\system32\atmfd.dll
2011-02-10 00:08 . 2011-01-07 05:33 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-02-10 00:08 . 2011-01-07 08:06 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-10 00:08 . 2011-01-07 07:27 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-02-06 14:40 . 2011-02-06 14:40 -------- d-----w- C:\ubuntu
2011-02-06 05:09 . 2011-02-13 22:22 -------- d-----w- c:\users\The Raddish\AppData\Roaming\vlc
2011-02-05 02:23 . 2011-02-05 02:23 -------- d-----w- c:\program files (x86)\Lavalys
2011-02-05 01:24 . 2011-02-05 01:25 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-02-05 01:18 . 2011-02-05 01:18 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-02-05 01:15 . 2011-02-05 01:21 -------- d-----w- c:\program files\NVIDIA Corporation
2011-02-05 01:14 . 2011-02-05 01:14 -------- d-----w- C:\NVIDIA
2011-02-05 01:03 . 2011-02-05 01:03 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2011-02-05 01:03 . 2011-02-05 01:04 -------- d-----w- c:\users\The Raddish\AppData\Roaming\SystemRequirementsLab
2011-01-26 04:10 . 2011-01-26 04:10 -------- d-----w- C:\ASUS
2011-01-26 03:11 . 2011-02-06 19:21 -------- d-----w- c:\program files (x86)\TightVNC
2011-01-26 03:01 . 2011-01-26 03:01 -------- d-----w- c:\users\The Raddish\AppData\Local\Downloaded Installations
2011-01-26 00:23 . 2011-01-26 00:23 -------- d-----w- c:\program files (x86)\Coupons
2011-01-25 23:45 . 2006-08-21 12:06 27648 ----a-w- c:\windows\system32\Spool\prtprocs\x64\SSGB6pc.dll
2011-01-25 23:40 . 2006-11-20 14:22 151552 ----a-w- c:\windows\system32\SSGB6ci.exe
2011-01-25 23:40 . 2006-11-21 17:40 89600 ----a-w- c:\windows\system32\SSGB6ci.dll
2011-01-25 23:40 . 2009-03-02 20:12 11576 ------w- c:\windows\system32\drivers\SSPORT.SYS
2011-01-25 23:40 . 2009-03-02 20:12 53816 ------w- c:\windows\system32\drivers\DGIVECP.SYS
2011-01-25 23:40 . 2011-01-25 23:40 -------- d-----w- c:\program files (x86)\SAMSUNG
2011-01-25 23:39 . 2011-01-25 23:39 -------- d-----w- C:\Temp
2011-01-24 03:20 . 2011-01-24 03:20 -------- d-----w- C:\BIOS
2011-01-24 01:58 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
2011-01-24 01:58 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-24 01:58 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
2011-01-24 01:58 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-24 01:58 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-24 01:58 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-24 01:58 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-01-24 01:58 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2011-01-24 01:58 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-01-24 01:58 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2011-01-24 00:55 . 2011-01-24 00:55 301688 ----a-w- c:\users\The Raddish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dpclat.exe
2011-01-20 02:43 . 2011-01-20 02:43 -------- d-----w- c:\program files (x86)\PDFZilla
2011-01-17 21:53 . 2011-01-17 21:53 -------- d-----w- c:\windows\Sun
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 23:11 . 2009-11-26 01:32 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-08 03:27 . 2009-09-01 06:19 7729256 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-01-08 03:27 . 2009-09-01 06:19 2200680 ----a-w- c:\windows\system32\nvapi64.dll
2011-01-08 02:50 . 2011-01-08 02:50 795752 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-01-08 02:50 . 2011-01-08 02:50 6143080 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-08 02:49 . 2011-01-08 02:49 3156072 ----a-w- c:\windows\system32\nvsvc64.dll
2011-01-08 02:49 . 2011-01-08 02:49 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-08 02:49 . 2011-01-08 02:49 307304 ----a-w- c:\windows\SysWow64\oemdspif.dll
2011-01-08 02:49 . 2011-01-08 02:49 2558568 ----a-w- c:\windows\system32\nvsvcr.dll
2011-01-08 02:49 . 2011-01-08 02:49 1005160 ----a-w- c:\windows\system32\nvvsvc.exe
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\SysWow64\GPhotos.scr
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2010-11-27 1242448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"OnekeyDM"="c:\program files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe" [2009-03-27 468480]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880]
"00PCTFW"="c:\program files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" [2010-11-29 2676696]
c:\users\The Raddish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
dpclat.exe [2011-1-23 301688]
Zo‰.exe.lnk - c:\users\The Raddish\Documents\AHK\setup\Zo‰.exe [2010-3-28 186601]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-06 136176]
R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [2009-11-10 24576]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-05-14 5435904]
R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-30 222208]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-06-03 144656]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-24 1255736]
R3 WinPhlash;WinPhlash;c:\bios\BIOS\PHLASHNT.SYS [2008-05-07 47160]
S1 aswSP;aswSP;
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2010-11-17 331368]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 aswFsBlk;aswFsBlk;
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 61008]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-03-02 11576]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-08 378984]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 26128]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [2009-05-20 14848]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [2008-04-25 6656]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-16 6952960]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-08-22 84512]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter64.sys [2010-11-24 119688]
S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
S3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw64.sys [2010-11-25 179464]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [2009-08-22 197120]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
Contents of the 'Scheduled Tasks' folder
2011-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-06 18:48]
2011-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-06 18:48]
2011-02-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3259647352-4281637696-3222292564-1001Core.job
- c:\users\The Raddish\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-13 02:09]
2011-02-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3259647352-4281637696-3222292564-1001UA.job
- c:\users\The Raddish\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-13 02:09]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-06-16 4333384]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-06-18 5828936]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-17 9643040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://raddishes.mvix.net/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: mvix.net\raddishes
FF - ProfilePath - c:\users\The Raddish\AppData\Roaming\Mozilla\Firefox\Profiles\ttoflpmu.default\
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files (x86)\DivX\DivXCodecUninstall.exe
AddRemove-{8ADFC4160D694100B5B8A22DE9DCABD9} - c:\program files (x86)\DivX\DivXPlayerUninstall.exe
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="0FBFF4D00FE274B01890541049064856C24A58C
E984ECE03C24F69B0E7626D926BF5FEBC9E127B
ECC74CFEBC9E127BECC74CFEBC9E127BECC74CF
EBC9E127BECC74CFEBC9E127BECC74CFEBC9E12
7BECC74CA6A0AC4980AC7933A6171C11EC38DE3
DA2D97226D213B555A2D97226D213B55543A07A
5DD19DF8AF5F94C148E59B315B2235E9E5B9624
9D194A7430495FED9F6888BBF6576B8E7B440F5
FE8E1ECD1EDB70FBB0A57DC7D57C09CCC3E0635
FEB6953DCE70606EC70B35E21DFF354EB15CC3A
581CC99B8B012207E4B38AFB5560D6CCBA1D67A
B5CD090AF5541828F0099C5E243E05A983F3327
FCC4BB2A001C2318127299F2C68A9CB11DF5160
68AF782DCBFDB42A4AD5A2BF6CFE2152CC65276
06B0F22E59E8603B83820F618D36A5FDB11AE19
ABAC6B5F6FE55D99046D7FB6F00AE513F8CD8A9
E6F4314BBD6EB5BC89E131BD5AF183117DAF586
8116C7300F96883C4C5C49017ADFA6F7C57415F
587993B6F60262BA8D767F97710D59872AD1269
A28CC7DBFBC748C759771DFC0F4766FCF3DA9E9
F2B2EE6947FB128ABCA98AA3547D757448936FA
471B45FEB18747A221862792A69E948E70E333C
43EA1208CE05E7F3AD41F7AA4382918BC9D89CD
7DB1BDBAF860F03B5000765410820DA041C75AE
90EFF3A9846C3E8EF2A12B9430D15E43212987A
F4135C08667251EDE8E01DFBD27C6DF4E31A82E
B1A6DE6AECFB3C5456327FAB064791BE2C0AA7D
95F087875A5A80138EC35814FA1CCB2A51587D7
E9F7DCBA877F7923F6131961FDFCA501591A193
2E172ED88122D1D8F20E272667B2D304F5DFC5B
FBD59796E7E5C1F11DA4F210B0783087D0DB45E
5AFD2102F2ADA20CE77203FC5B0B9BF1B172596
4AD3E2AB3B98495886F086FC888DE7B9076DCF9
F6E2FF8EDE5DB752F518C81CC612F1565D849D7
0640855E8FF96A40E0157C921C58B8C491BC1AD
03378A9F1963B3EAC62BF645B34E12EA358444A
6EEB4AA8D2ABEB9892199F8E06B86495268CB29
3148B56D23E42670F8CD80374B924E8C5B00A1D
1828D736DCC455FABAFEA9F646276D193E1D76A
5CEC13668769DB50A2DC3126F43FD03FCB0AEBD
B84513CC877134B519964CF84299DF393A1FCA3
2973B95C87DEC40374637DCCDACA8AAB93A3281
3B7A10D155B89EF8CC5183A311D250A3D1F62A4
FEFB5A05A047A1BC2183B2C46F3749FE87CD692
10051BFABFA9CF5060781D53C01244A3A303D89
70E728585ACFA55017E42412CA1151922EB3A75
25322AC785DB623F7B2E92925AF1396D69D7927
B34365F6C2796565FD9A66300BBF278DE239D0C
C5625F9C08E687BE9607599D5B7CE5F02544534
6984523ABFD83709961CF379D4F1D13B02C039D
3BFA8F3BA37DDF99F609C5AA04014DC97CD4726
CE663F40C0922EF198106B8334AE9B9F7D07FAA
0ED40A7466D5EA9CB422"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files (x86)\CDBurnerXP\NMSAccessU.exe
c:\program files (x86)\PC Tools Firewall Plus\FWService.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Common Files\Steam\SteamService.exe
.
**************************************************************************
.
Completion time: 2011-02-13 23:35:50 - machine was rebooted
ComboFix-quarantined-files.txt 2011-02-14 05:35
Pre-Run: 91,547,361,280 bytes free
Post-Run: 91,495,088,128 bytes free
- - End Of File - - 5B79F7EDBD5FB57639CE9A2F1EB51823