Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

re-directs on searchs

Started by driodstorm , Jan 31 2011 08:58 AM

  • Please log in to reply

#1
driodstorm
Posted 31 January 2011 - 08:58 AM

driodstorm

    New Member

  • Member
  • Pip
  • 1 posts
been having this problem for a few weeks now tried malware no luck i am running
xp pro service pack 3


OTL log
OTL logfile created on: 1/31/2011 8:45:23 AM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\james salters\My Documents\Vuze Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.70 Gb Total Space | 13.39 Gb Free Space | 18.67% Space Free | Partition Type: NTFS
Drive E: | 189.76 Gb Total Space | 155.95 Gb Free Space | 82.18% Space Free | Partition Type: NTFS
Drive F: | 232.83 Gb Total Space | 102.87 Gb Free Space | 44.18% Space Free | Partition Type: NTFS
Drive Y: | 40.00 Gb Total Space | 22.54 Gb Free Space | 56.36% Space Free | Partition Type: NTFS

Computer Name: JUNIORS | User Name: james salters | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/31 08:28:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\james salters\My Documents\Vuze Downloads\OTL.exe
PRC - [2011/01/31 07:09:36 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Documents and Settings\james salters\Local Settings\Temp\AdskCleanup.0001
PRC - [2010/12/22 03:04:14 | 000,936,712 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/12/22 03:04:06 | 001,402,272 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/12/09 13:28:24 | 001,226,608 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/12/08 15:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/12/08 06:42:32 | 010,811,696 | ---- | M] (www.BitComet.com) -- C:\Program Files\BitComet\BitComet.exe
PRC - [2010/11/23 20:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccsvchst.exe
PRC - [2010/08/12 13:06:50 | 000,085,096 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2010/06/24 13:34:52 | 000,091,456 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010/06/24 13:34:50 | 000,279,360 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2010/06/01 10:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/04/29 08:38:54 | 001,652,736 | R--- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2010/03/24 16:26:02 | 000,243,544 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe
PRC - [2010/03/19 08:33:00 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010/01/05 23:45:48 | 000,006,656 | ---- | M] (Motorola) -- C:\Program Files\Motorola\Moto Helper Service\MotoHelper.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/09 17:29:20 | 000,167,576 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr1.exe
PRC - [2008/02/09 17:09:08 | 010,150,040 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\AutoCAD 2009\acad.exe
PRC - [2007/11/28 19:51:10 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/08/23 14:35:30 | 000,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/01/04 15:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/06/06 22:46:24 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2004/09/15 01:01:00 | 000,086,016 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2004/06/30 13:33:04 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2004/06/29 11:23:32 | 000,135,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe
PRC - [2004/06/29 11:22:56 | 000,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
PRC - [2004/05/27 20:05:42 | 000,323,584 | ---- | M] (Dell) -- C:\Program Files\Common Files\Dell\EUSW\Support.exe
PRC - [2003/10/07 16:20:18 | 000,352,256 | ---- | M] ( ) -- C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe


========== Modules (SafeList) ==========

MOD - [2011/01/31 08:28:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\james salters\My Documents\Vuze Downloads\OTL.exe
MOD - [2010/12/04 00:58:45 | 000,413,112 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.5.0.125\asoehook.dll
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/02/16 00:05:52 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4974_x-ww_d889290f\msvcr90.dll
MOD - [2010/02/16 00:05:52 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4974_x-ww_d889290f\msvcp90.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/01/04 20:22:56 | 003,129,432 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai)
SRV - [2010/12/22 03:04:06 | 001,402,272 | ---- | M] (Lavasoft) [On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/11/23 20:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe -- (NIS)
SRV - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/08/12 13:06:50 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010/06/24 13:34:52 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/03/18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/01/05 23:45:48 | 000,006,656 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files\Motorola\Moto Helper Service\MotoHelper.exe -- (MotoHelper.exe)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/11/28 19:51:10 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/08/23 14:35:30 | 000,243,064 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 14:35:22 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005/11/14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/06/29 11:22:56 | 000,073,852 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon)
SRV - [1998/06/06 00:00:00 | 000,034,036 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio\COMMON\Tools\VS-Ent98\Vanalyzr\VARPC.EXE -- (Visual Studio Analyzer RPC bridge)


========== Driver Services (SafeList) ==========

DRV - [2010/12/16 16:35:52 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110130.001\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/16 16:35:52 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110130.001\NAVENG.SYS -- (NAVENG)
DRV - [2010/12/03 03:05:34 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/12/03 03:05:33 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/11/30 23:24:00 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1205000.07D\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/11/25 10:43:00 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/11/22 22:59:15 | 000,044,024 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - [2010/11/22 22:59:15 | 000,044,024 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SymIM.sys -- (SymIM)
DRV - [2010/11/22 22:08:31 | 000,509,560 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1205000.07D\SRTSP.SYS -- (SRTSP)
DRV - [2010/11/22 22:08:31 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1205000.07D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/11/22 20:20:07 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110114.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/11/17 20:59:55 | 000,652,336 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1205000.07D\SYMEFA.SYS -- (SymEFA)
DRV - [2010/11/16 08:38:56 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/11/15 19:45:33 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1205000.07D\Ironx86.SYS -- (SymIRON)
DRV - [2010/11/08 18:50:31 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110128.003\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/10/20 20:28:36 | 000,340,016 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1205000.07D\SYMDS.SYS -- (SymDS)
DRV - [2010/07/16 14:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2010/07/16 14:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/05/26 21:31:19 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 21:31:19 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/10/27 12:06:04 | 000,024,960 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Motousbnet.sys -- (Motousbnet)
DRV - [2009/10/27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motmodem.sys -- (motmodem)
DRV - [2009/06/19 16:59:34 | 000,019,712 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motccgp.sys -- (motccgp)
DRV - [2009/06/03 10:01:28 | 000,230,400 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWADIenum.sys -- (NWADI)
DRV - [2009/05/08 11:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motodrv.sys -- (MotDev)
DRV - [2009/05/06 19:16:26 | 000,006,656 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motusbdevice.sys -- (motusbdevice)
DRV - [2009/01/29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motccgpfl.sys -- (motccgpfl)
DRV - [2009/01/29 17:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motfilt.sys -- (BTCFilterService)
DRV - [2008/04/13 12:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 12:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2007/11/02 15:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motswch.sys -- (MotoSwitchService)
DRV - [2007/02/25 11:10:48 | 000,005,376 | ---- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\winusb.sys -- (WinUSB)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/09/28 13:32:40 | 000,051,584 | ---- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\maa950u.sys -- (maa950u)
DRV - [2006/09/28 13:32:14 | 000,009,472 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\pnetmdm.sys -- (pnetmdm)
DRV - [2005/08/18 11:44:50 | 000,049,867 | ---- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mardp2k.sys -- (MaRdPnp)
DRV - [2005/08/18 11:44:44 | 000,011,473 | ---- | M] (Mobile Action Technology Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\MaVc2K.sys -- (MaVctrl)
DRV - [2005/06/16 17:13:12 | 000,025,044 | ---- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\maa950m.sys -- (maa950m)
DRV - [2005/06/16 17:11:58 | 000,024,784 | ---- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\maa950c.sys -- (maa950c)
DRV - [2004/12/01 02:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 01:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2004/11/16 00:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/11/16 00:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/11/16 00:05:00 | 000,086,554 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/11/16 00:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/11/16 00:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/11/16 00:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/11/16 00:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/11/16 00:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/11/16 00:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/08/25 13:28:46 | 000,787,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004/07/14 10:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 10:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2004/06/29 11:17:16 | 000,477,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2004/05/29 17:41:54 | 000,186,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys -- (b57w2k)
DRV - [2004/04/26 09:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (senfilt)
DRV - [2002/11/08 13:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/09/26 05:41:00 | 000,076,288 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2002/07/17 08:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASPI32.SYS -- (ASPI32)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0.5.1438
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.1430
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.4.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.1430
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.0.1430
FF - prefs.js..extensions.enabledItems: {31513E58-F253-47ad-86DB-D5F21E905429}:0.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.1.1430
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.16.1430
FF - prefs.js..extensions.enabledItems: [email protected]:1.4.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.4.1430
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.3
FF - prefs.js..extensions.enabledItems: [email protected]:0.1.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.05
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.4.1430

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011/01/04 06:22:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn\ [2010/12/27 15:58:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/19 08:34:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2010/11/11 12:09:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/11/12 03:00:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/20 15:48:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/20 15:48:49 | 000,000,000 | ---D | M]

[2010/04/26 06:41:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\james salters\Application Data\Mozilla\Extensions
[2009/05/02 08:14:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\james salters\Application Data\Mozilla\Extensions\[email protected]
[2010/04/26 06:41:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\james salters\Application Data\Mozilla\Extensions\[email protected]
[2010/04/27 06:46:26 | 000,000,000 | ---D | M] (MinimizeToTray (Songbird version)) -- C:\DOCUMENTS AND SETTINGS\JAMES SALTERS\APPLICATION DATA\SONGBIRD2\PROFILES\50C8RG3S.DEFAULT\EXTENSIONS\{31513E58-F253-47AD-86DB-D5F21E905429}
[2010/04/26 06:42:40 | 000,000,000 | ---D | M] (Last.fm) -- C:\DOCUMENTS AND SETTINGS\JAMES SALTERS\APPLICATION DATA\SONGBIRD2\PROFILES\50C8RG3S.DEFAULT\EXTENSIONS\[email protected]
[2010/04/26 06:42:40 | 000,000,000 | ---D | M] (CD Rip Support) -- C:\DOCUMENTS AND SETTINGS\JAMES SALTERS\APPLICATION DATA\SONGBIRD2\PROFILES\50C8RG3S.DEFAULT\EXTENSIONS\[email protected]
[2010/04/26 12:06:13 | 000,000,000 | ---D | M] (Equalizer Presets) -- C:\DOCUMENTS AND SETTINGS\JAMES SALTERS\APPLICATION DATA\SONGBIRD2\PROFILES\50C8RG3S.DEFAULT\EXTENSIONS\[email protected]
[2010/04/28 11:15:53 | 000,000,000 | ---D | M] (The Exorcist >1.4.0) -- C:\DOCUMENTS AND SETTINGS\JAMES SALTERS\APPLICATION DATA\SONGBIRD2\PROFILES\50C8RG3S.DEFAULT\EXTENSIONS\[email protected]
[2010/04/26 06:42:40 | 000,000,000 | ---D | M] (mashTape) -- C:\DOCUMENTS AND SETTINGS\JAMES SALTERS\APPLICATION DATA\SONGBIRD2\PROFILES\50C8RG3S.DEFAULT\EXTENSIONS\[email protected]
[2010/04/26 06:42:39 | 000,000,000 | ---D | M] (MSC Device Support) -- C:\DOCUMENTS AND SETTINGS\JAMES SALTERS\APPLICATION DATA\SONGBIRD2\PROFILES\50C8RG3S.DEFAULT\EXTENSIONS\[email protected]
[2010/04/26 06:42:39 | 000,000,000 | ---D | M] (MTP Device Support) -- C:\DOCUMENTS AND SETTINGS\JAMES SALTERS\APPLICATION DATA\SONGBIRD2\PROFILES\50C8RG3S.DEFAULT\EXTENSIONS\[email protected]
[2010/04/26 06:42:39 | 000,000,000 | ---D | M] (QuickTime Playback) -- C:\DOCUMENTS AND SETTINGS\JAMES SALTERS\APPLICATION DATA\SONGBIRD2\PROFILES\50C8RG3S.DEFAULT\EXTENSIONS\[email protected]
[2010/04/29 07:49:25 | 000,000,000 | ---D | M] (Smarty Pants) -- C:\DOCUMENTS AND SETTINGS\JAMES SALTERS\APPLICATION DATA\SONGBIRD2\PROFILES\50C8RG3S.DEFAULT\EXTENSIONS\[email protected]
[2010/04/28 11:08:05 | 000,000,000 | ---D | M] (Tv button) -- C:\DOCUMENTS AND SETTINGS\JAMES SALTERS\APPLICATION DATA\SONGBIRD2\PROFILES\50C8RG3S.DEFAULT\EXTENSIONS\[email protected]
[2010/04/26 06:42:39 | 000,000,000 | ---D | M] (Windows Media Playback) -- C:\DOCUMENTS AND SETTINGS\JAMES SALTERS\APPLICATION DATA\SONGBIRD2\PROFILES\50C8RG3S.DEFAULT\EXTENSIONS\[email protected]
File not found (No name found) -- C:\PROGRAM FILES\SONGBIRD\EXTENSIONS\[email protected]
File not found (No name found) -- C:\PROGRAM FILES\SONGBIRD\EXTENSIONS\[email protected]
File not found (No name found) -- C:\PROGRAM FILES\SONGBIRD\EXTENSIONS\[email protected]

O1 HOSTS File: ([2010/02/03 15:44:57 | 000,000,846 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 192.168.14.77 Anglemaster
O1 - Hosts: 192.168.14.4 PCD1100
O1 - Hosts: 192.168.14.16 ABCM1250
O1 - Hosts: 192.168.14.80 PCUxxxxxxx
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Shop to Win 2) - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files\Shop to Win 2\ShoppingBHO.dll (Freecause Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (no name) - {C4B8BAB4-1667-11DF-A242-BA9455D89593} - No CLSID value found.
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Bing Bar] C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe (Dell)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PrintScrn.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_23.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} http://w4s.work4sure...ge/w4sgeen9.exe (Reg Error: Value error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} Reg Error: Value error. (Reg Error: Value error.)
O16 - DPF: {33415AC7-AFFA-4D55-B41C-C64C0D07DFCA} http://h50203.www5.h...SWebManager.CAB (Hewlett-Packard Printer Diagnostics)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (Reg Error: Key error.)
O16 - DPF: {55087C75-C0CB-445E-9CD7-1E754B7FA3A3} http://www.xmradio.c.../xmprofiler.CAB (XMRADIO.systemprofiler)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v5.windowsupd...b?1103392474562 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} http://h20270.www2.h...ctDetection.cab (HpProductDetection Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1124986173000 (MUWebControl Class)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.c...loadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://cam5.brett-ro...sCamControl.cab (CamImage Class)
O16 - DPF: {97770E5B-2028-48AC-B4DA-1F991376D2B6} http://download.copy...rs/Copysafe.cab (Reg Error: Value error.)
O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} http://68.62.139.50:...hecker_8120.cab (OCXDownloadChecker Control)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn...pDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {BA5E57BB-88D5-422A-AC9E-C01A6EEE2537} http://192.168.14.99/WebDvr3.cab (WebDvr3 Class)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} http://plugin.fileop...nt/FileOpen.CAB (FoInstaller Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DBAFE6AD-DC14-45DF-A3F7-F8832289A1CD} http://68.62.139.50:...adFile_8110.cab (DownloadFile Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} http://download.abac...abasetup160.cab (Reg Error: Value error.)
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} http://pccheckup.del...ll/gtdownde.cab (Dell PC Checkup Installer Control)
O16 - DPF: {F5820AD3-9B20-423E-B2AA-7AF2B4055746} http://download.palt....x/regdload.cab (CRegistryDownload Class)
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} http://chat.msn.com/bin/msnchat45.cab (MSN Chat Control 4.5)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\jpip {B92DD248-E3D5-4A92-B311-C9B841681455} - C:\Program Files\LizardTech\Express View\expressview.dll (Lizardtech Software)
O18 - Protocol\Handler\sidlet {B92DD248-E3D5-4A92-B311-C9B841681455} - C:\Program Files\LizardTech\Express View\expressview.dll (Lizardtech Software)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - http://www.srh.noaa....kbmx/latest.gif
O24 - Desktop Components:1 () - http://www.srh.noaa....kbmx/latest.gif
O24 - Desktop Components:2 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\james salters\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\james salters\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/04 16:33:51 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2007/09/24 16:07:51 | 000,000,041 | ---- | M] () - C:\AUTOEXEC.BAK -- [ NTFS ]
O32 - AutoRun File - [2008/01/09 10:04:45 | 000,000,006 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2000/02/08 17:19:46 | 000,000,010 | ---- | M] () - Y:\Auto1 - Copy.Fix -- [ NTFS ]
O32 - AutoRun File - [2009/10/19 17:09:50 | 000,000,010 | ---- | M] () - Y:\Auto1.Fix -- [ NTFS ]
O33 - MountPoints2\{0f347250-ca3f-11df-8208-001320490460}\Shell - "" = AutoRun
O33 - MountPoints2\{0f347250-ca3f-11df-8208-001320490460}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0f347250-ca3f-11df-8208-001320490460}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{1bdf0823-028f-11da-8077-00111167d55b}\Shell\AutoRun\command - "" = E:\JDSecure\Windows\JDSecure20.exe
O33 - MountPoints2\{22336da3-267c-11dc-8129-001320490460}\Shell - "" = AutoRun
O33 - MountPoints2\{22336da3-267c-11dc-8129-001320490460}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{22336da3-267c-11dc-8129-001320490460}\Shell\AutoRun\command - "" = E:\LaunchU3.exe
O33 - MountPoints2\{78e6f65c-a734-11dc-8141-001320490460}\Shell\AutoRun\command - "" = ms.config\setup.exe
O33 - MountPoints2\{9af32c05-2a11-11db-80e4-00111167d55b}\Shell - "" = AutoRun
O33 - MountPoints2\{9af32c05-2a11-11db-80e4-00111167d55b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9af32c05-2a11-11db-80e4-00111167d55b}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O33 - MountPoints2\{f18cec5a-935f-11df-81f9-001320490460}\Shell - "" = AutoRun
O33 - MountPoints2\{f18cec5a-935f-11df-81f9-001320490460}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f18cec5a-935f-11df-81f9-001320490460}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/31 07:55:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\james salters\Desktop\GooredFix Backups
[2011/01/27 12:21:42 | 001,350,232 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\james salters\Desktop\Copy of 123.exe
[2011/01/27 09:43:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2011/01/27 09:43:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2011/01/26 11:43:37 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet
[2011/01/26 11:43:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\james salters\Application Data\BitComet
[2011/01/25 13:38:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
[2011/01/25 11:32:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/01/25 09:24:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2011/01/25 09:24:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/01/25 09:24:36 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011/01/25 08:20:32 | 001,350,232 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\james salters\Desktop\123.com
[2011/01/25 07:31:22 | 000,656,320 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys
[2011/01/25 07:31:22 | 000,338,880 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys
[2011/01/25 07:31:20 | 000,249,616 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2011/01/25 07:31:12 | 000,239,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2011/01/25 07:31:12 | 000,160,448 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2011/01/25 07:31:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Security
[2011/01/25 07:31:05 | 000,070,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2011/01/25 07:30:58 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/01/25 07:30:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/01/25 07:30:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\james salters\Application Data\PC Tools
[2011/01/25 07:29:58 | 038,357,320 | ---- | C] (PC Tools ) -- C:\Documents and Settings\james salters\Desktop\8.0.0.623j-SDAFFsetup_en-RevenueWire(207).exe
[2011/01/24 09:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\james salters\Start Menu\Programs\BrowserPlus
[2011/01/18 12:38:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\james salters\Recent
[2011/01/18 12:22:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2011/01/18 12:21:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\james salters\Application Data\Windows Desktop Search
[2011/01/18 12:21:09 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2011/01/18 12:21:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011/01/15 08:02:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2011/01/04 12:05:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\james salters\Desktop\AutoCAD.2010-[32-Bit]-- English
[2011/01/03 12:09:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\james salters\Desktop\Time Sheets
[1980/01/01 00:00:00 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[44 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\james salters\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\james salters\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/31 08:14:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/31 07:10:02 | 000,000,209 | -H-- | M] () -- C:\Documents and Settings\james salters\Desktop\1fa.dwl2
[2011/01/31 07:10:02 | 000,000,059 | -H-- | M] () -- C:\Documents and Settings\james salters\Desktop\1fa.dwl
[2011/01/31 06:47:40 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\Microsoft Office Outlook 2003.lnk
[2011/01/31 01:58:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/01/30 20:38:49 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F10E9F36-E68A-445E-9317-8CA59070552E}.job
[2011/01/30 19:14:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/29 07:04:23 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/01/27 14:02:59 | 000,000,454 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\JOBS on Anglemaster.lnk
[2011/01/27 14:02:07 | 000,000,466 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\Anglemaster mpf.dir.lnk
[2011/01/27 12:33:13 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-804095205-866965316-3670129251-1006.job
[2011/01/27 12:33:12 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-804095205-866965316-3670129251-1006.job
[2011/01/27 12:32:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/01/27 12:31:25 | 000,000,320 | -HS- | M] () -- C:\WINDOWS\tasks\Qtmo.job
[2011/01/27 12:31:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/01/27 12:31:16 | 3219,296,256 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/27 09:43:09 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/01/27 09:43:09 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/01/26 14:04:10 | 000,000,442 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\JOBS (Pcd1100).lnk
[2011/01/26 11:43:40 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk
[2011/01/26 11:43:04 | 007,958,360 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\BitComet_1.25_setup.exe
[2011/01/25 13:38:39 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/01/25 13:38:38 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\james salters\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/01/25 12:18:55 | 000,545,676 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1205000.07D\Cat.DB
[2011/01/25 12:18:55 | 000,544,088 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/01/25 11:57:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/01/25 11:38:34 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\james salters\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/01/25 10:11:38 | 000,131,808 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\1fa.dwg
[2011/01/25 08:20:47 | 001,350,232 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\james salters\Desktop\Copy of 123.exe
[2011/01/25 08:20:47 | 001,350,232 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\james salters\Desktop\123.com
[2011/01/25 07:31:08 | 000,001,664 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2011/01/25 07:30:22 | 038,357,320 | ---- | M] (PC Tools ) -- C:\Documents and Settings\james salters\Desktop\8.0.0.623j-SDAFFsetup_en-RevenueWire(207).exe
[2011/01/24 16:33:01 | 000,130,016 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\1fa.bak
[2011/01/24 09:18:52 | 000,006,956 | -H-- | M] () -- C:\Documents and Settings\james salters\Desktop\me.jpg
[2011/01/24 09:17:12 | 000,020,385 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\BILLS.xlsx
[2011/01/20 08:51:05 | 000,011,819 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\What the....jpg
[2011/01/19 06:41:30 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\james salters\My Documents\mom.doc
[2011/01/18 12:37:59 | 000,104,284 | ---- | M] () -- C:\Documents and Settings\james salters\My Documents\cc_20110118_123749.reg
[2011/01/18 12:36:10 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/01/18 12:21:20 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2011/01/18 12:21:17 | 000,528,256 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/01/18 12:21:17 | 000,097,060 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/01/18 11:29:32 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\Microsoft Office Excel 2003.lnk
[2011/01/15 11:44:51 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\Microsoft Office Word 2003.lnk
[2011/01/15 07:52:48 | 000,001,505 | ---- | M] () -- C:\Documents and Settings\james salters\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/01/15 07:52:47 | 000,001,505 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vuze.lnk
[2011/01/15 06:42:39 | 000,038,522 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\phone.xml
[2011/01/13 13:15:55 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\james salters\My Documents\Lane Ray and Patricia Harris.doc
[2011/01/12 06:38:35 | 000,102,400 | RHS- | M] () -- C:\WINDOWS\System32\RICHED32P.dll
[2011/01/11 10:37:21 | 000,002,730 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\pichaha.jpg
[2011/01/06 08:27:14 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\HEATERS.xls
[2011/01/04 15:16:11 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\james salters\Desktop\LONG SLOT CALCULATOR.xls
[2011/01/04 06:20:00 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[44 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\james salters\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\james salters\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/31 07:10:02 | 000,000,209 | -H-- | C] () -- C:\Documents and Settings\james salters\Desktop\1fa.dwl2
[2011/01/31 07:10:02 | 000,000,059 | -H-- | C] () -- C:\Documents and Settings\james salters\Desktop\1fa.dwl
[2011/01/27 12:31:16 | 3219,296,256 | -HS- | C] () -- C:\hiberfil.sys
[2011/01/26 11:43:40 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk
[2011/01/26 11:42:37 | 007,958,360 | ---- | C] () -- C:\Documents and Settings\james salters\Desktop\BitComet_1.25_setup.exe
[2011/01/25 13:38:38 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\james salters\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/01/25 13:38:38 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2011/01/25 09:24:36 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2011/01/25 09:24:36 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/01/25 07:31:08 | 000,001,664 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2011/01/24 09:18:50 | 000,006,956 | -H-- | C] () -- C:\Documents and Settings\james salters\Desktop\me.jpg
[2011/01/20 08:51:19 | 000,011,819 | ---- | C] () -- C:\Documents and Settings\james salters\Desktop\What the....jpg
[2011/01/19 13:25:31 | 000,020,385 | ---- | C] () -- C:\Documents and Settings\james salters\Desktop\BILLS.xlsx
[2011/01/19 03:00:58 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/01/18 12:37:52 | 000,104,284 | ---- | C] () -- C:\Documents and Settings\james salters\My Documents\cc_20110118_123749.reg
[2011/01/18 12:21:20 | 000,001,803 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
[2011/01/18 12:21:20 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2011/01/15 08:04:44 | 000,544,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/01/15 06:39:09 | 000,038,522 | ---- | C] () -- C:\Documents and Settings\james salters\Desktop\phone.xml
[2011/01/13 13:15:27 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\james salters\My Documents\Lane Ray and Patricia Harris.doc
[2011/01/12 06:38:35 | 000,102,400 | RHS- | C] () -- C:\WINDOWS\System32\RICHED32P.dll
[2011/01/12 06:38:35 | 000,000,320 | -HS- | C] () -- C:\WINDOWS\tasks\Qtmo.job
[2011/01/11 10:37:44 | 000,002,730 | ---- | C] () -- C:\Documents and Settings\james salters\Desktop\pichaha.jpg
[2011/01/06 08:27:13 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\james salters\Desktop\HEATERS.xls
[2011/01/05 07:45:03 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\james salters\Desktop\Pandora.url
[2011/01/04 10:21:31 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\james salters\Desktop\LONG SLOT CALCULATOR.xls
[2010/11/23 14:17:08 | 000,191,922 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-804095205-866965316-3670129251-1006-0.dat
[2010/11/23 14:17:07 | 000,191,922 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/08/23 05:41:53 | 000,290,152 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/17 13:02:24 | 000,000,011 | ---- | C] () -- C:\WINDOWS\tbaction.ini
[2010/02/08 07:33:04 | 000,359,320 | ---- | C] () -- C:\WINDOWS\System32\vfprintpthelper.dll
[2010/01/14 12:10:38 | 000,038,485 | ---- | C] () -- C:\Documents and Settings\james salters\Application Data\Comma Separated Values (Windows).ADR
[2009/11/10 07:24:31 | 000,000,143 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2009/11/10 07:23:52 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hplj520xg.ini
[2009/11/10 07:17:49 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hplj5200m.ini
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/23 10:25:55 | 000,002,714 | ---- | C] () -- C:\WINDOWS\System32\sk_bho.ini
[2009/04/07 06:26:38 | 000,000,578 | ---- | C] () -- C:\WINDOWS\M3JPEG.INI
[2008/09/13 05:37:57 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\james salters\Application Data\mcs.rma
[2008/09/13 05:37:57 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\james salters\Application Data\B0F5C4
[2008/06/12 13:00:10 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2008/03/11 06:52:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2008/03/11 06:49:12 | 000,000,227 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2008/03/11 06:49:12 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2008/03/11 06:47:27 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2008/03/11 06:47:26 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2008/03/11 06:46:59 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\WINDOWS\HPBroker.dll
[2008/01/08 10:06:41 | 000,000,046 | ---- | C] () -- C:\WINDOWS\SDViewer.ini
[2008/01/07 08:58:16 | 000,001,309 | ---- | C] () -- C:\WINDOWS\sds.ini
[2008/01/07 08:49:12 | 000,023,244 | ---- | C] () -- C:\WINDOWS\SDSInch.ini
[2008/01/07 08:03:18 | 000,010,333 | ---- | C] () -- C:\WINDOWS\MINIDRAW.INI
[2008/01/07 07:47:16 | 000,000,647 | ---- | C] () -- C:\WINDOWS\DSTVC.ini
[2007/12/11 10:25:46 | 000,000,048 | ---- | C] () -- C:\WINDOWS\winmbkk.sys
[2007/12/10 13:58:12 | 000,007,338 | ---- | C] () -- C:\WINDOWS\SDSMet.ini
[2007/12/10 13:45:01 | 000,000,338 | ---- | C] () -- C:\WINDOWS\SDSAutotool.ini
[2007/11/20 12:32:40 | 005,527,385 | ---- | C] () -- C:\WINDOWS\System32\IDPRSig.dll
[2007/11/20 12:32:40 | 000,622,113 | ---- | C] () -- C:\WINDOWS\System32\IDPList.dll
[2007/11/20 12:32:40 | 000,013,772 | ---- | C] () -- C:\WINDOWS\System32\IDPImmData.dll
[2007/11/20 12:32:39 | 004,985,733 | ---- | C] () -- C:\WINDOWS\System32\IDPFSig.dll
[2007/11/20 12:32:39 | 000,343,272 | ---- | C] () -- C:\WINDOWS\System32\IDPESig.dll
[2007/11/20 12:32:39 | 000,002,380 | ---- | C] () -- C:\WINDOWS\System32\IDPBlkCoo.dll
[2007/11/20 12:32:39 | 000,000,162 | ---- | C] () -- C:\WINDOWS\System32\IDPCritProc.dll
[2007/10/12 12:44:12 | 000,000,126 | ---- | C] () -- C:\WINDOWS\multiview.ini
[2007/10/12 12:43:24 | 000,139,264 | ---- | C] () -- C:\WINDOWS\GeoEditAVIDll.dll
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/05/28 13:13:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\spyxx.INI
[2007/05/19 10:19:29 | 000,002,760 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2007/04/30 11:55:26 | 000,779,776 | ---- | C] () -- C:\WINDOWS\System32\cp211_main.dll
[2007/04/30 11:55:26 | 000,285,184 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicslarge8.dll
[2007/04/30 11:55:26 | 000,285,184 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicslarge16.dll
[2007/04/30 11:55:26 | 000,252,416 | ---- | C] () -- C:\WINDOWS\System32\cp211_javascript.dll
[2007/04/30 11:55:26 | 000,226,304 | ---- | C] () -- C:\WINDOWS\System32\cp211_msjava.dll
[2007/04/30 11:55:26 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicsmed8.dll
[2007/04/30 11:55:26 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicsmed16.dll
[2007/04/30 11:55:26 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\cp211_vrml1to2.dll
[2007/04/30 11:55:26 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicssmall8.dll
[2007/04/30 11:55:26 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicssmall16.dll
[2007/04/30 11:55:26 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\cp211_lang.dll
[2007/04/30 11:55:26 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\cp211_basic.dll
[2007/04/30 11:55:26 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\cp211_graphicspos.dll
[2007/02/20 12:59:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/02/20 12:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/02/20 12:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/02/20 12:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/02/20 12:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/02/20 12:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/02/20 12:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/02/20 12:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/02/20 12:59:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/02/20 11:24:46 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007/02/12 08:11:10 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006/06/26 08:24:03 | 000,000,228 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2006/05/15 08:36:20 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2006/02/20 07:09:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EngineExe.INI
[2006/02/17 14:27:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VideoExe.INI
[2006/02/17 14:26:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MelodyExe.INI
[2006/02/17 07:45:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FileMgrExe.INI
[2006/02/17 07:43:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AlbumExe.INI
[2006/02/17 07:40:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PanelExe.INI
[2006/02/01 09:07:03 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/01/18 17:39:35 | 000,000,056 | ---- | C] () -- C:\WINDOWS\addrbook.ini
[2006/01/18 16:37:09 | 000,000,010 | ---- | C] () -- C:\WINDOWS\dvr2.ini
[2006/01/14 10:22:58 | 000,001,353 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/15 07:52:24 | 000,000,185 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/09/09 10:20:49 | 000,000,545 | ---- | C] () -- C:\WINDOWS\CDMaster.ini
[2005/08/22 10:17:50 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/08/09 13:34:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure20.INI
[2005/07/19 11:31:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\RussSqr.INI
[2005/06/02 12:33:31 | 000,000,249 | ---- | C] () -- C:\WINDOWS\ccolwiz.ini
[2005/04/06 15:30:05 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005/03/14 10:03:02 | 000,000,030 | ---- | C] () -- C:\WINDOWS\voloview.INI
[2005/02/08 13:33:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2005/02/04 09:47:05 | 000,000,022 | ---- | C] () -- C:\WINDOWS\PEDWIN.INI
[2005/01/07 12:51:20 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll
[2004/12/20 08:13:35 | 000,111,104 | ---- | C] () -- C:\Documents and Settings\james salters\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/12/18 13:12:13 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\james salters\Local Settings\Application Data\fusioncache.dat
[2004/12/18 12:19:43 | 000,198,656 | ---- | C] () -- C:\WINDOWS\System32\lmgr166a.dll
[2004/12/18 12:11:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MTSTACK.INI
[2004/12/13 03:27:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/12/13 03:24:03 | 000,000,346 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/12/13 03:18:58 | 000,002,742 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/12/13 02:56:14 | 000,000,516 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/11/30 15:24:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\RegDload.dll
[2004/10/26 16:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/09/15 22:03:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/11 17:25:56 | 000,000,882 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/11 17:14:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/04 05:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/12/10 00:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[2002/12/10 00:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[2001/07/07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/12/18 17:40:14 | 000,000,093 | ---- | C] () -- C:\WINDOWS\POST.INI
[2000/02/13 15:57:14 | 000,004,272 | ---- | C] () -- C:\WINDOWS\T260.INI
[1998/06/10 00:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL
[1998/05/18 00:00:00 | 000,014,017 | ---- | C] () -- C:\WINDOWS\JAUTOEXP.INI
[1998/04/24 00:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI
[1996/04/03 13:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[1980/01/01 00:00:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll

========== LOP Check ==========

[2009/05/26 11:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2006/12/06 09:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Actify
[2010/08/12 13:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2010/12/07 17:33:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010/10/01 07:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileCure
[2010/12/07 17:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Free Ride Games
[2010/07/26 14:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2009/12/03 11:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\motorola
[2006/05/03 13:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2009/12/09 13:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2008/10/10 05:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2006/11/29 10:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2010/08/17 13:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2011/01/25 07:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/05/26 11:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/08/05 10:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\W3i
[2006/08/18 12:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2010/12/08 06:54:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2010/01/05 05:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2006/05/10 14:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\Aim
[2010/08/12 13:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\Autodesk
[2007/05/29 10:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\AutoDWG
[2011/01/26 11:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\Azureus
[2011/01/31 08:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\BitComet
[2008/12/10 15:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/03/15 12:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1
[2010/04/26 06:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\COWON
[2010/11/19 09:52:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\eNetGuru
[2010/08/05 10:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\FCSB000062035
[2007/03/29 08:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\FileOpen
[2010/12/07 17:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\FinalMediaPlayer
[2010/08/05 10:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\FreeFileViewer
[2010/07/19 12:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\GlarySoft
[2010/09/16 13:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\InfraRecorder
[2010/08/05 10:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\IObit
[2008/09/11 10:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\IrfanView
[2004/12/21 10:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\Leadertech
[2010/12/20 15:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\Local
[2006/02/17 07:45:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\MobileAction
[2010/02/26 08:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\motorola
[2010/04/01 06:11:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\MSNInstaller
[2009/12/08 09:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\NCH Swift Sound
[2010/12/06 06:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\NesterSoft
[2006/12/12 12:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\OfficeUpdate12
[2008/11/17 08:17:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\SecondLife
[2010/12/08 06:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\simppulltoolbar
[2010/04/26 06:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\Songbird2
[2010/12/13 16:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\SoundSpectrum
[2009/07/01 14:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\The Labyrinth Plus! Edition
[2009/11/11 06:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\Tific
[2010/02/22 14:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\TweakNow RegCleaner
[2009/11/11 11:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\Uniblue
[2010/05/13 11:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\Unity
[2007/06/08 07:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\Viewpoint
[2010/01/11 16:21:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\WeatherBug
[2011/01/18 12:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\james salters\Application Data\Windows Desktop Search
[2011/01/29 07:04:23 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/01/31 01:58:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/01/27 12:31:25 | 000,000,320 | -HS- | M] () -- C:\WINDOWS\Tasks\Qtmo.job
[2011/01/30 20:38:49 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F10E9F36-E68A-445E-9317-8CA59070552E}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\james salters\My Documents\Default.rdp:SummaryInformation
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F7F48F12
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63238B95
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:39413AC3

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP