[jnicholls08]

My computers running at 100% mem. usage all the time, its extremely slow and I have no clue what the problem is... I have included multiple logs from multiple scanners that have been suggested to use... any help would be extremely helpful. Thank you again.

Hijack this:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:27:10, on 1/10/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,,SKEYS /I
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBCore] "C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBCore.exe"
O4 - HKCU\..\Run: [UnibluePowerSuite] C:\Program Files\Uniblue\PowerSuite\PowerSuite.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: $McRebootA5E6DEAA56$.lnk = C:\WINDOWS\system32\cmd.exe
O23 - Service: McAfee Application Installer Cleanup (0309881263074603) (0309881263074603mcinstcleanup) - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\030988~1.EXE (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Comcast AntiSpyware (AntiSpywareService) - Unknown owner - C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - Unknown owner - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)

--
End of file - 2976 bytes

Malware Bytes:

Malwarebytes' Anti-Malware 1.32
Database version: 1617
Windows 5.1.2600 Service Pack 2

1/10/2010 11:22:45 AM
mbam-log-2010-01-10 (11-22-45).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 116385
Time elapsed: 1 hour(s), 5 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Both DDS logs:

DDS...

DDS (Ver_09-12-01.01) - NTFSx86
Run by Owner at 17:00:08.18 on Sat 01/09/2010
Internet Explorer: 8.0.6001.18241 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.382.108 [GMT -5:00]

AV: Sunbelt VIPRE *On-access scanning enabled* (Updated) {964FCE60-0B18-4D30-ADD6-EB178909041C}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

mStart Page =
mWindow Title = Microsoft Internet Explorer presented by Comcast
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit=c:\windows\system32\Userinit.exe,,SKEYS /I
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No File
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} -
TB: Verizon Broadband Toolbar: {a057a204-bacc-4d26-8398-26fadcf27386} -
EB: {BDEADE7F-C265-11D0-BCED-00A0C90AB50F} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [NBCore] "c:\program files\common files\nero\nero backitup 4\NBCore.exe"
uRun: [UnibluePowerSuite] c:\program files\uniblue\powersuite\PowerSuite.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB
DPF: {32564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv8dmo.cab
DPF: {3334504D-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/C/8/0C8EDFAB-30BC-4792-898E-2DABE27B2C4D/mp43dmo.CAB
DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab
DPF: {5334504D-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/8/D/08D91A3B-CFF6-45DE-95DF-64415075E344/mpg4sdmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Notification Packages = scecli usitms.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\iis5djvg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Comcast Search
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=15179&l=dis
FF - prefs.js: keyword.URL -
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\iis5djvg.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service

FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-11-4 214664]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2008-9-3 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-9-3 74480]
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2010-1-3 13360]
R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [2010-1-3 202928]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2010-1-3 69168]
S0 rnyzrndw;rnyzrndw;c:\windows\system32\drivers\rnyzrndw.sys --> c:\windows\system32\drivers\rnyzrndw.sys [?]
S2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\comcastspywarescan\ComcastAntiSpyService.exe [2009-6-17 616408]
S2 SBAMSvc;VIPRE Antivirus + Antispyware;c:\program files\sunbelt software\vipre\SBAMSvc.exe [2008-10-28 886056]
S3 DoradoPC;Conexant VGA Camera;c:\windows\system32\drivers\drdvid40.sys [2007-4-6 106816]
S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;\??\c:\docume~1\owner\locals~1\temp\onlinescanner\anti-virus\fsgk.sys --> c:\docume~1\owner\locals~1\temp\onlinescanner\anti-virus\fsgk.sys [?]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-1-3 34248]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-9-3 7408]
S3 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2008-10-23 92464]
S4 Radialpoint Security Services;Verizon Internet Security Suite;"c:\program files\verizon\verizon internet security suite\rpssecurityaware.exe" --> c:\program files\verizon\verizon internet security suite\RpsSecurityAware.exe [?]

=============== Created Last 30 ================

2010-01-05 18:01:47 0 d-----w- c:\documents and settings\owner\ErrorLogs
2010-01-05 17:50:32 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
2010-01-05 17:50:07 0 d-----w- c:\docume~1\alluse~1\applic~1\DriverScanner
2010-01-05 17:49:23 0 d-----w- c:\windows\SxsCaPendDel
2010-01-05 17:43:08 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{9DF77379-A83D-46CF-968D-03CBC652096D}
2010-01-05 17:39:02 0 d-----w- c:\windows\system32\XPSViewer
2010-01-05 17:37:40 117760 ------w- c:\windows\system32\prntvpt.dll
2010-01-05 17:37:39 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-01-05 17:37:39 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-01-05 17:37:39 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-01-05 17:37:39 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-01-05 17:37:39 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-01-05 17:37:39 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-01-05 17:37:37 0 d-----w- C:\e968401d9bd230328950
2010-01-05 17:31:32 0 d-----w- c:\program files\MSXML 6.0
2010-01-05 17:20:57 0 d--h--r- C:\AHCache
2010-01-03 21:18:44 69168 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2010-01-03 21:18:43 13360 ----a-w- c:\windows\system32\drivers\sbaphd.sys
2010-01-03 20:34:54 0 d-----w- c:\docume~1\alluse~1\applic~1\Sunbelt
2010-01-03 20:34:47 0 d-----w- c:\docume~1\owner\applic~1\Sunbelt
2010-01-03 20:32:00 202928 ----a-w- c:\windows\system32\drivers\sbtis.sys
2010-01-03 20:30:01 0 d-----w- c:\program files\Sunbelt Software
2010-01-03 18:06:16 0 d-----w- c:\program files\common files\McAfee
2010-01-03 18:05:44 0 d-----w- c:\program files\McAfee
2010-01-03 18:01:14 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2010-01-03 17:28:04 0 d-----w- c:\program files\common files\New Boundary
2010-01-03 17:28:04 0 d-----w- c:\docume~1\alluse~1\applic~1\Prism Deploy
2010-01-03 17:28:04 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee.com Personal Firewall
2010-01-02 03:58:37 0 ----a-w- c:\windows\Khotoho.bin
2010-01-02 03:58:35 120 ----a-w- c:\windows\Pyihurize.dat
2009-12-28 21:36:42 0 d-----w- c:\program files\Comcast
2009-12-28 21:35:28 0 d-----w- c:\program files\common files\scanner
2009-12-28 21:35:15 0 d-----w- c:\program files\CA
2009-12-28 21:34:44 0 d-----w- c:\docume~1\owner\applic~1\comcasttb
2009-12-28 21:34:42 0 d-----w- c:\program files\comcasttb
2009-12-28 21:32:38 0 d-----w- c:\program files\common files\SupportSoft
2009-12-28 21:32:38 0 d-----w- c:\program files\ComcastUI
2009-12-25 19:46:25 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-12-25 19:46:25 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-12-25 19:45:03 0 d-----w- c:\program files\iPod
2009-12-25 19:44:56 0 d-----w- c:\program files\iTunes
2009-12-24 16:34:36 0 d-----w- c:\windows\system32\VIRepair
2009-12-23 03:21:15 80 ----a-w- c:\windows\system32\asr_mpuud
2009-12-19 23:54:49 77824 ----a-w- c:\windows\system32\xvid.ax
2009-12-19 23:53:31 0 d-----w- c:\program files\Xvid
2009-12-19 23:49:52 39232 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-19 22:31:40 80 ----a-w- c:\windows\system32\asr_zxhsf
2009-12-19 16:14:13 0 d-----w- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-12-19 16:13:29 0 d-----w- c:\program files\Bonjour
2009-12-19 16:10:33 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-12-19 16:10:33 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-12-14 06:21:55 77 ----a-w- c:\windows\system32\asr_melee
2009-12-13 22:44:27 0 d-----w- c:\program files\PFPortChecker

==================== Find3M ====================

2009-12-10 03:54:07 261632 ----a-w- c:\windows\PEV.exe
2009-12-07 23:24:03 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys

============= FINISH: 17:00:48.17 ===============

Attach log...

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 5/7/2005 11:24:05 AM
System Uptime: 1/7/2010 8:13:51 AM (57 hours ago)

Motherboard: First International Computer, Inc. | | K8MC51G
Processor: AMD Sempron™ Processor 3100+ | Socket 940 | 1808/201mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 88 GiB total, 27.775 GiB free.
D: is FIXED (FAT32) - 5 GiB total, 2.203 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID:
Description: Multimedia Audio Controller
Device ID: PCI\VEN_10DE&DEV_026B&SUBSYS_60061509&REV_A2\3&2411E6FE&0&82
Manufacturer:
Name: Multimedia Audio Controller
PNP Device ID: PCI\VEN_10DE&DEV_026B&SUBSYS_60061509&REV_A2\3&2411E6FE&0&82
Service:

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ROOT\MS_PASSTHRUMP\0000
Manufacturer: Microsoft
Name: NVIDIA nForce Networking Controller -
PNP Device ID: ROOT\MS_PASSTHRUMP\0000
Service: Passthru

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ROOT\MS_PASSTHRUMP\0001
Manufacturer: Microsoft
Name: WAN Miniport (IP) -
PNP Device ID: ROOT\MS_PASSTHRUMP\0001
Service: Passthru

==== System Restore Points ===================

RP175: 12/9/2009 12:07:37 PM - System Checkpoint
RP176: 12/10/2009 2:27:22 PM - System Checkpoint
RP177: 12/11/2009 5:57:26 PM - System Checkpoint
RP178: 12/13/2009 2:40:22 PM - System Checkpoint
RP179: 12/14/2009 3:32:49 PM - System Checkpoint
RP180: 12/16/2009 3:22:09 PM - System Checkpoint
RP181: 12/17/2009 5:20:04 PM - System Checkpoint
RP182: 12/18/2009 9:20:08 PM - System Checkpoint
RP183: 12/19/2009 11:14:04 AM - Installed iTunes
RP184: 12/19/2009 7:20:47 PM - Removed QuickTime
RP185: 12/19/2009 7:22:50 PM - Installed QuickTime
RP186: 12/19/2009 9:23:12 PM - Removed Ask Toolbar.
RP187: 12/19/2009 9:24:14 PM - Removed Creative MediaSource 5
RP188: 12/19/2009 9:26:21 PM - Removed iTunes
RP189: 12/21/2009 1:20:11 AM - System Checkpoint
RP190: 12/28/2009 9:33:05 PM - System Checkpoint
RP191: 12/29/2009 11:50:42 PM - System Checkpoint
RP192: 12/31/2009 8:28:37 AM - System Checkpoint
RP193: 1/2/2010 12:46:06 AM - System Checkpoint
RP194: 1/2/2010 9:25:38 PM - Avira AntiVir Personal - 1/2/2010 21:24
RP195: 1/3/2010 12:29:56 PM - Removed Xbox Backup Creator
RP196: 1/3/2010 12:39:53 PM - Created By FixIEDef
RP197: 1/3/2010 3:29:54 PM - Installed VIPRE Antivirus + Antispyware.
RP198: 1/4/2010 5:16:25 PM - System Checkpoint
RP199: 1/5/2010 12:18:44 PM - Installed Uniblue DriverScanner v1.0
RP200: 1/5/2010 12:32:20 PM - Installed Windows XP WIC.
RP201: 1/5/2010 12:38:10 PM - Installed Windows KB954550-v5.
RP202: 1/5/2010 12:49:53 PM - Installed Uniblue DriverScanner v1.0
RP203: 1/5/2010 12:56:33 PM - Printer Driver Microsoft XPS Document Writer Installed
RP204: 1/5/2010 2:13:33 PM - OTL Restore Point
RP205: 1/6/2010 4:08:26 PM - System Checkpoint
RP206: 1/7/2010 4:18:51 PM - System Checkpoint
RP207: 1/8/2010 5:18:55 PM - System Checkpoint

==== Installed Programs ======================

"Nero SoundTrax Help
µTorrent
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader 7.0.9
Advertising Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Authentium AntiVirus SDK - 2
Belarc Advisor 7.2
Bonjour
CA Pest Patrol Realtime Protection
Comcast Desktop Software (v1.2.0.9)
Comcast Toolbar 3.0
Desktop Doctor
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
Digital Media Reader
DivX ;-) Audio Compressor 4.02
DolbyFiles
DVDSmith Movie Backup 1.0.5
ERUNT 1.1j
eSupportQFolder
Google Toolbar for Internet Explorer
GPL MPEG-1/2 DirectShow Decoder Filter
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows Media Format 11 SDK (KB928788)
Hotfix for Windows XP (KB895961-v4)
Hotfix for Windows XP (KB909394)
Hotfix for Windows XP (KB954550-v5)
ImagXpress
iTunes
Java™ 6 Update 7
K-Lite Codec Pack 4.1.7 (Full)
LightScribe System Software 1.14.17.1
Magic ISO Maker v5.5 (build 0272)
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Menu Templates - Starter Kit
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Baseline Security Analyzer 2.1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 2000
Microsoft XML Parser
Movie Templates - Starter Kit
Mozilla Firefox (3.5.7)
MSXML 6.0 Parser (KB933579)
Nero BurningROM
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DriveSpeed
Nero Express
Nero InfoTool
Nero PhotoSnap
Nero PhotoSnap Help
Nero Recode
Nero Recode Help
Nero Rescue Agent
Nero RescueAgent Help
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Vision
Nero WaveEditor
Nero WaveEditor Help
NeroBurningROM
NeroExpress
neroxml
Panda ActiveScan 2.0
PerfectDisk
PFPortChecker 1.0.32
PoiZone
PPSDKRedistributables
QuickTime
Recovery Software Suite eMachines
RPS Ad Blocker
RPS AntiFraud
RPS AntiSpyware
RPS AntiVirus
RPS App Detector
RPS AsRealtime
RPS Backup
RPS Burn
RPS Diagnostic Utility
RPS Firewall
RPS ParentalControl
RPS Performance Tool
RPS PopupBlocker
RPS Privacy Manager
RPS RpsCore
RPS Security Cleanup
RPS Zip
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
SolutionCenter
Sound Blaster Audigy
SoundTaxi 1.3.5
SoundTrax
Status
SUPERAntiSpyware Free Edition
TrayApp
Uniblue DriverScanner 2009
Uniblue PowerSuite 2009
Uniblue RegistryBooster 2009
Unlocker 1.8.7
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB953356)
Verizon Broadband Toolbar (IE only)
Verizon Broadband Toolbar Firefox only
Verizon Servicepoint 1.5.20
VIPRE Antivirus + Antispyware
VLC media player 0.9.8a
WinAVI Video Converter
Windows Backup Utility
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8 Beta 2
Windows Live installer
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
WinRAR archiver
Word in Works Suite add-in
Xvid 1.2.2 final uninstall

==== Event Viewer Messages From Past Week ========

1/7/2010 1:25:29 AM, error: Service Control Manager [7034] - The Terminal Services service terminated unexpectedly. It has done this 1 time(s).
1/7/2010 1:25:29 AM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 1 time(s).
1/7/2010 1:25:29 AM, error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
1/6/2010 4:56:07 PM, error: Service Control Manager [7034] - The McAfee Services service terminated unexpectedly. It has done this 3 time(s).
1/6/2010 4:56:07 PM, error: Service Control Manager [7034] - The McAfee Network Agent service terminated unexpectedly. It has done this 3 time(s).
1/6/2010 4:42:08 PM, error: Service Control Manager [7034] - The VIPRE Antivirus + Antispyware service terminated unexpectedly. It has done this 2 time(s).
1/5/2010 8:34:41 PM, error: Service Control Manager [7034] - The VIPRE Antivirus + Antispyware service terminated unexpectedly. It has done this 1 time(s).
1/5/2010 8:34:41 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
1/5/2010 8:34:41 PM, error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).
1/5/2010 8:34:41 PM, error: Service Control Manager [7034] - The Comcast AntiSpyware service terminated unexpectedly. It has done this 1 time(s).
1/5/2010 8:34:41 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
1/5/2010 8:34:21 PM, error: Service Control Manager [7034] - The SupportSoft Sprocket Service (ddoctorv2) service terminated unexpectedly. It has done this 1 time(s).
1/5/2010 8:34:21 PM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s).
1/5/2010 8:34:21 PM, error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/5/2010 8:34:21 PM, error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/5/2010 12:57:29 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
1/5/2010 12:56:55 PM, error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.
1/5/2010 12:56:55 PM, error: Service Control Manager [7000] - The CA Pest Patrol Realtime Protection Service service failed to start due to the following error: The system cannot find the file specified.
1/5/2010 12:52:58 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Services service, but this action failed with the following error: An instance of the service is already running.
1/5/2010 12:52:05 PM, error: Service Control Manager [7034] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 2 time(s).
1/5/2010 12:51:58 PM, error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/5/2010 12:51:57 PM, error: Service Control Manager [7031] - The .NET Runtime Optimization Service v2.0.50727_X86 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/5/2010 12:51:00 PM, error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
1/5/2010 12:51:00 PM, error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/5/2010 12:50:58 PM, error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
1/5/2010 12:50:56 PM, error: Service Control Manager [7034] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s).
1/5/2010 11:51:42 AM, error: DCOM [10001] - Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} as /. The error: "%3" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe -Embedding
1/5/2010 10:05:58 AM, error: DCOM [10001] - Unable to start a DCOM Server: {6A972E27-93E2-4F98-8367-4101B2073814} as /. The error: "%3" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe -Embedding
1/5/2010 1:01:00 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the SerialKeys service to connect.
1/5/2010 1:01:00 PM, error: Service Control Manager [7000] - The SerialKeys service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/5/2010 1:00:41 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service Nero BackItUp Scheduler 4.0 with arguments "-Service" in order to run the server: {35212119-C615-4CD0-8DA5-7D7F19FBA1B8}

==== End Of File ===========================


OTL LOG

11:28 1/10/2010 OTL logfile created on: 1/5/2010 2:12:55 PM - Run 1
OTL by OldTimer - Version 3.1.21.0 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

382.00 Mb Total Physical Memory | 103.00 Mb Available Physical Memory | 27.00% Memory free
919.00 Mb Paging File | 561.00 Mb Available in Paging File | 61.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 88.39 Gb Total Space | 11.11 Gb Free Space | 12.57% Space Free | Partition Type: NTFS
Drive D: | 4.76 Gb Total Space | 2.20 Gb Free Space | 46.33% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JERJESS
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/04 16:23:38 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
PRC - [2009/12/18 11:08:29 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/29 06:54:44 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/07/07 19:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/06/17 12:49:44 | 00,616,408 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
PRC - [2008/10/28 16:30:42 | 00,955,688 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
PRC - [2008/06/09 09:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/04/24 13:26:18 | 00,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2007/06/13 05:23:08 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/09/18 08:32:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2004/08/04 14:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe


========== Modules (SafeList) ==========

MOD - [2010/01/04 16:23:38 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
MOD - [2006/08/25 10:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WLSetupSvc)
SRV - File not found [Disabled | Stopped] -- -- (RPSUpdaterR)
SRV - File not found [Disabled | Stopped] -- -- (RP_FWS)
SRV - File not found [Disabled | Stopped] -- -- (Radialpoint Security Services)
SRV - File not found [Disabled | Stopped] -- -- (PDEngine)
SRV - File not found [Disabled | Stopped] -- -- (PDAgent)
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- (ITMRTSVC)
SRV - File not found [Disabled | Stopped] -- -- (gusvc)
SRV - File not found [Disabled | Stopped] -- -- (dvpapi)
SRV - File not found [Disabled | Stopped] -- -- (CLTNetCnService)
SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
SRV - [2010/01/03 12:28:04 | 00,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/29 06:54:44 | 00,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/07 19:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/06/17 12:49:44 | 00,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe -- (SBAMSvc)
SRV - [2008/09/29 04:09:20 | 00,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/06/09 09:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008/04/24 13:26:18 | 00,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2005/09/18 08:32:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/04 14:00:00 | 00,026,112 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\skeys.exe -- (SerialKeys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Comcast Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o...?o=15179&l=dis"
FF - prefs.js..keyword.URL: ""


FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/10/18 21:10:58 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/25 14:44:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/25 14:44:20 | 00,000,000 | ---D | M]

[2009/11/13 10:13:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2009/02/23 11:41:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\[email protected]
[2010/01/05 14:07:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iis5djvg.default\extensions
[2009/12/13 23:31:44 | 00,002,254 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iis5djvg.default\searchplugins\askcom.xml
[2010/01/05 14:07:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/10/18 21:11:22 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2008/12/01 11:50:26 | 00,004,946 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\comcast.xml

Hosts file not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {A057A204-BACC-4D26-8398-26FADCF27386} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-8398-26FADCF27386} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [NBCore] C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBCore.exe (Nero AG)
O4 - HKCU..\Run: [UnibluePowerSuite] C:\Program Files\Uniblue\PowerSuite\PowerSuite.exe ()
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 93 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.micros...cs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv8dmo.cab (Reg Error: Key error.)
O16 - DPF: {3334504D-9980-0010-8000-00AA00389B71} http://download.micr...C4D/mp43dmo.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.micr...D0C/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {5334504D-9980-0010-8000-00AA00389B71} http://download.micr...44/mpg4sdmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.75.198 68.87.64.150
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (SKEYS /I) - C:\WINDOWS\System32\SKEYS.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/26 13:04:39 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/08/08 17:24:26 | 00,000,045 | -HS- | M] () - D:\autorun.inf.aug.8 -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/08/26 13:03:54 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16892003295952896)

========== Files/Folders - Created Within 14 Days ==========

[2010/01/05 13:01:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\ErrorLogs
[2010/01/05 12:50:32 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[2010/01/05 12:50:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/01/05 12:49:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010/01/05 12:43:08 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{9DF77379-A83D-46CF-968D-03CBC652096D}
[2010/01/05 12:39:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/01/05 12:38:55 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/01/05 12:38:39 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/01/05 12:37:37 | 00,000,000 | ---D | C] -- C:\e968401d9bd230328950
[2010/01/05 12:34:08 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2010/01/05 12:31:32 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010/01/05 12:20:57 | 00,000,000 | RH-D | C] -- C:\AHCache
[2010/01/05 11:09:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2010/01/04 16:09:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2010/01/03 20:59:43 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/01/03 16:18:44 | 00,069,168 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\sbapifs.sys
[2010/01/03 16:18:43 | 00,013,360 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\sbaphd.sys
[2010/01/03 15:34:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sunbelt
[2010/01/03 15:34:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Sunbelt
[2010/01/03 15:32:00 | 00,202,928 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\sbtis.sys
[2010/01/03 15:30:01 | 00,000,000 | ---D | C] -- C:\Program Files\Sunbelt Software
[2010/01/03 13:06:16 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/01/03 13:05:44 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/01/03 13:01:14 | 00,034,248 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2010/01/03 12:28:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Prism Deploy
[2010/01/03 12:28:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\New Boundary
[2010/01/03 12:28:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee.com Personal Firewall
[2010/01/03 12:24:17 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2010/01/03 12:14:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/01/02 21:23:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/12/28 16:36:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/12/28 16:36:42 | 00,000,000 | ---D | C] -- C:\Program Files\Comcast
[2009/12/28 16:35:28 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\scanner
[2009/12/28 16:35:15 | 00,000,000 | ---D | C] -- C:\Program Files\CA
[2009/12/28 16:34:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\comcasttb
[2009/12/28 16:34:42 | 00,000,000 | ---D | C] -- C:\Program Files\comcasttb
[2009/12/28 16:32:38 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft
[2009/12/28 16:32:38 | 00,000,000 | ---D | C] -- C:\Program Files\ComcastUI
[2009/12/25 14:45:03 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/12/25 14:44:56 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/12/24 11:34:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\VIRepair
[2009/07/17 10:33:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2008/01/31 03:16:43 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/01/31 03:16:43 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2006/08/10 15:00:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2002/04/10 20:41:06 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/01/05 13:58:20 | 00,030,277 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/01/05 13:58:09 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/05 13:58:01 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/05 13:56:53 | 00,114,224 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/01/05 13:56:28 | 11,796,480 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010/01/05 13:56:28 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/01/05 12:54:56 | 00,182,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/01/05 12:51:12 | 00,000,774 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RegistryBooster 2009.lnk
[2010/01/05 12:43:06 | 00,001,828 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerSuite 2009.lnk
[2010/01/05 12:40:33 | 00,563,916 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/01/05 12:40:33 | 00,471,094 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/05 12:40:33 | 00,084,830 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/04 01:00:04 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\SBRC.dat
[2010/01/03 21:26:35 | 11,534,336 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.bak
[2010/01/03 20:59:52 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/01/03 15:31:41 | 00,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VIPRE.lnk
[2010/01/03 13:06:54 | 00,000,340 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/01/03 13:06:53 | 00,000,318 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/01/03 12:10:15 | 00,000,827 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/01/03 11:55:55 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Pyihurize.dat
[2010/01/03 11:55:04 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Khotoho.bin
[2009/12/30 20:22:23 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/12/28 16:36:53 | 00,001,960 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Comcast Desktop Doctor.lnk
[2009/12/25 17:05:07 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/25 14:44:06 | 00,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/12/22 22:21:15 | 00,000,080 | ---- | M] () -- C:\WINDOWS\System32\asr_mpuud
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 00,006,456 | -H-- | C] () -- C:\WINDOWS\System32\losivito
[2010/01/05 12:43:06 | 00,001,828 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerSuite 2009.lnk
[2010/01/05 12:40:20 | 00,114,224 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/01/05 12:20:34 | 00,000,774 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RegistryBooster 2009.lnk
[2010/01/04 01:00:04 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBRC.dat
[2010/01/03 20:59:52 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/01/03 15:31:40 | 00,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VIPRE.lnk
[2010/01/03 13:06:54 | 00,000,340 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/01/03 13:06:52 | 00,000,318 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/01/01 22:58:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Khotoho.bin
[2010/01/01 22:58:35 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Pyihurize.dat
[2009/12/28 16:36:53 | 00,001,960 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Comcast Desktop Doctor.lnk
[2009/12/25 14:46:32 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/12/25 14:44:06 | 00,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/12/22 22:21:15 | 00,000,080 | ---- | C] () -- C:\WINDOWS\System32\asr_mpuud
[2009/11/30 17:32:58 | 00,007,168 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/11 08:04:57 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/10/11 08:04:56 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008/10/11 08:04:52 | 00,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/10/11 08:04:52 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/10/11 08:04:50 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/10/11 08:04:50 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/10/10 16:25:30 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\FoxImager.dll
[2008/10/10 15:05:05 | 00,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2008/02/27 03:07:11 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/05/02 14:49:14 | 00,000,072 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2007/02/20 12:07:56 | 00,005,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/01/25 00:17:39 | 00,000,214 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/09/14 10:03:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2006/04/14 23:50:07 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006/04/11 22:45:52 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2006/03/08 19:10:07 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/11/07 12:40:23 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/11/07 12:40:22 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/11/07 12:40:22 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/11/07 12:40:20 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/11/07 12:40:20 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005/11/07 12:40:20 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/11/07 12:40:17 | 00,046,080 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005/11/07 12:06:22 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/07/07 04:26:56 | 00,005,627 | ---- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2005/05/03 06:38:42 | 00,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2005/03/08 01:17:08 | 00,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/08/27 05:50:59 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/26 11:12:43 | 00,001,420 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/26 11:12:43 | 00,000,485 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/08/26 11:12:01 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\msacm32.drv
[2003/10/02 05:48:18 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll

========== LOP Check ==========

[2010/01/05 14:04:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2008/12/07 11:58:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2009/10/08 10:23:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2009/12/28 16:36:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/02/05 08:39:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/11/16 20:50:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uniblue
[2010/01/05 12:50:40 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[2009/12/19 11:15:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/01/05 12:43:31 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{9DF77379-A83D-46CF-968D-03CBC652096D}
[2009/12/28 16:37:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\comcasttb
[2009/12/06 20:38:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LimeWire
[2010/01/05 11:09:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2006/03/22 11:59:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2010/01/05 12:48:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Uniblue
[2010/01/05 12:34:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2010/01/03 13:06:54 | 00,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2010/01/03 13:06:53 | 00,000,318 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
[2008/11/16 20:50:31 | 00,000,338 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpyEraser.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/04 08:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ERDNT\cache\AGP440.SYS
[2004/08/04 08:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\dllcache\agp440.sys
[2004/08/04 08:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2004/08/04 07:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004/08/04 07:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/04 07:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/04 14:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004/08/04 14:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/04 14:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2004/08/04 14:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2004/08/04 14:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/04 14:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2003/09/02 14:51:00 | 00,054,656 | ---- | M] (NVIDIA Corporation) MD5=04EF5690AC54924CF745A4A2D1FBF9C1 -- C:\NVIDIA\nForceWin2KXP\3.13\IDE\Win2K\NvAtaBus.sys
[2003/09/02 14:51:00 | 00,054,656 | ---- | M] (NVIDIA Corporation) MD5=04EF5690AC54924CF745A4A2D1FBF9C1 -- C:\NVIDIA\nForceWin2KXP\3.13\IDE\WinXP\NvAtaBus.sys

< MD5 for: SCECLI.DLL >
[2004/08/04 14:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004/08/04 14:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/04 14:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$hf_mig$\{29F8DDC1-9487-49b8-B27E-3E0C3C1298FF}] -> \Device\__max++>\^ -> Mount Point

========== Alternate Data Streams ==========

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
SRV - File not found [On_Demand | Stopped] -- -- (WLSetupSvc)
SRV - File not found [Disabled | Stopped] -- -- (RPSUpdaterR)
SRV - File not found [Disabled | Stopped] -- -- (RP_FWS)
SRV - File not found [Disabled | Stopped] -- -- (Radialpoint Security Services)
SRV - File not found [Disabled | Stopped] -- -- (PDEngine)
SRV - File not found [Disabled | Stopped] -- -- (PDAgent)
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- (ITMRTSVC)
SRV - File not found [Disabled | Stopped] -- -- (gusvc)
SRV - File not found [Disabled | Stopped] -- -- (dvpapi)
SRV - File not found [Disabled | Stopped] -- -- (CLTNetCnService)
SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
SRV - [2010/01/03 12:28:04 | 00,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/29 06:54:44 | 00,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/07 19:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/06/17 12:49:44 | 00,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe -- (SBAMSvc)
SRV - [2008/09/29 04:09:20 | 00,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/06/09 09:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008/04/24 13:26:18 | 00,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2005/09/18 08:32:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/04 14:00:00 | 00,026,112 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\skeys.exe -- (SerialKeys)


========== Driver Services (SafeList) ==========

DRV - [2010/01/02 16:42:48 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/11/04 16:54:12 | 00,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/11/04 16:53:40 | 00,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/08/28 19:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/07/04 11:55:18 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/01/03 13:35:28 | 00,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2008/10/23 04:09:24 | 00,092,464 | ---- | M] (Sunbelt Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2008/10/12 19:01:39 | 00,053,192 | ---- | M] (Radialpoint Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)
DRV - [2008/10/09 10:21:04 | 00,202,928 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbtis.sys -- (sbtis)
DRV - [2008/10/05 19:09:03 | 00,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/09/12 11:12:06 | 00,069,168 | ---- | M] (Sunbelt Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\sbapifs.sys -- (sbapifs)
DRV - [2008/09/12 11:12:06 | 00,013,360 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbaphd.sys -- (sbaphd)
DRV - [2008/09/03 13:07:16 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/07/28 17:19:28 | 00,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/04/25 05:38:22 | 00,071,184 | ---- | M] (Raxco Software, Inc.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2008/02/27 12:49:00 | 00,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2007/11/26 15:33:52 | 00,835,792 | ---- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Css-Dvp.sys -- (CSS DVP)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/09/28 11:07:50 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/04/19 10:36:50 | 00,048,384 | ---- | M] (Radialpoint, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rp_pkt32.sys -- (RPPKT) Radialpoint Filter (x86)
DRV - [2007/02/20 12:07:56 | 00,005,632 | R--- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/12/13 19:02:22 | 00,513,152 | ---- | M] (Windows ® 2000/XP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SndTDriverV32.sys -- (SndTDriverV32)
DRV - [2006/11/06 17:04:56 | 00,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh)
DRV - [2005/10/20 20:47:05 | 00,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2005/09/18 08:32:00 | 03,493,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/07/29 16:11:04 | 00,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005/07/29 16:11:02 | 00,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/07/07 03:14:30 | 01,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2005/01/10 05:15:30 | 00,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 05:15:24 | 00,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/11/15 20:41:54 | 00,036,804 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2004/08/04 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/04 08:07:44 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/04 08:07:44 | 00,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/06/17 17:56:22 | 00,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/06/17 17:55:38 | 00,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 17:55:04 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/03/17 14:04:14 | 00,013,059 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2003/01/10 16:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/12/16 21:33:48 | 00,106,816 | R--- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drdvid40.sys -- (DoradoPC)
DRV - [2001/08/17 23:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 23:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 23:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 23:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 23:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 22:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 22:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 22:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 22:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 22:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 22:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 22:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 22:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 22:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 22:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 15:49:32 | 00,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Comcast Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o...?o=15179&l=dis"
FF - prefs.js..keyword.URL: ""


FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/10/18 21:10:58 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/25 14:44:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/25 14:44:20 | 00,000,000 | ---D | M]

[2009/11/13 10:13:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2009/02/23 11:41:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\[email protected]
[2010/01/05 14:07:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iis5djvg.default\extensions
[2009/12/13 23:31:44 | 00,002,254 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iis5djvg.default\searchplugins\askcom.xml
[2010/01/05 14:07:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/10/18 21:11:22 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2008/12/01 11:50:26 | 00,004,946 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\comcast.xml

Hosts file not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {A057A204-BACC-4D26-8398-26FADCF27386} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-8398-26FADCF27386} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [NBCore] C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBCore.exe (Nero AG)
O4 - HKCU..\Run: [UnibluePowerSuite] C:\Program Files\Uniblue\PowerSuite\PowerSuite.exe ()
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 93 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.micros...cs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv8dmo.cab (Reg Error: Key error.)
O16 - DPF: {3334504D-9980-0010-8000-00AA00389B71} http://download.micr...C4D/mp43dmo.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.micr...D0C/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {5334504D-9980-0010-8000-00AA00389B71} http://download.micr...44/mpg4sdmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.75.198 68.87.64.150
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (SKEYS /I) - C:\WINDOWS\System32\SKEYS.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/26 13:04:39 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/08/08 17:24:26 | 00,000,045 | -HS- | M] () - D:\autorun.inf.aug.8 -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/01/05 13:01:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\ErrorLogs
[2010/01/05 12:50:32 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[2010/01/05 12:50:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/01/05 12:49:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010/01/05 12:43:08 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{9DF77379-A83D-46CF-968D-03CBC652096D}
[2010/01/05 12:39:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/01/05 12:38:55 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/01/05 12:38:39 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/01/05 12:37:40 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/01/05 12:37:39 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/01/05 12:37:39 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/01/05 12:37:39 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/01/05 12:37:39 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/01/05 12:37:39 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/01/05 12:37:37 | 00,000,000 | ---D | C] -- C:\e968401d9bd230328950
[2010/01/05 12:34:08 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2010/01/05 12:31:32 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010/01/05 12:20:57 | 00,000,000 | RH-D | C] -- C:\AHCache
[2010/01/05 11:09:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2010/01/04 16:09:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2010/01/03 20:59:43 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/01/03 16:18:44 | 00,069,168 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\sbapifs.sys
[2010/01/03 16:18:43 | 00,013,360 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\sbaphd.sys
[2010/01/03 15:34:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sunbelt
[2010/01/03 15:34:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Sunbelt
[2010/01/03 15:32:00 | 00,202,928 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\sbtis.sys
[2010/01/03 15:30:01 | 00,000,000 | ---D | C] -- C:\Program Files\Sunbelt Software
[2010/01/03 13:06:16 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/01/03 13:05:44 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/01/03 13:01:14 | 00,034,248 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2010/01/03 12:28:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Prism Deploy
[2010/01/03 12:28:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\New Boundary
[2010/01/03 12:28:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee.com Personal Firewall
[2010/01/03 12:24:17 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2010/01/03 12:14:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/01/02 21:23:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/12/28 16:36:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/12/28 16:36:42 | 00,000,000 | ---D | C] -- C:\Program Files\Comcast
[2009/12/28 16:35:28 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\scanner
[2009/12/28 16:35:15 | 00,000,000 | ---D | C] -- C:\Program Files\CA
[2009/12/28 16:34:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\comcasttb
[2009/12/28 16:34:42 | 00,000,000 | ---D | C] -- C:\Program Files\comcasttb
[2009/12/28 16:32:38 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft
[2009/12/28 16:32:38 | 00,000,000 | ---D | C] -- C:\Program Files\ComcastUI
[2009/12/25 14:46:25 | 00,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2009/12/25 14:46:25 | 00,026,600 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
[2009/12/25 14:45:03 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/12/25 14:44:56 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/12/24 11:34:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\VIRepair
[2009/12/19 18:53:31 | 00,000,000 | ---D | C] -- C:\Program Files\Xvid
[2009/12/19 11:16:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Apple Computer
[2009/12/19 11:14:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/12/19 11:13:29 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/12/19 11:12:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/12/19 11:11:11 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009/12/19 11:10:33 | 02,065,696 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2009/12/19 11:10:33 | 00,040,448 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\drivers\usbaapl.sys
[2009/12/19 11:09:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2009/12/19 11:09:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/12/13 17:44:27 | 00,000,000 | ---D | C] -- C:\Program Files\PFPortChecker
[2009/07/17 10:33:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2008/01/31 03:16:43 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/01/31 03:16:43 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2006/08/10 15:00:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2002/04/10 20:41:06 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/01/05 13:58:20 | 00,030,277 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/01/05 13:58:09 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/05 13:58:01 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/05 13:56:53 | 00,114,224 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/01/05 13:56:28 | 11,796,480 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010/01/05 13:56:28 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/01/05 12:54:56 | 00,182,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/01/05 12:51:12 | 00,000,774 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RegistryBooster 2009.lnk
[2010/01/05 12:43:06 | 00,001,828 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PowerSuite 2009.lnk
[2010/01/05 12:40:33 | 00,563,916 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/01/05 12:40:33 | 00,471,094 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/05 12:40:33 | 00,084,830 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/04 01:00:04 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\SBRC.dat
[2010/01/03 21:26:35 | 11,534,336 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.bak
[2010/01/03 20:59:52 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/01/03 15:31:41 | 00,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VIPRE.lnk
[2010/01/03 13:06:54 | 00,000,340 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/01/03 13:06:53 | 00,000,318 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/01/03 12:10:15 | 00,000,827 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/01/03 11:55:55 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Pyihurize.dat
[2010/01/03 11:55:04 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Khotoho.bin
[2009/12/30 20:22:23 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/12/28 16:36:53 | 00,001,960 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Comcast Desktop Doctor.lnk
[2009/12/25 17:05:07 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/25 14:44:06 | 00,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/12/22 22:21:15 | 00,000,080 | ---- | M] () -- C:\WINDOWS\System32\asr_mpuud
[2009/12/19 18:49:52 | 00,039,232 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/12/19 17:31:40 | 00,000,080 | ---- | M] () -- C:\WINDOWS\System32\asr_zxhsf
[2009/12/14 01:21:55 | 00,000,077 | ---- | M] () -- C:\WINDOWS\System32\asr_melee
[2009/12/09 22:54:07 | 00,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/12/07 18:24:03 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 00,006,456 | -H-- | C] () -- C:\WINDOWS\System32\losivito
[2010/01/05 12:43:06 | 00,001,828 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PowerSuite 2009.lnk
[2010/01/05 12:40:20 | 00,114,224 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/01/05 12:20:34 | 00,000,774 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RegistryBooster 2009.lnk
[2010/01/04 01:00:04 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBRC.dat
[2010/01/03 20:59:52 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/01/03 15:31:40 | 00,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VIPRE.lnk
[2010/01/03 13:06:54 | 00,000,340 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/01/03 13:06:52 | 00,000,318 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/01/01 22:58:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Khotoho.bin
[2010/01/01 22:58:35 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Pyihurize.dat
[2009/12/28 16:36:53 | 00,001,960 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Comcast Desktop Doctor.lnk
[2009/12/25 14:46:32 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/12/25 14:44:06 | 00,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/12/22 22:21:15 | 00,000,080 | ---- | C] () -- C:\WINDOWS\System32\asr_mpuud
[2009/12/19 18:54:49 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2009/12/19 18:49:52 | 00,039,232 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/12/19 17:31:40 | 00,000,080 | ---- | C] () -- C:\WINDOWS\System32\asr_zxhsf
[2009/12/19 11:11:22 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/12/14 01:21:55 | 00,000,077 | ---- | C] () -- C:\WINDOWS\System32\asr_melee
[2009/11/30 17:32:58 | 00,007,168 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/11 08:04:57 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/10/11 08:04:56 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008/10/11 08:04:52 | 00,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/10/11 08:04:52 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/10/11 08:04:50 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/10/11 08:04:50 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/10/10 16:25:30 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\FoxImager.dll
[2008/10/10 15:05:05 | 00,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2008/02/27 03:07:11 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/05/02 14:49:14 | 00,000,072 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2007/02/20 12:07:56 | 00,005,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/01/25 00:17:39 | 00,000,214 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/09/14 10:03:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2006/04/14 23:50:07 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006/04/11 22:45:52 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2006/03/08 19:10:07 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/11/07 12:40:23 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/11/07 12:40:22 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/11/07 12:40:22 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/11/07 12:40:20 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/11/07 12:40:20 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005/11/07 12:40:20 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/11/07 12:40:17 | 00,046,080 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005/11/07 12:06:22 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/07/07 04:26:56 | 00,005,627 | ---- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2005/05/03 06:38:42 | 00,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2005/03/08 01:17:08 | 00,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/08/27 05:50:59 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/26 11:12:43 | 00,001,420 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/26 11:12:43 | 00,000,485 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/08/26 11:12:01 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\msacm32.drv
[2003/10/02 05:48:18 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll

========== LOP Check ==========

[2010/01/05 14:04:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2008/12/07 11:58:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2009/10/08 10:23:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2009/12/28 16:36:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/02/05 08:39:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/11/16 20:50:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uniblue
[2010/01/05 12:50:40 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[2009/12/19 11:15:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/01/05 12:43:31 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{9DF77379-A83D-46CF-968D-03CBC652096D}
[2009/12/28 16:37:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\comcasttb
[2009/12/06 20:38:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LimeWire
[2010/01/05 11:09:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2006/03/22 11:59:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2010/01/05 12:48:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Uniblue
[2010/01/05 12:34:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2010/01/03 13:06:54 | 00,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2010/01/03 13:06:53 | 00,000,318 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
[2008/11/16 20:50:31 | 00,000,338 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpyEraser.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/04 08:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ERDNT\cache\AGP440.SYS
[2004/08/04 08:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\dllcache\agp440.sys
[2004/08/04 08:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2004/08/04 07:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004/08/04 07:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/04 07:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/04 14:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004/08/04 14:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/04 14:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2004/08/04 14:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2004/08/04 14:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/04 14:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2003/09/02 14:51:00 | 00,054,656 | ---- | M] (NVIDIA Corporation) MD5=04EF5690AC54924CF745A4A2D1FBF9C1 -- C:\NVIDIA\nForceWin2KXP\3.13\IDE\Win2K\NvAtaBus.sys
[2003/09/02 14:51:00 | 00,054,656 | ---- | M] (NVIDIA Corporation) MD5=04EF5690AC54924CF745A4A2D1FBF9C1 -- C:\NVIDIA\nForceWin2KXP\3.13\IDE\WinXP\NvAtaBus.sys

< MD5 for: SCECLI.DLL >
[2004/08/04 14:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004/08/04 14:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/04 14:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$hf_mig$\{29F8DDC1-9487-49b8-B27E-3E0C3C1298FF}] -> \Device\__max++>\^ -> Mount Point

========== Alternate Data Streams ==========

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

Extras log:

OTL Extras logfile created on: 1/5/2010 2:12:55 PM - Run 1
OTL by OldTimer - Version 3.1.21.0 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

382.00 Mb Total Physical Memory | 103.00 Mb Available Physical Memory | 27.00% Memory free
919.00 Mb Paging File | 561.00 Mb Available in Paging File | 61.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 88.39 Gb Total Space | 11.11 Gb Free Space | 12.57% Space Free | Partition Type: NTFS
Drive D: | 4.76 Gb Total Space | 2.20 Gb Free Space | 46.33% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JERJESS
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\WINDOWS\system32\wmisqtl.exe" = C:\WINDOWS\system32\wmisqtl.exe:*:Enabled:UPnP Firewall -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- (McAfee, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0DB93918-2A77-11D3-805A-00C04FA329AA}" = Word in Works Suite add-in
"{0E0FF2EF-7866-45BE-99F0-475E0DE7733E}" = RPS ParentalControl
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{0EAAC619-A730-4CBB-95D2-70C3ECAD1561}" = RPS Diagnostic Utility
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite eMachines
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy
"{212F5777-1190-4DEF-8E4D-6B2F313B45E7}" = PerfectDisk
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{386593CE-E6AF-48DE-B88A-083CB4781652}" = RPS Firewall
"{3E11A4AA-09DC-414E-BE4C-1F615A235B9B}" = RPS Privacy Manager
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{44629EAF-A233-4AAE-BBCC-26157DC9A40B}" = RPS Security Cleanup
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{53BE7E78-A2E6-4986-89F3-F5C693570BD7}" = RPS RpsCore
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56364334-9530-11D2-BFFC-00C04FA329AA}" = Microsoft Works 2000
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{64010327-8AE7-4D4B-A875-8A874862CD4C}" = RPS Backup
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AF5CAB9-FD0A-494F-8AA6-784D4B5D06C5}" = Microsoft Baseline Security Analyzer 2.1
"{6F857F57-0868-4333-801F-C6FD1C45D198}" = RPS AntiFraud
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{769A4515-083E-4FDF-8060-1B6FA2A59D79}" = RPS AntiVirus
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{782A8AEE-0722-4E08-BB72-34C218CF166B}" = Uniblue PowerSuite 2009
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"{870815CA-6B60-47B6-88DD-A67F42D2F03E}" = GPL MPEG-1/2 DirectShow Decoder Filter
"{8A61A0EC-D2F9-40C1-A290-73A80C2AFD68}" = RPS Performance Tool
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{92F669C7-4D0E-42A8-B7A0-768FFA19972B}" = RPS Burn
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9AC29B2A-1E86-4CE8-BD05-E3429F244659}" = RPS Ad Blocker
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A1C82B18-A7B2-48EC-853D-5807C635531E}" = RPS Zip
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Windows Live Sign-in Assistant
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B8BD4864-420E-4E95-BBE4-DECE91A0F973}" = RPS AntiSpyware
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C144C566-21EF-4F8C-9667-40CF19E6AED0}" = PPSDKRedistributables
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C70EF769-8296-4ED0-966F-D624BC6D4927}" = Authentium AntiVirus SDK - 2
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CD45C967-BF03-406A-820E-8463B84D0FCD}" = RPS App Detector
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7496DD-84ED-4ACF-8713-7C78945C8D7F}" = RPS AsRealtime
"{CEF7211D-CE3A-44C4-B321-D84A2099AE94}" = Comcast Desktop Software (v1.2.0.9)
"{CEF980E6-BC32-49FA-85D8-6742173D8E5D}" = VIPRE Antivirus + Antispyware
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DF204DA0-8C19-4EB2-AE78-683D2DE35B7B}" = RPS PopupBlocker
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2009
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{F05A5232-CE5E-4274-AB27-44EB8105898D}" = CA Pest Patrol Realtime Protection
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Belarc Advisor" = Belarc Advisor 7.2
"comcasttb" = Comcast Toolbar 3.0
"DIVXAudioCompressor4.02" = DivX ;-) Audio Compressor 4.02
"DVDSmith Movie Backup_is1" = DVDSmith Movie Backup 1.0.5
"ERUNT_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8 Beta 2
"InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.7 (Full)
"Magic ISO Maker v5.5 (build 0272)" = Magic ISO Maker v5.5 (build 0272)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PFPortChecker" = PFPortChecker 1.0.32
"PoiZone" = PoiZone
"RadialpointClientGateway_is1" = Verizon Servicepoint 1.5.20
"SoundTaxi_is1" = SoundTaxi 1.3.5
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"Uniblue PowerSuite 2009" = Uniblue PowerSuite 2009
"Unlocker" = Unlocker 1.8.7
"uTorrent" = µTorrent
"Verizon Broadband Toolbar Firefox only" = Verizon Broadband Toolbar Firefox only
"verizon_broad" = Verizon Broadband Toolbar (IE only)
"VLC media player" = VLC media player 0.9.8a
"WIC" = Windows Imaging Component
"WinAVI Video Converter_is1" = WinAVI Video Converter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/4/2010 4:17:51 PM | Computer Name = JERJESS | Source = Application Error | ID = 1000
Description = Faulting application regsvr32.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x009031d0.

Error - 1/4/2010 4:18:00 PM | Computer Name = JERJESS | Source = Application Error | ID = 1000
Description = Faulting application regsvr32.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x009031d0.

Error - 1/4/2010 4:18:08 PM | Computer Name = JERJESS | Source = Application Error | ID = 1000
Description = Faulting application regsvr32.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x009031d0.

Error - 1/4/2010 4:27:30 PM | Computer Name = JERJESS | Source = SerialKeys | ID = 0
Description =

Error - 1/5/2010 1:56:07 PM | Computer Name = JERJESS | Source = Userenv | ID = 1508
Description = Windows was unable to load the registry. This is often caused by insufficient
memory or insufficient security rights. DETAIL - The process cannot access the
file because it is being used by another process. for C:\Documents and Settings\Owner\ntuser.dat

Error - 1/5/2010 1:56:20 PM | Computer Name = JERJESS | Source = Userenv | ID = 1502
Description = Windows cannot load the locally stored profile. Possible causes of
this error include insufficient security rights or a corrupt local profile. If
this problem persists, contact your network administrator. DETAIL - The process
cannot access the file because it is being used by another process.

Error - 1/5/2010 1:56:30 PM | Computer Name = JERJESS | Source = Userenv | ID = 1515
Description = Windows has backed up this user's profile. Windows will automatically
try to use the backed up profile the next time this user logs on.

Error - 1/5/2010 1:56:39 PM | Computer Name = JERJESS | Source = Userenv | ID = 1511
Description = Windows cannot find the local profile and is logging you on with a
temporary profile. Changes you make to this profile will be lost when you log off.

Error - 1/5/2010 2:00:36 PM | Computer Name = JERJESS | Source = SerialKeys | ID = 0
Description =

Error - 1/5/2010 2:58:38 PM | Computer Name = JERJESS | Source = SerialKeys | ID = 0
Description =

[ Application Events ]
Error - 1/4/2010 4:17:51 PM | Computer Name = JERJESS | Source = Application Error | ID = 1000
Description = Faulting application regsvr32.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x009031d0.

Error - 1/4/2010 4:18:00 PM | Computer Name = JERJESS | Source = Application Error | ID = 1000
Description = Faulting application regsvr32.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x009031d0.

Error - 1/4/2010 4:18:08 PM | Computer Name = JERJESS | Source = Application Error | ID = 1000
Description = Faulting application regsvr32.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x009031d0.

Error - 1/4/2010 4:27:30 PM | Computer Name = JERJESS | Source = SerialKeys | ID = 0
Description =

Error - 1/5/2010 1:56:07 PM | Computer Name = JERJESS | Source = Userenv | ID = 1508
Description = Windows was unable to load the registry. This is often caused by insufficient
memory or insufficient security rights. DETAIL - The process cannot access the
file because it is being used by another process. for C:\Documents and Settings\Owner\ntuser.dat

Error - 1/5/2010 1:56:20 PM | Computer Name = JERJESS | Source = Userenv | ID = 1502
Description = Windows cannot load the locally stored profile. Possible causes of
this error include insufficient security rights or a corrupt local profile. If
this problem persists, contact your network administrator. DETAIL - The process
cannot access the file because it is being used by another process.

Error - 1/5/2010 1:56:30 PM | Computer Name = JERJESS | Source = Userenv | ID = 1515
Description = Windows has backed up this user's profile. Windows will automatically
try to use the backed up profile the next time this user logs on.

Error - 1/5/2010 1:56:39 PM | Computer Name = JERJESS | Source = Userenv | ID = 1511
Description = Windows cannot find the local profile and is logging you on with a
temporary profile. Changes you make to this profile will be lost when you log off.

Error - 1/5/2010 2:00:36 PM | Computer Name = JERJESS | Source = SerialKeys | ID = 0
Description =

Error - 1/5/2010 2:58:38 PM | Computer Name = JERJESS | Source = SerialKeys | ID = 0
Description =

[ Application Events ]
Error - 1/4/2010 4:17:51 PM | Computer Name = JERJESS | Source = Application Error | ID = 1000
Description = Faulting application regsvr32.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x009031d0.

Error - 1/4/2010 4:18:00 PM | Computer Name = JERJESS | Source = Application Error | ID = 1000
Description = Faulting application regsvr32.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x009031d0.

Error - 1/4/2010 4:18:08 PM | Computer Name = JERJESS | Source = Application Error | ID = 1000
Description = Faulting application regsvr32.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x009031d0.

Error - 1/4/2010 4:27:30 PM | Computer Name = JERJESS | Source = SerialKeys | ID = 0
Description =

Error - 1/5/2010 1:56:07 PM | Computer Name = JERJESS | Source = Userenv | ID = 1508
Description = Windows was unable to load the registry. This is often caused by insufficient
memory or insufficient security rights. DETAIL - The process cannot access the
file because it is being used by another process. for C:\Documents and Settings\Owner\ntuser.dat

Error - 1/5/2010 1:56:20 PM | Computer Name = JERJESS | Source = Userenv | ID = 1502
Description = Windows cannot load the locally stored profile. Possible causes of
this error include insufficient security rights or a corrupt local profile. If
this problem persists, contact your network administrator. DETAIL - The process
cannot access the file because it is being used by another process.

Error - 1/5/2010 1:56:30 PM | Computer Name = JERJESS | Source = Userenv | ID = 1515
Description = Windows has backed up this user's profile. Windows will automatically
try to use the backed up profile the next time this user logs on.

Error - 1/5/2010 1:56:39 PM | Computer Name = JERJESS | Source = Userenv | ID = 1511
Description = Windows cannot find the local profile and is logging you on with a
temporary profile. Changes you make to this profile will be lost when you log off.

Error - 1/5/2010 2:00:36 PM | Computer Name = JERJESS | Source = SerialKeys | ID = 0
Description =

Error - 1/5/2010 2:58:38 PM | Computer Name = JERJESS | Source = SerialKeys | ID = 0
Description =

[ System Events ]
Error - 1/5/2010 2:28:45 PM | Computer Name = JERJESS | Source = DCOM | ID = 10001
Description = Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493}
as /. The error: "%3" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
-Embedding

Error - 1/5/2010 2:28:56 PM | Computer Name = JERJESS | Source = DCOM | ID = 10001
Description = Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493}
as /. The error: "%3" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
-Embedding

Error - 1/5/2010 2:29:06 PM | Computer Name = JERJESS | Source = DCOM | ID = 10001
Description = Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493}
as /. The error: "%3" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
-Embedding

Error - 1/5/2010 2:29:16 PM | Computer Name = JERJESS | Source = DCOM | ID = 10001
Description = Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493}
as /. The error: "%3" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
-Embedding

Error - 1/5/2010 2:29:26 PM | Computer Name = JERJESS | Source = DCOM | ID = 10001
Description = Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493}
as /. The error: "%3" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
-Embedding

Error - 1/5/2010 2:58:33 PM | Computer Name = JERJESS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service Nero BackItUp
Scheduler 4.0 with arguments "-Service" in order to run the server: {35212119-C615-4CD0-8DA5-7D7F19FBA1B8}

Error - 1/5/2010 2:59:02 PM | Computer Name = JERJESS | Source = Service Control Manager | ID = 7000
Description = The CA Pest Patrol Realtime Protection Service service failed to start
due to the following error: %%2

Error - 1/5/2010 2:59:02 PM | Computer Name = JERJESS | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 1/5/2010 2:59:02 PM | Computer Name = JERJESS | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the SerialKeys service to
connect.

Error - 1/5/2010 2:59:02 PM | Computer Name = JERJESS | Source = Service Control Manager | ID = 7000
Description = The SerialKeys service failed to start due to the following error:
%%1053


< End of report >


Thank you again for any help with my problem!!!

Jeremy