TR/Crypt.CFI.Gen - possibly removed, but not sure?

First topic message reminder :

First of all, thanks so much for this forum! I came across it after spending 12+ hours trying to remove this virus, so I appreciate all the help I can get!

I ran Avira AntiVir and it discovered the TR/Crypt.CFI.Gen virus in my Windows Temp files. It quarantined and deleted 3000+ files, and I did another full system scan just to be sure everything was gone. The 2nd scan showed no infected files. I ran Malwarebytes in addition to this, and both of these were run while the computer was in safe mode.

I took the computer out of safe mode and everything seems okay, but I hear that this one is hard to get rid of, so I wanted to make sure there is nothing I have missed. Here is my HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:19:25 PM, on 8/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Documents and Settings\Lisa and Spencer\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Avira\AntiVir Desktop\avscan.exe
c:\program files\avira\antivir desktop\avcenter.exe
c:\program files\avira\antivir desktop\avscan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Lisa and Spencer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lisa and Spencer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lisa and Spencer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lisa and Spencer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lisa and Spencer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lisa and Spencer\My Documents\Downloads\winlogon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: rebound Toolbar - {a740c0da-d880-40c5-bade-401f208cd221} - C:\Program Files\rebound\tbrebo.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: rebound Toolbar - {a740c0da-d880-40c5-bade-401f208cd221} - C:\Program Files\rebound\tbrebo.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: IEButton Class - {F81D52BF-F2F1-4F49-BF5F-05664E803039} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O3 - Toolbar: rebound Toolbar - {a740c0da-d880-40c5-bade-401f208cd221} - C:\Program Files\rebound\tbrebo.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [First Principle Group] C:\Program Files\First Principle Group\fpg.exe /s
O4 - HKLM\..\Run: [VAIO Update 3] "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Lisa and Spencer\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

Rest of log in next post...

O8 - Extra context menu item: Save Flash - [You must be registered and logged in to see this link.]\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O8 - Extra context menu item: Save YouTube Video - [You must be registered and logged in to see this link.]\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/217
O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {050A3800-6C03-48A5-A6D7-14CCF18A700D} - [You must be registered and logged in to see this link.]
O16 - DPF: {192F9A01-8030-48CE-9BC6-B03DE3E613C6} (PeoplePC Web Installer) - [You must be registered and logged in to see this link.]
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - [You must be registered and logged in to see this link.]
O16 - DPF: {297DE2B6-509A-4B36-93C5-A65276606900} (RRAAINAX_02.RRAAINAX) - [You must be registered and logged in to see this link.]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - [You must be registered and logged in to see this link.]
O16 - DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797} (XTSAC Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - [You must be registered and logged in to see this link.]
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - [You must be registered and logged in to see this link.]
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - [You must be registered and logged in to see this link.]
O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - [You must be registered and logged in to see this link.]
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - [You must be registered and logged in to see this link.]
O16 - DPF: {EE884C7D-21A0-49EA-B6F2-61ACF4E226F6} (Microsoft Office Live Workspace Upload Tool) - [You must be registered and logged in to see this link.]
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - [You must be registered and logged in to see this link.]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LeapFrog Connect Device Service - Unknown owner - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 18699 bytes

Hello.

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
  O8 - Extra context menu item: &Search - ?p=ZKxdm011YYUS
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?

I did the above and it's still not back to normal. Sometimes the mouse "catches", like it freezes and then starts moving again. When I try to play video, the sound and picture freezes or stalls, then resumes playing. I've run Antivir again and it shows no viruses. Is there something else that could be causing this?

Please download [You must be registered and logged in to see this link.]

• Next run the file; *Note: If running vista right click and select run as administrator
  
• Once opened, navigate to the log tab and select all the areas including the hidden objects only box and click on the create log button
  
• A scan will start and then a window will pop up with two options, select scan all drives
  
• Once finished it will give you a location where it was saved, navigate to that place usually the desktop, and open the log, post all the contents of the log back here.
  

SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

Process:
Name: [System Idle Process]
PID: 0
Hidden: No
Window Visible: No

Name: System
PID: 4
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\smss.exe
PID: 812
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\csrss.exe
PID: 860
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\winlogon.exe
PID: 888
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\services.exe
PID: 932
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\lsass.exe
PID: 944
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1136
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1212
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1252
Hidden: No
Window Visible: No

Name: C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PID: 1312
Hidden: No
Window Visible: No

Name: C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PID: 1536
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1736
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1784
Hidden: No
Window Visible: No

Name: C:\WINDOWS\explorer.exe
PID: 1792
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\spoolsv.exe
PID: 2024
Hidden: No
Window Visible: No

Name: C:\Program Files\Avira\AntiVir Desktop\sched.exe
PID: 204
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 256
Hidden: No
Window Visible: No

Name: C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PID: 360
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PID: 396
Hidden: No
Window Visible: No

Name: C:\Program Files\Bonjour\mDNSResponder.exe
PID: 460
Hidden: No
Window Visible: No

Name: C:\WINDOWS\ehome\ehrecvr.exe
PID: 512
Hidden: No
Window Visible: No

Name: C:\WINDOWS\ehome\ehSched.exe
PID: 628
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1164
Hidden: No
Window Visible: No

Name: C:\Program Files\Java\jre6\bin\jqs.exe
PID: 1400
Hidden: No
Window Visible: No

Name: C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PID: 1644
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PID: 1780
Hidden: No
Window Visible: No

Name: C:\Program Files\LogMeIn\x86\ramaint.exe
PID: 1960
Hidden: No
Window Visible: No

Name: C:\Program Files\LogMeIn\x86\LogMeIn.exe
PID: 440
Hidden: No
Window Visible: No

Name: C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PID: 496
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\hkcmd.exe
PID: 676
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\igfxpers.exe
PID: 748
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Motive\McciCMService.exe
PID: 764
Hidden: No
Window Visible: No

Name: C:\Program Files\Apoint\Apoint.exe
PID: 1272
Hidden: No
Window Visible: No

Name: C:\WINDOWS\ehome\ehtray.exe
PID: 1556
Hidden: No
Window Visible: No

Name: C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PID: 2092
Hidden: No
Window Visible: No

Name: C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PID: 2152
Hidden: No
Window Visible: No

Name: C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PID: 2176
Hidden: No
Window Visible: No

Name: C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PID: 2308
Hidden: No
Window Visible: No

Name: C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PID: 2364
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
PID: 2388
Hidden: No
Window Visible: No

Name: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PID: 2424
Hidden: No
Window Visible: No

Name: C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PID: 2484
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 2692
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PID: 2700
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 2760
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PID: 2888
Hidden: No
Window Visible: No

Name: C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PID: 2956
Hidden: No
Window Visible: No

Name: C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PID: 3008
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PID: 3092
Hidden: No
Window Visible: No

Name: C:\Program Files\iTunes\iTunesHelper.exe
PID: 3452
Hidden: No
Window Visible: No

Name: C:\Program Files\Apoint\ApntEx.exe
PID: 3460
Hidden: No
Window Visible: No

Name: C:\WINDOWS\ehome\ehmsas.exe
PID: 3508
Hidden: No
Window Visible: No

Name: C:\Program Files\Java\jre6\bin\jusched.exe
PID: 3560
Hidden: No
Window Visible: No

Name: C:\Program Files\Windows Media Player\wmpnetwk.exe
PID: 3600
Hidden: No
Window Visible: No

Name: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PID: 3716
Hidden: No
Window Visible: No

Name: C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PID: 3744
Hidden: No
Window Visible: No

Name: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PID: 3760
Hidden: No
Window Visible: No

Name: C:\PROGRA~1\Sony\SONICS~1\SSAAD.exe
PID: 3792
Hidden: No
Window Visible: Yes

Name: C:\WINDOWS\system32\searchindexer.exe
PID: 3828
Hidden: No
Window Visible: No

Name: C:\Documents and Settings\Lisa and Spencer\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
PID: 3836
Hidden: No
Window Visible: No

Name: C:\Program Files\Windows Media Player\wmpnscfg.exe
PID: 3884
Hidden: No
Window Visible: No

Name: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PID: 4088
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\ctfmon.exe
PID: 120
Hidden: No
Window Visible: No

Name: C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PID: 132
Hidden: No
Window Visible: No

Name: C:\WINDOWS\ehome\mcrdsvc.exe
PID: 2572
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\igfxext.exe
PID: 2676
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\igfxsrvc.exe
PID: 1636
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PID: 560
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PID: 664
Hidden: No
Window Visible: No

Name: C:\Program Files\iPod\bin\iPodService.exe
PID: 2604
Hidden: No
Window Visible: No

Continued...

Name: C:\WINDOWS\system32\alg.exe
PID: 1712
Hidden: No
Window Visible: No

Name: C:\Documents and Settings\Lisa and Spencer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PID: 612
Hidden: No
Window Visible: No

Name: C:\Documents and Settings\Lisa and Spencer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PID: 5384
Hidden: No
Window Visible: No

Name: C:\Documents and Settings\Lisa and Spencer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PID: 5512
Hidden: No
Window Visible: No

Name: C:\Documents and Settings\Lisa and Spencer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PID: 4292
Hidden: No
Window Visible: No

Name: C:\Documents and Settings\Lisa and Spencer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PID: 1320
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\searchprotocolhost.exe
PID: 1032
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\searchfilterhost.exe
PID: 6116
Hidden: No
Window Visible: No

Name: C:\Documents and Settings\Lisa and Spencer\My Documents\Downloads\SysProt.exe
PID: 5540
Hidden: No
Window Visible: Yes

******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \??\C:\Documents and Settings\Lisa and Spencer\My Documents\Downloads\SysProtDrv.sys
Service Name: SysProtDrv.sys
Module Base: A93E9000
Module End: A93F4000
Hidden: No

Module Name: \WINDOWS\system32\ntkrnlpa.exe
Service Name: ---
Module Base: 804D7000
Module End: 806E4000
Hidden: No

Module Name: \WINDOWS\system32\hal.dll
Service Name: ---
Module Base: 806E4000
Module End: 80704D00
Hidden: No

Module Name: \WINDOWS\system32\KDCOM.DLL
Service Name: ---
Module Base: F7A3E000
Module End: F7A40000
Hidden: No

Module Name: \WINDOWS\system32\BOOTVID.dll
Service Name: ---
Module Base: F794E000
Module End: F7951000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ACPI.sys
Service Name: ACPI
Module Base: F740F000
Module End: F743D000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\WMILIB.SYS
Service Name: ---
Module Base: F7A40000
Module End: F7A42000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\pci.sys
Service Name: PCI
Module Base: F73FE000
Module End: F740F000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\isapnp.sys
Service Name: isapnp
Module Base: F753E000
Module End: F7548000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ohci1394.sys
Service Name: ohci1394
Module Base: F754E000
Module End: F755E000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\1394BUS.SYS
Service Name: ---
Module Base: F755E000
Module End: F756C000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\compbatt.sys
Service Name: Compbatt
Module Base: F7952000
Module End: F7955000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\BATTC.SYS
Service Name: BattC
Module Base: F7956000
Module End: F795A000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\pciide.sys
Service Name: PCIIde
Module Base: F7B06000
Module End: F7B07000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Service Name: ---
Module Base: F77BE000
Module End: F77C5000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\pcmcia.sys
Service Name: Pcmcia
Module Base: F73E0000
Module End: F73FE000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\MountMgr.sys
Service Name: MountMgr
Module Base: F756E000
Module End: F7579000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ftdisk.sys
Service Name: Disk
Module Base: F73C1000
Module End: F73E0000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ACPIEC.sys
Service Name: ACPIEC
Module Base: F795A000
Module End: F795D000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
Service Name: ---
Module Base: F7B07000
Module End: F7B08000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\PartMgr.sys
Service Name: PartMgr
Module Base: F77C6000
Module End: F77CB000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\VolSnap.sys
Service Name: VolSnap
Module Base: F757E000
Module End: F758B000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\atapi.sys
Service Name: atapi
Module Base: F73A9000
Module End: F73C1000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\disk.sys
Service Name: ---
Module Base: F758E000
Module End: F7597000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Service Name: ---
Module Base: F759E000
Module End: F75AB000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\fltmgr.sys
Service Name: FltMgr
Module Base: F7389000
Module End: F73A9000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sr.sys
Service Name: sr
Module Base: F7377000
Module End: F7389000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\PxHelp20.sys
Service Name: PxHelp20
Module Base: F75AE000
Module End: F75B7000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\KSecDD.sys
Service Name: KSecDD
Module Base: F7360000
Module End: F7377000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\Ntfs.sys
Service Name: Ntfs
Module Base: F72D3000
Module End: F7360000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\NDIS.sys
Service Name: NDIS
Module Base: F72A6000
Module End: F72D3000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\Mup.sys
Service Name: Mup
Module Base: F728C000
Module End: F72A6000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\intelppm.sys
Service Name: intelppm
Module Base: F764E000
Module End: F7657000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\CmBatt.sys
Service Name: CmBatt
Module Base: F7254000
Module End: F7258000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
Service Name: ialm
Module Base: F68C3000
Module End: F69E0000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Service Name: ---
Module Base: F68AF000
Module End: F68C3000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Service Name: HDAudBus
Module Base: F6887000
Module End: F68AF000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\yk51x86.sys
Service Name: yukonwxp
Module Base: F684B000
Module End: F6887000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
Service Name: NETw3x32
Module Base: F66AA000
Module End: F684B000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Service Name: usbuhci
Module Base: F78CE000
Module End: F78D4000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Service Name: ---
Module Base: F6686000
Module End: F66AA000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Service Name: usbehci
Module Base: F78D6000
Module End: F78DE000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\nic1394.sys
Service Name: NIC1394
Module Base: F765E000
Module End: F766E000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ti21sony.sys
Service Name: ti21sony
Module Base: F6649000
Module End: F6686000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\SonyNC.sys
Service Name: SNC
Module Base: F78E6000
Module End: F78EC000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Service Name: i8042prt
Module Base: F766E000
Module End: F767B000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Service Name: Kbdclass
Module Base: F78EE000
Module End: F78F4000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
Service Name: ApfiltrService
Module Base: F662F000
Module End: F6649000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Service Name: Mouclass
Module Base: F78F6000
Module End: F78FC000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Service Name: Cdrom
Module Base: F768E000
Module End: F769E000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\redbook.sys
Service Name: redbook
Module Base: F769E000
Module End: F76AD000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ks.sys
Service Name: ---
Module Base: F660C000
Module End: F662F000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
Service Name: GEARAspiWDM
Module Base: F76AE000
Module End: F76B8000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\tosrfcom.sys
Service Name: Tosrfcom
Module Base: F76BE000
Module End: F76CE000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\dfmirage.sys
Service Name: dfmirage
Module Base: F76CE000
Module End: F76DA000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\lmimirr.sys
Service Name: lmimirr
Module Base: F7BA8000
Module End: F7BA9000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\audstub.sys
Service Name: audstub
Module Base: F7BA9000
Module End: F7BAA000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Service Name: Rasl2tp
Module Base: F76DE000
Module End: F76EB000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Service Name: NdisTapi
Module Base: F7244000
Module End: F7247000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Service Name: NdisWan
Module Base: F65F5000
Module End: F660C000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Service Name: RasPppoe
Module Base: F76EE000
Module End: F76F9000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Service Name: PptpMiniport
Module Base: F76FE000
Module End: F770A000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Service Name: ---
Module Base: F7906000
Module End: F790B000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\psched.sys
Service Name: PSched
Module Base: F65E4000
Module End: F65F5000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Service Name: Gpc
Module Base: F770E000
Module End: F7717000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Service Name: Ptilink
Module Base: F790E000
Module End: F7913000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\raspti.sys
Service Name: Raspti
Module Base: F7916000
Module End: F791B000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Service Name: rdpdr
Module Base: F65B4000
Module End: F65E4000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\termdd.sys
Service Name: TermDD
Module Base: F771E000
Module End: F7728000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\swenum.sys
Service Name: swenum
Module Base: F7A80000
Module End: F7A82000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\update.sys
Service Name: Update
Module Base: F6556000
Module End: F65B4000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Service Name: mssmbios
Module Base: F6AE7000
Module End: F6AEB000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\tosporte.sys
Service Name: tosporte
Module Base: F772E000
Module End: F773A000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Service Name: NDProxy
Module Base: F773E000
Module End: F7748000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\RtkHDAud.sys
Service Name: IntcAzAudAddService
Module Base: AAB28000
Module End: AAF69000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\portcls.sys
Service Name: ---
Module Base: AAB04000
Module End: AAB28000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\drmk.sys
Service Name: ---
Module Base: F776E000
Module End: F777D000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
Service Name: HSFHWAZL
Module Base: AAAD1000
Module End: AAB04000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
Service Name: HSF_DPV
Module Base: AA9DF000
Module End: AAAD1000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
Service Name: winachsf
Module Base: AA92D000
Module End: AA9DF000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Modem.SYS
Service Name: Modem
Module Base: F7926000
Module End: F792E000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Service Name: usbhub
Module Base: F777E000
Module End: F778D000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Service Name: ---
Module Base: F7A86000
Module End: F7A88000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Service Name: Fs_Rec
Module Base: F7A88000
Module End: F7A8A000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Null.SYS
Service Name: Null
Module Base: F7C40000
Module End: F7C41000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Beep.SYS
Service Name: Beep
Module Base: F7A8A000
Module End: F7A8C000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\vga.sys
Service Name: VgaSave
Module Base: F7946000
Module End: F794C000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Service Name: mnmdd
Module Base: F7A8C000
Module End: F7A8E000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Service Name: RDPCDD
Module Base: F7A8E000
Module End: F7A90000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Msfs.SYS
Service Name: Msfs
Module Base: F77D6000
Module End: F77DB000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Npfs.SYS
Service Name: Npfs
Module Base: F77F6000
Module End: F77FE000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Service Name: RasAcd
Module Base: F7A0E000
Module End: F7A11000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Service Name: IPSec
Module Base: AA8D2000
Module End: AA8E5000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Service Name: Tcpip
Module Base: AA879000
Module End: AA8D2000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\netbt.sys
Service Name: NetBT
Module Base: AA851000
Module End: AA879000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Service Name: IpNat
Module Base: AA82B000
Module End: AA851000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\afd.sys
Service Name: AFD
Module Base: AA809000
Module End: AA82B000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\netbios.sys
Service Name: NetBIOS
Module Base: F778E000
Module End: F7797000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Service Name: Wanarp
Module Base: F779E000
Module End: F77A7000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
Service Name: ssmdrv
Module Base: F77FE000
Module End: F7804000
Hidden: No

Module Name: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
Service Name: SASKUTIL
Module Base: AA744000
Module End: AA769000
Hidden: No

Module Name: \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
Service Name: SASDIFSV
Module Base: F7806000
Module End: F780C000
Hidden: No

Continued...

Module Name: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Service Name: Rdbss
Module Base: AA719000
Module End: AA744000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\arp1394.sys
Service Name: Arp1394
Module Base: F77AE000
Module End: F77BD000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Service Name: MRxSmb
Module Base: AA681000
Module End: AA6F1000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Fips.SYS
Service Name: Fips
Module Base: F6A70000
Module End: F6A7B000
Hidden: No

Module Name: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
Service Name: eeCtrl
Module Base: AA61E000
Module End: AA681000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\DMICall.sys
Service Name: DMICall
Module Base: F7C4D000
Module End: F7C4E000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\avipbb.sys
Service Name: avipbb
Module Base: AA602000
Module End: AA61E000
Hidden: No

Module Name: \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
Service Name: avgio
Module Base: F7A92000
Module End: F7A94000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Service Name: usbstor
Module Base: F780E000
Module End: F7815000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Service Name: Cdfs
Module Base: F75DE000
Module End: F75EE000
Hidden: No

Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys
Service Name: ---
Module Base: AA5EA000
Module End: AA602000
Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_WMILIB.SYS
Service Name: ---
Module Base: F7ABC000
Module End: F7ABE000
Hidden: Yes

Module Name: C:\WINDOWS\System32\drivers\Dxapi.sys
Service Name: ---
Module Base: F652E000
Module End: F6531000
Hidden: No

Module Name: C:\WINDOWS\System32\watchdog.sys
Service Name: ---
Module Base: F7876000
Module End: F787B000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\dxgthk.sys
Service Name: ---
Module Base: F7C37000
Module End: F7C38000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\avgntflt.sys
Service Name: avgntflt
Module Base: AA496000
Module End: AA4AA000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\AegisP.sys
Service Name: AegisP
Module Base: F78C6000
Module End: F78CB000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\s24trans.sys
Service Name: s24trans
Module Base: AA48E000
Module End: AA492000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Service Name: Ndisuio
Module Base: AA42A000
Module End: AA42E000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Service Name: MRxDAV
Module Base: AA121000
Module End: AA14E000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Aspi32.SYS
Service Name: Aspi32
Module Base: AA162000
Module End: AA166000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\wdmaud.sys
Service Name: wdmaud
Module Base: A9FF4000
Module End: AA009000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sysaudio.sys
Service Name: sysaudio
Module Base: AA1E6000
Module End: AA1F5000
Hidden: No

Module Name: \??\C:\WINDOWS\system32\drivers\CdaD10BA.SYS
Service Name: CdaD10BA
Module Base: AA11D000
Module End: AA120000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\HTTP.sys
Service Name: HTTP
Module Base: A9DAB000
Module End: A9DEC000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\srv.sys
Service Name: Srv
Module Base: A9C19000
Module End: A9C6B000
Hidden: No

Module Name: \??\C:\Program Files\LogMeIn\x86\RaInfo.sys
Service Name: LMIInfo
Module Base: F7AEA000
Module End: F7AEC000
Hidden: No

Module Name: \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
Service Name: LMIRfsDriver
Module Base: A9CDB000
Module End: A9CE5000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
Service Name: mdmxsdk
Module Base: A9BF9000
Module End: A9BFD000
Hidden: No

Module Name: \??\C:\WINDOWS\system32\drivers\symlcbrd.sys
Service Name: symlcbrd
Module Base: F7816000
Module End: F781C000
Hidden: No

Module Name: \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
Service Name: SASENUM
Module Base: F791E000
Module End: F7923000
Hidden: No

Module Name: \SystemRoot\System32\Drivers\hiber_WMILIB.SYS
Service Name: ---
Module Base: F7B00000
Module End: F7B02000
Hidden: Yes

Module Name: C:\WINDOWS\System32\Drivers\Fastfat.SYS
Service Name: Fastfat
Module Base: A8A25000
Module End: A8A49000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\kmixer.sys
Service Name: kmixer
Module Base: A89AA000
Module End: A89D5000
Hidden: No

******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwCreateKey
Address: F7C5048E
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwCreateThread
Address: F7C50484
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwDeleteKey
Address: F7C50493
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwDeleteValueKey
Address: F7C5049D
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwLoadKey
Address: F7C504A2
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwOpenProcess
Address: F7C50470
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwOpenThread
Address: F7C50475
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwReplaceKey
Address: F7C504AC
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwRestoreKey
Address: F7C504A7
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwSetValueKey
Address: F7C50498
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwTerminateProcess
Address: AA74D0B0
Driver Base: AA744000
Driver End: AA769000
Driver Name: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys

******************************************************************************************
******************************************************************************************
No Kernel Hooks found

******************************************************************************************
******************************************************************************************
No IRP Hooks found

******************************************************************************************
******************************************************************************************
Ports:
Local Address: LISA.GATEWAY.2WIRE.NET:2377
Remote Address: APP01-07.LOGMEIN.COM:HTTPS
Type: TCP
Process: C:\Program Files\LogMeIn\x86\LogMeIn.exe
State: ESTABLISHED

Local Address: LISA.GATEWAY.2WIRE.NET:1388
Remote Address: YW-IN-F100.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
State: CLOSE_WAIT

Local Address: LISA.GATEWAY.2WIRE.NET:1385
Remote Address: YW-IN-F99.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
State: CLOSE_WAIT

Local Address: LISA.GATEWAY.2WIRE.NET:NETBIOS-SSN
Remote Address: 0.0.0.0:0
Type: TCP
Process: System
State: LISTENING

Local Address: LISA:27015
Remote Address: LOCALHOST:1033
Type: TCP
Process: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
State: ESTABLISHED

Local Address: LISA:27015
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
State: LISTENING

Local Address: LISA:5354
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: LISTENING

Local Address: LISA:5152
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Java\jre6\bin\jqs.exe
State: LISTENING

Local Address: LISA:2002
Remote Address: LOCALHOST:1034
Type: TCP
Process: C:\Program Files\LogMeIn\x86\LogMeIn.exe
State: ESTABLISHED

Local Address: LISA:1044
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\WINDOWS\system32\alg.exe
State: LISTENING

Local Address: LISA:1034
Remote Address: LOCALHOST:2002
Type: TCP
Process: C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
State: ESTABLISHED

Local Address: LISA:1033
Remote Address: LOCALHOST:27015
Type: TCP
Process: C:\Program Files\iTunes\iTunesHelper.exe
State: ESTABLISHED

Local Address: LISA:51493
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
State: LISTENING

Local Address: LISA:10243
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Windows Media Player\wmpnetwk.exe
State: LISTENING

Local Address: LISA:2869
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\WINDOWS\system32\svchost.exe
State: LISTENING

Local Address: LISA:2002
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\LogMeIn\x86\LogMeIn.exe
State: LISTENING

Local Address: LISA:MICROSOFT-DS
Remote Address: 0.0.0.0:0
Type: TCP
Process: System
State: LISTENING

Local Address: LISA:EPMAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\WINDOWS\system32\svchost.exe
State: LISTENING

Local Address: LISA.GATEWAY.2WIRE.NET:5353
Remote Address: NA
Type: UDP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: NA

Local Address: LISA.GATEWAY.2WIRE.NET:1900
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: LISA.GATEWAY.2WIRE.NET:1900
Remote Address: NA
Type: UDP
Process: C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
State: NA

Local Address: LISA.GATEWAY.2WIRE.NET:138
Remote Address: NA
Type: UDP
Process: System
State: NA

Local Address: LISA.GATEWAY.2WIRE.NET:NETBIOS-NS
Remote Address: NA
Type: UDP
Process: System
State: NA

Local Address: LISA.GATEWAY.2WIRE.NET:123
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: LISA:1900
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: LISA:123
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: LISA:64527
Remote Address: NA
Type: UDP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: NA

Local Address: LISA:51493
Remote Address: NA
Type: UDP
Process: C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
State: NA

Local Address: LISA:4500
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\lsass.exe
State: NA

Local Address: LISA:3776
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\ehome\mcrdsvc.exe
State: NA

Local Address: LISA:1025
Remote Address: NA
Type: UDP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: NA

Local Address: LISA:500
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\lsass.exe
State: NA

Local Address: LISA:MICROSOFT-DS
Remote Address: NA
Type: UDP
Process: System
State: NA

******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: C:\Documents and Settings\Lisa and Spencer\Application Data\uTorrent\Sigur_Ros_Með suð i´ eyrum við spilum endalaust_320kb.torrent
Status: Hidden

Object: C:\Documents and Settings\Lisa and Spencer\My Documents\My Music\Alice_In_Chains-Discography-(21CD)-h8me\Alice_In_Chains-Music_Bank_Boxset-(3CD)-1999-h8me\Alice_In_Chains-Music_Bank_Boxset-(Disc_1)-1999-h8me\10-alice_in_chains-sea_of_sorrow_(unreleased_de
Status: Hidden

Object: C:\Documents and Settings\Lisa and Spencer\My Documents\My Music\Alice_In_Chains-Discography-(21CD)-h8me\Alice_In_Chains-Music_Bank_Boxset-(3CD)-1999-h8me\Alice_In_Chains-Music_Bank_Boxset-(Disc_1)-1999-h8me\15-alice_in_chains-rooster_(unreleased_demo)-h8
Status: Hidden

Object: C:\Documents and Settings\Lisa and Spencer\My Documents\My Music\Sigur_Ros_Með suð i´ eyrum við spilum endalaust_320kb
Status: Hidden

Hello.
Log looks okay aside from a hidden item in your uTorrent folder.