OTL logfile created on: 12/4/2010 12:20:21 PM - Run 3
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Documents and Settings\Randy\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 50.81 Gb Free Space | 68.20% Space Free | Partition Type: NTFS
Drive D: | 136.71 Gb Total Space | 136.64 Gb Free Space | 99.95% Space Free | Partition Type: NTFS
Drive E: | 12.32 Gb Total Space | 12.32 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
 
Computer Name: 9200Q6600 | User Name: Randy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/12/04 12:19:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Randy\My Documents\Downloads\OTL.com
PRC - [2010/12/04 10:33:06 | 000,505,856 | -HS- | M] (Borland Software Corporation) -- C:\WINDOWS\MFC71KORwow.exe
PRC - [2010/12/03 08:47:44 | 001,377,280 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\system32\msgina32.exe
PRC - [2010/12/03 08:47:44 | 001,377,280 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\system32\mscories32.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/08/24 19:31:19 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/08/24 19:31:10 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/05/07 17:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2010/05/07 17:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/05/07 17:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2010/02/25 19:37:54 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
PRC - [2009/11/14 11:38:29 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/02/16 02:44:55 | 001,358,384 | R--- | M] (Linksys, LLC) -- C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
PRC - [2008/12/12 17:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/12/12 17:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/01 15:07:56 | 000,285,696 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files\Portrait Displays\forteManager\dthtml.exe
PRC - [2007/02/01 15:06:08 | 000,073,728 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2007/02/01 15:06:00 | 000,110,592 | ---- | M] (Portrait Displays Inc.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
PRC - [2006/11/05 10:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 09:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/10/03 10:37:04 | 000,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2006/08/17 08:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
PRC - [2006/03/20 15:00:04 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/09/21 15:05:32 | 000,270,336 | ---- | M] () -- C:\Program Files\GEEK SQUAD POWER MANAGEMENT\pppeuser.exe
PRC - [2005/09/20 17:49:36 | 000,487,424 | ---- | M] () -- C:\Program Files\GEEK SQUAD POWER MANAGEMENT\ppped.exe
PRC - [2005/04/06 14:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAFA.EXE
PRC - [2004/08/19 22:08:00 | 000,348,160 | ---- | M] () -- C:\GeekSquad\upssrv.exe
PRC - [2004/08/19 03:00:00 | 000,192,512 | ---- | M] () -- C:\GeekSquad\upsio.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/12/04 12:19:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Randy\My Documents\Downloads\OTL.com
MOD - [2010/02/25 19:37:43 | 000,419,696 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\3.8.0.41\asOEHook.dll
MOD - [2009/11/14 11:38:58 | 000,102,400 | ---- | M] (RealPlayer) -- C:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll
MOD - [2008/04/15 10:47:33 | 001,724,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll
MOD - [2008/04/14 04:41:54 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/12/03 08:47:44 | 001,377,280 | ---- | M] (Borland Software Corporation) [Auto | Running] -- C:\WINDOWS\system32\msgina32.exe -- (Netman32)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/02/25 19:37:54 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe -- (N360)
SRV - [2008/12/12 17:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/02/01 15:06:08 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2005/09/20 17:49:36 | 000,487,424 | ---- | M] () [Auto | Running] -- C:\Program Files\GEEK SQUAD POWER MANAGEMENT\ppped.exe -- (ppped)
SRV - [2004/10/22 02:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/19 22:08:00 | 000,348,160 | ---- | M] () [Auto | Running] -- C:\GeekSquad\upssrv.exe -- (CyberPowerUPS)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2010/10/19 13:36:22 | 000,341,880 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20101130.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/09/28 01:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101204.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/09/28 01:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101204.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/05/26 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/14 15:04:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2010/05/14 15:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Pro 9000(UVC)
DRV - [2010/05/14 15:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/02/25 19:38:00 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/02/25 19:37:56 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SYMEFA.SYS -- (SymEFA)
DRV - [2010/02/25 19:37:56 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SRTSP.SYS -- (SRTSP)
DRV - [2010/02/25 19:37:56 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/02/25 19:37:56 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)
DRV - [2010/02/25 19:37:56 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 19:37:56 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2010/02/25 19:37:56 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2010/02/25 19:37:56 | 000,036,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2010/02/25 19:37:56 | 000,033,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMIDS.SYS -- (SYMIDS)
DRV - [2010/02/25 19:37:55 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\ccHPx86.sys -- (ccHP)
DRV - [2010/02/25 19:37:55 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\BHDrvx86.sys -- (BHDrvx86)
DRV - [2008/12/12 17:05:20 | 000,025,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2008/12/12 17:05:18 | 000,023,984 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/12/04 06:17:15 | 000,627,072 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB54GCv3.sys -- (WUSB54GCv3)
DRV - [2008/08/08 14:52:48 | 000,017,408 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
DRV - [2008/08/08 14:52:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
DRV - [2008/04/13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/08/30 10:07:22 | 000,242,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2007/05/14 14:33:00 | 006,738,304 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/11/16 17:31:40 | 000,011,776 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pdiddcci.sys -- (pdiddcci)
DRV - [2006/11/16 17:20:48 | 000,015,920 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PdiPorts.sys -- (PdiPorts)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 10:05:58 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/07/21 10:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006/03/20 15:06:04 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2003/12/03 17:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys -- (cdrbsvsd)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = F7 C1 FA 01 C0 C5 40 40 A1 E6 91 77 7F 5D 0C 67  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "BearShare Web Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: esnipesnipeit@esnipe.com:1.1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {4923d434-cd56-42f4-912b-89adfd19e91d}:1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..keyword.URL: "http://search.bearshare.com/web?src=ffb&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/04/21 09:27:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/02 19:01:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/03 09:11:19 | 000,000,000 | ---D | M]
 
[2009/09/15 20:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\Mozilla\Extensions
[2010/12/03 09:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\Mozilla\Firefox\Profiles\rj5p8oa5.default\extensions
[2010/05/05 06:05:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Randy\Application Data\Mozilla\Firefox\Profiles\rj5p8oa5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/03 08:47:50 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\Randy\Application Data\Mozilla\Firefox\Profiles\rj5p8oa5.default\extensions\{4923d434-cd56-42f4-912b-89adfd19e91d}
[2010/05/05 06:05:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Randy\Application Data\Mozilla\Firefox\Profiles\rj5p8oa5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/08/30 09:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\Mozilla\Firefox\Profiles\rj5p8oa5.default\extensions\esnipesnipeit@esnipe.com
[2010/03/28 10:04:34 | 000,002,476 | ---- | M] () -- C:\Documents and Settings\Randy\Application Data\Mozilla\Firefox\Profiles\rj5p8oa5.default\searchplugins\BearShareWebSearch.xml
[2010/12/04 10:32:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/03 11:11:09 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/08/28 06:22:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/03/28 10:04:34 | 000,002,476 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
 
O1 HOSTS File: ([2010/12/04 11:16:41 | 000,426,615 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 14694 more lines...
O2 - BHO: (no name) - {01FAC1F7-C5C0-4040-A1E6-91777F5D0C67} - C:\WINDOWS\system32\atl32.dll (Borland Software Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (20ee3696) - {D5622415-9FA7-7C98-1765-4B95749237BD} - C:\WINDOWS\system32\mqtrig32.dll (Borland Software Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Auto Auto EPSON Stylus CX7800 Series on 9200Q6600 on CHERYL] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Auto EPSON Stylus CX7800 Series on COMPUTERAUTUMN] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Auto EPSON Stylus CX7800 Series on DOCSLAPTOP] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [DT LGE] C:\Program Files\Portrait Displays\forteManager\DTHtml.exe (Portrait Displays, Inc)
O4 - HKLM..\Run: [EPSON Stylus CX7800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [Linksys Wireless Manager] C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Linksys, LLC)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MFC71KORwow.exe] C:\WINDOWS\MFC71KORwow.exe (Borland Software Corporation)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UIUCU] C:\DOCUME~1\Randy\LOCALS~1\Temp\UIUCU.EXE File not found
O4 - HKLM..\Run: [UserFaultCheck]  File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [PowerPanel Personal Edition User Interaction] C:\Program Files\GEEK SQUAD POWER MANAGEMENT\pppeuser.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\Randy\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: RTHDBPL = C:\Documents and Settings\Randy\Application Data\SysWin\lsass.exe File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.85.102 68.87.69.150
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\mqtrig32.dll) - C:\WINDOWS\system32\mqtrig32.dll (Borland Software Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/09/15 17:43:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{d44ca7f2-f573-11de-ab29-0019d19a3f02}\Shell - "" = AutoRun
O33 - MountPoints2\{d44ca7f2-f573-11de-ab29-0019d19a3f02}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d44ca7f2-f573-11de-ab29-0019d19a3f02}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{d44ca7f3-f573-11de-ab29-0019d19a3f02}\Shell\AutoRun\command - "" = I:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/12/04 10:33:11 | 000,505,856 | -HS- | C] (Borland Software Corporation) -- C:\WINDOWS\MFC71KORwow.exe
[2010/12/03 11:11:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Randy\Application Data\skypePM
[2010/12/03 11:10:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/12/03 11:10:48 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/12/03 11:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Randy\Application Data\Skype
[2010/12/03 11:10:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/12/03 09:17:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\WinRAR
[2010/12/03 09:17:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1655636388
[2010/12/03 09:17:39 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\C9D97110E7C46081A9F789B18CBC1FDB
[2010/12/03 09:10:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/12/03 08:47:52 | 001,377,280 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\mscories32.exe
[2010/12/03 08:47:52 | 000,262,144 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\mqtrig32.dll
[2010/12/03 08:47:50 | 001,377,280 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\msgina32.exe
[2010/12/03 08:47:50 | 000,186,368 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\mqtrig32.exe
[2010/12/03 08:47:49 | 000,412,672 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\atl32.dll
[2010/12/03 08:36:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Randy\Application Data\Cabos
[2010/12/03 08:35:03 | 000,000,000 | ---D | C] -- C:\Program Files\Cabos
[2010/12/02 19:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/12/02 19:11:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/12/02 19:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/12/02 19:08:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/12/02 19:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2010/12/02 19:01:13 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/12/04 12:12:47 | 000,001,185 | ---- | M] () -- C:\WINDOWS\System32\552017343
[2010/12/04 11:35:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/04 11:16:41 | 000,426,615 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/12/04 10:37:04 | 000,435,590 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/04 10:37:04 | 000,068,360 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/04 10:33:06 | 000,505,856 | -HS- | M] (Borland Software Corporation) -- C:\WINDOWS\MFC71KORwow.exe
[2010/12/04 10:32:59 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/04 10:32:58 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\WinMaximizer-Randy-Startup.job
[2010/12/04 10:32:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/04 10:32:16 | 3219,062,784 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/04 10:32:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/04 10:05:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/04 10:03:32 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Randy\itune playlist for dancing and massage.xls
[2010/12/04 01:37:09 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/12/04 01:37:09 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\Randy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/04 00:48:29 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/03 14:12:09 | 000,000,038 | ---- | M] () -- C:\WINDOWS\System32\1d61c4
[2010/12/03 11:11:47 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/12/03 11:10:49 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/12/03 09:51:59 | 000,004,786 | ---- | M] () -- C:\Documents and Settings\Randy\Application Data\Cabos.plist
[2010/12/03 09:17:40 | 000,203,776 | -HS- | M] () -- C:\WINDOWS\System32\unrar.exe
[2010/12/03 09:11:19 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/12/03 08:59:40 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/03 08:47:52 | 000,262,144 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\mqtrig32.dll
[2010/12/03 08:47:52 | 000,000,090 | ---- | M] () -- C:\WINDOWS\System32\708014516
[2010/12/03 08:47:50 | 000,186,368 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\mqtrig32.exe
[2010/12/03 08:47:49 | 000,412,672 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\atl32.dll
[2010/12/03 08:47:44 | 001,377,280 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\msgina32.exe
[2010/12/03 08:47:44 | 001,377,280 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\mscories32.exe
[2010/12/03 08:35:08 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Cabos.lnk
[2010/12/02 19:12:16 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/02 19:04:25 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/12/02 19:04:25 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Randy\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/20 23:41:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/18 11:51:39 | 000,009,662 | ---- | M] () -- C:\WINDOWS\EPISME00.SWB
[2010/11/10 15:25:01 | 000,251,095 | ---- | M] () -- C:\Documents and Settings\Randy\My Documents\Left main beam Drop.jpg
[2010/11/10 11:13:27 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\Randy\My Documents\Left main beam drop buck 101010.kmz
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/12/03 11:11:47 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/12/03 11:10:49 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/12/03 09:26:06 | 000,000,038 | ---- | C] () -- C:\WINDOWS\System32\1d61c4
[2010/12/03 09:18:18 | 000,001,185 | ---- | C] () -- C:\WINDOWS\System32\552017343
[2010/12/03 09:17:40 | 000,203,776 | -HS- | C] () -- C:\WINDOWS\System32\unrar.exe
[2010/12/03 09:10:48 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/12/03 09:00:45 | 000,004,786 | ---- | C] () -- C:\Documents and Settings\Randy\Application Data\Cabos.plist
[2010/12/03 08:47:50 | 000,000,090 | ---- | C] () -- C:\WINDOWS\System32\708014516
[2010/12/03 08:35:08 | 000,001,628 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Cabos.lnk
[2010/12/02 20:40:46 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\Randy\itune playlist for dancing and massage.xls
[2010/12/02 19:12:16 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/02 19:04:25 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/12/02 19:04:25 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\Randy\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/12/02 19:01:35 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/11/10 15:25:01 | 000,251,095 | ---- | C] () -- C:\Documents and Settings\Randy\My Documents\Left main beam Drop.jpg
[2010/11/10 11:13:27 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\Randy\My Documents\Left main beam drop buck 101010.kmz
[2010/09/14 19:59:23 | 000,000,034 | ---- | C] () -- C:\WINDOWS\render.ini
[2010/06/18 05:08:34 | 000,000,154 | -HS- | C] () -- C:\WINDOWS\WSYS049.SYS
[2010/06/18 05:08:34 | 000,000,036 | ---- | C] () -- C:\WINDOWS\Progs_.ini
[2010/05/14 14:56:06 | 010,830,680 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/14 14:55:58 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/14 14:47:00 | 000,090,071 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010/04/26 19:33:22 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Randy\Application Data\Smiley.ico
[2010/04/03 07:02:45 | 000,721,172 | ---- | C] () -- C:\WINDOWS\System32\VB40032.DLL
[2010/04/03 07:02:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MTSTACK.INI
[2010/03/23 09:14:07 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\Randy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/22 14:03:31 | 000,001,112 | ---- | C] () -- C:\Documents and Settings\Randy\Application Data\ViewerApp.dat
[2009/12/22 13:42:28 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2009/11/14 11:40:44 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/11/13 14:55:06 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/11/13 14:53:14 | 000,000,025 | ---- | C] () -- C:\WINDOWS\EPCX7800.ini
[2009/09/16 11:36:22 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/09/16 09:55:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\Stac97co.dll
[2009/09/15 19:57:27 | 000,360,984 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/09/15 19:03:50 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2009/09/15 19:03:50 | 000,000,258 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/09/15 11:06:11 | 000,004,328 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/01/05 12:07:11 | 000,076,288 | ---- | C] () -- C:\WINDOWS\System32\1psiG60XV55.dll
[2006/11/29 12:08:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/20 22:02:32 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/20 22:02:32 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2005/08/24 21:19:25 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\1psi60XV55.dll
[2004/01/18 18:11:47 | 000,076,800 | R--- | C] () -- C:\WINDOWS\System32\1psi60X.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/04/26 19:38:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\352EE
[2010/04/23 15:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer
[2010/07/02 07:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XM Satellite Radio
[2010/04/04 12:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/19 12:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/12/03 09:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\Cabos
[2009/11/13 14:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\DisplayTune
[2010/08/17 14:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\gtk-2.0
[2010/08/16 08:19:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\Leadertech
[2010/07/02 07:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\XM Satellite Radio
[2010/12/04 10:32:58 | 000,000,360 | ---- | M] () -- C:\WINDOWS\Tasks\WinMaximizer-Randy-Startup.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Randy\My Documents\XM Firmware Release Notes:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Randy\My Documents\Symantec:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Randy\My Documents\My Videos:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Randy\My Documents\My Received Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Randy\My Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Randy\My Documents\BearShare:Roxio EMC Stream

< End of report >
[2010/12/04 12:20:09 | 000,001,024 | -H-- | M] () -- C:\Documents and Settings\Randy\ntuser.dat.LOG
[2010/12/04 12:12:47 | 000,001,185 | ---- | M] () -- C:\WINDOWS\System32\552017343
[2010/12/04 11:43:28 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Randy\Recent
[2010/12/04 11:35:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/04 11:33:41 | 000,003,673 | -HS- | M] () -- C:\WINDOWS\System32\02000000a54567bb1079P.manifest
[2010/12/04 11:16:41 | 000,426,615 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/12/04 10:37:04 | 000,512,960 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/12/04 10:37:04 | 000,435,590 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/04 10:37:04 | 000,068,360 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/04 10:35:49 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Randy\Cookies
[2010/12/04 10:35:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\Skype
[2010/12/04 10:34:04 | 000,000,192 | -HS- | M] () -- C:\WINDOWS\System32\02000000a54567bb1079O.manifest
[2010/12/04 10:34:04 | 000,000,051 | -HS- | M] () -- C:\WINDOWS\System32\02000000a54567bb1079C.manifest
[2010/12/04 10:34:04 | 000,000,011 | -HS- | M] () -- C:\WINDOWS\System32\02000000a54567bb1079S.manifest
[2010/12/04 10:33:06 | 000,505,856 | -HS- | M] (Borland Software Corporation) -- C:\WINDOWS\MFC71KORwow.exe
[2010/12/04 10:32:59 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/04 10:32:58 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\WinMaximizer-Randy-Startup.job
[2010/12/04 10:32:44 | 000,000,000 | ---D | M] -- C:\Program Files\GEEK SQUAD POWER MANAGEMENT
[2010/12/04 10:32:24 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/12/04 10:32:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/04 10:32:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/04 10:31:44 | 008,126,464 | -H-- | M] () -- C:\Documents and Settings\Randy\NTUSER.DAT
[2010/12/04 10:31:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Randy\Application Data
[2010/12/04 10:17:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\skypePM
[2010/12/04 10:05:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/04 10:05:03 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/04 10:03:32 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Randy\itune playlist for dancing and massage.xls
[2010/12/04 01:37:09 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/12/04 01:37:09 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\Randy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/04 00:48:29 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/03 14:12:09 | 000,000,038 | ---- | M] () -- C:\WINDOWS\System32\1d61c4
[2010/12/03 11:11:47 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/12/03 11:11:09 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2010/12/03 11:10:57 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Randy\SendTo
[2010/12/03 11:10:49 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/12/03 11:10:49 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Skype
[2010/12/03 11:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Desktop
[2010/12/03 11:10:49 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/12/03 11:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/12/03 11:10:43 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2010/12/03 09:51:59 | 000,004,786 | ---- | M] () -- C:\Documents and Settings\Randy\Application Data\Cabos.plist
[2010/12/03 09:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\Cabos
[2010/12/03 09:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\WinRAR
[2010/12/03 09:17:40 | 000,203,776 | -HS- | M] () -- C:\WINDOWS\System32\unrar.exe
[2010/12/03 09:11:19 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/12/03 09:10:44 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Adobe
[2010/12/03 09:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/12/03 09:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Local Settings\Application Data\Adobe
[2010/12/03 08:59:40 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/03 08:59:36 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/12/03 08:47:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\Apple Computer
[2010/12/03 08:47:52 | 000,262,144 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\mqtrig32.dll
[2010/12/03 08:47:52 | 000,000,090 | ---- | M] () -- C:\WINDOWS\System32\708014516
[2010/12/03 08:47:50 | 000,186,368 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\mqtrig32.exe
[2010/12/03 08:47:49 | 000,412,672 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\atl32.dll
[2010/12/03 08:47:44 | 001,377,280 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\msgina32.exe
[2010/12/03 08:47:44 | 001,377,280 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\mscories32.exe
[2010/12/03 08:36:47 | 000,000,000 | ---D | M] -- C:\Program Files\Cabos
[2010/12/03 08:35:08 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Cabos.lnk
[2010/12/03 08:25:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Randy\Application Data\Microsoft
[2010/12/02 19:12:16 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/02 19:12:14 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/12/02 19:11:33 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/12/02 19:11:33 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Apple
[2010/12/02 19:08:07 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/12/02 19:04:25 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/12/02 19:04:25 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Randy\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/12/02 19:04:25 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/21 08:24:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/11/20 23:41:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/18 22:31:06 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Randy\ntuser.ini
[2010/11/18 11:51:39 | 000,009,662 | ---- | M] () -- C:\WINDOWS\EPISME00.SWB
[2010/11/16 06:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\U3
[2010/11/10 15:25:01 | 000,251,095 | ---- | M] () -- C:\Documents and Settings\Randy\My Documents\Left main beam Drop.jpg
[2010/11/10 15:25:01 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Randy\My Documents
[2010/11/10 11:13:27 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\Randy\My Documents\Left main beam drop buck 101010.kmz
[2010/11/05 04:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Local Settings\Application Data\Temp
[2010/11/04 20:51:46 | 000,000,000 | ---D | M] -- C:\Program Files\AutoCAD R14
[2010/09/14 21:16:14 | 000,360,984 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/19 07:34:47 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\Randy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/27 11:03:12 | 000,067,112 | ---- | M] () -- C:\Documents and Settings\Randy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/26 14:11:22 | 000,001,112 | ---- | M] () -- C:\Documents and Settings\Randy\Application Data\ViewerApp.dat
[2010/02/25 09:23:50 | 005,332,954 | -H-- | M] () -- C:\Documents and Settings\Randy\Local Settings\Application Data\IconCache.db
[2009/11/04 04:49:48 | 000,076,407 | ---- | M] () -- C:\Documents and Settings\Randy\Application Data\Smiley.ico
[2009/09/15 11:05:52 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Randy\Application Data\desktop.ini
[2009/09/15 11:05:52 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/12/04 12:12:47 | 000,001,185 | ---- | M] () -- C:\WINDOWS\System32\552017343
[2010/12/04 11:35:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/04 11:16:41 | 000,426,615 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/12/04 10:37:04 | 000,435,590 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/04 10:37:04 | 000,068,360 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/04 10:33:06 | 000,505,856 | -HS- | M] (Borland Software Corporation) -- C:\WINDOWS\MFC71KORwow.exe
[2010/12/04 10:32:59 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/04 10:32:58 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\WinMaximizer-Randy-Startup.job
[2010/12/04 10:32:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/04 10:32:16 | 3219,062,784 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/04 10:32:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/12/04 10:05:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/04 10:03:32 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Randy\itune playlist for dancing and massage.xls
[2010/12/04 01:37:09 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/12/04 01:37:09 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\Randy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/04 00:48:29 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/03 14:12:09 | 000,000,038 | ---- | M] () -- C:\WINDOWS\System32\1d61c4
[2010/12/03 11:11:47 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/12/03 11:10:49 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/12/03 09:51:59 | 000,004,786 | ---- | M] () -- C:\Documents and Settings\Randy\Application Data\Cabos.plist
[2010/12/03 09:17:40 | 000,203,776 | -HS- | M] () -- C:\WINDOWS\System32\unrar.exe
[2010/12/03 09:11:19 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/12/03 08:59:40 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/12/03 08:47:52 | 000,262,144 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\mqtrig32.dll
[2010/12/03 08:47:52 | 000,000,090 | ---- | M] () -- C:\WINDOWS\System32\708014516
[2010/12/03 08:47:50 | 000,186,368 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\mqtrig32.exe
[2010/12/03 08:47:49 | 000,412,672 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\atl32.dll
[2010/12/03 08:47:44 | 001,377,280 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\msgina32.exe
[2010/12/03 08:47:44 | 001,377,280 | ---- | M] (Borland Software Corporation) -- C:\WINDOWS\System32\mscories32.exe
[2010/12/03 08:35:08 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Cabos.lnk
[2010/12/02 19:12:16 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/12/02 19:04:25 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/12/02 19:04:25 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Randy\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/20 23:41:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/18 11:51:39 | 000,009,662 | ---- | M] () -- C:\WINDOWS\EPISME00.SWB
[2010/11/10 15:25:01 | 000,251,095 | ---- | M] () -- C:\Documents and Settings\Randy\My Documents\Left main beam Drop.jpg
[2010/11/10 11:13:27 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\Randy\My Documents\Left main beam drop buck 101010.kmz
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/04/26 19:38:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\352EE
[2010/04/23 15:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinMaximizer
[2010/07/02 07:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XM Satellite Radio
[2010/04/04 12:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/19 12:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/12/03 09:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\Cabos
[2009/11/13 14:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\DisplayTune
[2010/08/17 14:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\gtk-2.0
[2010/08/16 08:19:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\Leadertech
[2010/07/02 07:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Randy\Application Data\XM Satellite Radio
[2010/12/04 10:32:58 | 000,000,360 | ---- | M] () -- C:\WINDOWS\Tasks\WinMaximizer-Randy-Startup.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Randy\My Documents\XM Firmware Release Notes:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Randy\My Documents\Symantec:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Randy\My Documents\My Videos:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Randy\My Documents\My Received Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Randy\My Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Randy\My Documents\BearShare:Roxio EMC Stream

< End of report >