I ran Spybot and Avast and it's still happening.
I haven't tried using another browser while this has been happening because I've been using the same one for months so why switch unless absolutely necessary?
So, here is my OTL Log:
OTL logfile created on: 5/9/2011 2:37:41 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
766.00 Mb Total Physical Memory | 126.00 Mb Available Physical Memory | 16.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.43 Gb Total Space | 0.73 Gb Free Space | 2.13% Space Free | Partition Type: NTFS
Drive E: | 3.42 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: ASH | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/05/09 14:36:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
PRC - [2011/04/30 02:35:13 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.53\GoogleCrashHandler.exe
PRC - [2011/04/28 06:15:17 | 001,010,232 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/04/21 10:58:21 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.53\GoogleCrashHandler.exe
PRC - [2011/01/09 13:55:54 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/04 10:36:33 | 000,017,272 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2007/12/04 09:00:16 | 000,140,664 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2007/12/04 08:59:53 | 000,247,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2007/12/04 08:59:01 | 000,345,464 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2007/08/27 14:38:50 | 000,566,616 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2007/08/08 15:53:16 | 000,088,024 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
PRC - [2007/01/04 17:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2004/05/24 13:35:52 | 000,322,104 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe
========== Modules (SafeList) ==========
MOD - [2011/05/09 14:36:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
MOD - [2011/01/11 10:59:44 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcr90.dll
MOD - [2011/01/11 10:59:44 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcp90.dll
MOD - [2011/01/09 13:57:35 | 000,040,448 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/04/10 17:05:58 | 000,266,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2007/12/04 10:36:33 | 000,017,272 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2007/12/04 09:00:16 | 000,140,664 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2007/12/04 08:59:53 | 000,247,160 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2007/12/04 08:59:01 | 000,345,464 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2007/08/27 14:38:50 | 000,566,616 | ---- | M] (Lavasoft AB) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/05/24 13:35:52 | 000,322,104 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
========== Driver Services (SafeList) ==========
DRV - [2009/12/18 12:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2007/12/14 16:06:44 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2007/12/04 10:55:46 | 000,094,544 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2007/12/04 10:53:39 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2007/12/04 10:51:52 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2007/12/04 10:49:02 | 000,026,624 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2006/09/24 13:15:32 | 000,020,096 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2005/08/15 12:08:26 | 000,127,488 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys -- (imagesrv)
DRV - [2005/08/15 12:08:26 | 000,005,888 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\imagedrv.sys -- (imagedrv)
DRV - [2005/05/03 11:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005/04/12 04:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/06/10 21:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sacm2K.sys -- (USBCM)
DRV - [2004/06/02 14:19:00 | 000,038,705 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
DRV - [2004/06/02 14:17:56 | 000,151,985 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
DRV - [2004/05/20 09:45:20 | 000,068,950 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
DRV - [2004/05/20 09:41:54 | 000,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
DRV - [2004/05/20 09:39:42 | 000,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
DRV - [2004/05/20 09:21:10 | 000,036,918 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)
DRV - [2003/11/17 16:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 16:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 16:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2001/08/17 13:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...UGO&form=ZGAPHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/...GO&form=ZGAPHP"
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86
FF - prefs.js..extensions.enabledItems: ConsumerInput@Compete:7565
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.07103010
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {F807FACD-E46A-4793-B345-D58CB177673C}:3.5.3.3
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.76
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:3.6.7
FF - prefs.js..extensions.enabledItems: {a6bf16ab-42a1-4bc5-965d-5e407e449aaa}:1.0.0.0
FF - prefs.js..extensions.enabledItems: {7694c49c-9fbd-11dc-8314-0800200c9a66}:3.6.7
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/01/09 13:57:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/06/09 19:40:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/11 15:10:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/12 22:16:26 | 000,000,000 | ---D | M]
[2010/03/30 16:16:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/03/30 16:16:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\[email protected]
[2009/03/05 16:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\[email protected]
[2011/04/21 22:14:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions
[2010/06/29 01:18:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/23 00:33:07 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/12/13 23:32:03 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2007/12/14 20:51:25 | 000,000,000 | ---D | M] (del.icio.us) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\{5a2b4e34-ce62-42e9-a658-06ba4490adf8}
[2010/03/19 01:22:50 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/02/28 01:41:48 | 000,000,000 | ---D | M] (Aquatint Black) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2011/04/13 22:47:54 | 000,000,000 | ---D | M] (BFlix Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\{a6bf16ab-42a1-4bc5-965d-5e407e449aaa}
[2011/02/28 18:25:11 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2008/07/17 19:36:19 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2008/08/02 18:37:55 | 000,000,000 | ---D | M] (MediaWrap) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\{dd68c513-9296-4b63-8d8b-8f1c991c8a48}
[2011/02/28 18:25:12 | 000,000,000 | ---D | M] (ScribeFire) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\{F807FACD-E46A-4793-B345-D58CB177673C}
[2010/06/29 01:18:14 | 000,000,000 | ---D | M] ("Consumer Input") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\ConsumerInput@Compete
[2011/02/28 18:25:13 | 000,000,000 | ---D | M] (Virtus Search Opt-in) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\[email protected]
[2008/10/18 05:16:22 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\[email protected]
[2008/07/25 01:47:53 | 000,000,000 | ---D | M] (Oberon Game Host) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\[email protected]
[2011/02/28 18:25:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\[email protected]\chrome
[2011/02/28 18:25:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\[email protected]\defaults
[2011/02/28 01:41:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2008/10/21 17:38:27 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\searchplugins\ask.xml
[2011/04/13 22:48:14 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\searchplugins\bing-zugo.xml
[2010/05/21 20:34:22 | 000,002,168 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\searchplugins\inbox-search.xml
[2009/03/19 18:12:34 | 000,002,158 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xgklofqr.default\searchplugins\MySpace.xml
[2011/04/21 22:14:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007/05/04 15:41:40 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/04/24 18:17:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/24 23:07:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/24 14:32:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/24 15:20:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/24 15:42:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2007/05/04 15:41:16 | 000,000,000 | ---D | M] (Real Networks Settings) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2011/01/09 13:57:36 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010/12/17 13:02:48 | 000,000,000 | ---D | M] (Gamevance TextLinks) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\[email protected]
[2010/06/09 19:40:20 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX
[2010/04/24 18:17:08 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2000/06/05 17:47:00 | 000,032,768 | ---- | M] (Internet Pictures Corp.) -- C:\Program Files\Mozilla Firefox\plugins\AppSub32.dll
[2006/07/07 00:22:00 | 000,806,912 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npActiveGS.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2000/06/05 17:48:00 | 000,098,304 | ---- | M] (Internet Pictures Corp.) -- C:\Program Files\Mozilla Firefox\plugins\NpIpx32.dll
[2008/06/28 23:43:58 | 000,159,744 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2007/03/09 19:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[2009/09/21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
O1 HOSTS File: ([2011/04/12 23:34:06 | 000,328,907 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 65.75.216.6 www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.54 www.winmx.com err.winmx.com
O1 - Hosts: 65.75.216.6 cache0.winmx.com test3201.winmx.com test3206.winmx.com
O1 - Hosts: 65.75.216.7 cache1.winmx.com test3202.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.229.238 cache2.winmx.com test3203.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.1 cache3.winmx.com test3204.winmx.com
O1 - Hosts: 205.238.40.2 cache4.winmx.com test3205.winmx.com
O1 - Hosts: 65.75.216.6 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 11140 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {1FD79A59-37B1-459B-9097-09F9FAB8A523} - No CLSID value found.
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (CDNSCacheObj Object) - {376892AE-1825-4E5F-9F85-23F9640051CC} - C:\WINDOWS\mplayerplgn.dll ()
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll (BitComet)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (BFlix Toolbar) - {a6bf16ab-42a1-4bc5-965d-5e407e449aaa} - C:\Program Files\bflixtoolbar\vmntemplateX.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (BFlix Toolbar) - {a6bf16ab-42a1-4bc5-965d-5e407e449aaa} - C:\Program Files\bflixtoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O4 - HKLM..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe (Adobe Systems, Inc.)
O4 - HKLM..\RunOnceEx: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools: = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools\ShowInfoTip: = 0
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - File not found
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Turbo%20Pizza/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://by118fd.bay11...es/MsnPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1168085713178 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zon...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} http://zone.msn.com/...tg.1.0.0.37.cab (CPlayFirstddfotgControl Object)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zon...ot.cab57213.cab (CBreakshotControl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} http://zone.msn.com/...ersion=1,0,0,10 (AstoundLauncher Control)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Turbo%20Pizza/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.myspace...ronGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/...ploader_v10.cab (PopCapLoader Object)
O16 - DPF: {EEA3945F-2702-45A0-BBE1-BC88E252AED1} http://www.lifetimet...ec.1.0.0.30.cab (CPlayFirstDDPrilosecControl Object)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...970/mcfscan.cab (McFreeScan Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/01/06 05:19:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{564fc3f4-eb74-11dd-88cb-00194747d9ed}\Shell\AutoRun\command - "" = D:\rcaeasyrip_setup.exe
O33 - MountPoints2\{564fc3f4-eb74-11dd-88cb-00194747d9ed}\Shell\install\command - "" = D:\rcaeasyrip_setup.exe
O33 - MountPoints2\{564fc3f4-eb74-11dd-88cb-00194747d9ed}\Shell\usermanualEnglish\command - "" = D:\rcaeasyrip_setup.exe /pdf_English
O33 - MountPoints2\{564fc3f4-eb74-11dd-88cb-00194747d9ed}\Shell\usermanualFrench\command - "" = D:\rcaeasyrip_setup.exe /pdf_French
O33 - MountPoints2\{564fc3f4-eb74-11dd-88cb-00194747d9ed}\Shell\usermanualSpanish\command - "" = D:\rcaeasyrip_setup.exe /pdf_Spanish
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/04/29 03:49:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\vmntemplate
[2011/04/27 02:39:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/04/22 13:28:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2011/04/21 23:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\PMB Files
[2011/04/21 23:41:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/04/13 22:47:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\bflixtoolbar
[2011/04/13 22:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\bflixtoolbar
[2011/04/13 22:47:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Premium
[2011/04/13 22:47:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2007/04/20 14:40:01 | 000,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys
[2004/06/10 21:42:38 | 000,015,429 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2K.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/05/09 14:40:15 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-448539723-725345543-1003UA.job
[2011/05/09 14:39:19 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{360BC3AC-6E7C-4F61-A499-C991C7A3AEA2}.job
[2011/05/09 14:03:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/09 13:36:01 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job
[2011/05/09 11:03:01 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/09 02:40:02 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-448539723-725345543-1003Core.job
[2011/05/08 22:42:48 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-602162358-448539723-725345543-1003.job
[2011/05/08 22:42:45 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-602162358-448539723-725345543-1003.job
[2011/05/08 15:43:54 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Google Chrome.lnk
[2011/05/08 15:43:54 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/04 05:36:00 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job
[2011/05/03 23:31:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/29 03:55:13 | 001,027,072 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2011/04/29 03:55:13 | 000,843,776 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2011/04/28 14:54:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/28 14:53:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/15 03:42:37 | 001,402,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/15 03:25:17 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/15 03:22:01 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/15 03:22:01 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/13 00:17:57 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/04/12 23:34:06 | 000,328,907 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/04/03 20:38:33 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/04/03 20:38:32 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/12/25 13:46:24 | 000,000,108 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/04/18 04:25:32 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/02/13 04:07:58 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/01/21 15:34:06 | 000,118,784 | ---- | C] () -- C:\WINDOWS\mplayerplgn.dll
[2008/12/26 16:38:08 | 000,000,028 | ---- | C] () -- C:\WINDOWS\v2d.INI
[2008/11/21 17:47:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 17:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/10/03 23:04:23 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\MyPhrases.dta
[2007/05/04 15:45:26 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/05/04 02:04:49 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007/04/20 14:40:01 | 000,135,168 | R--- | C] () -- C:\WINDOWS\UNDPX2A.exe
[2007/04/20 14:40:01 | 000,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys
[2007/04/13 15:19:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2007/02/11 17:19:59 | 000,002,601 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/02/03 14:54:58 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/01/09 11:16:02 | 000,014,336 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/07 13:49:41 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/01/07 06:06:12 | 000,000,125 | -HS- | C] () -- C:\Documents and Settings\Owner\Application Data\.zreglib
[2007/01/06 09:55:20 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/01/06 08:04:00 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/01/06 07:15:39 | 000,000,515 | ---- | C] () -- C:\WINDOWS\VTruck1.ini
[2007/01/06 06:35:34 | 000,000,715 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2007/01/06 06:33:02 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/01/06 06:23:53 | 000,000,000 | R--- | C] () -- C:\WINDOWS\System32\DVEMODEM.DAT
[2007/01/06 06:23:18 | 000,004,272 | R--- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2007/01/06 05:21:59 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/01/06 05:16:26 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/01/06 00:10:28 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/01/06 00:09:20 | 001,402,920 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/12 10:11:42 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/12 10:11:41 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/12 10:04:52 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/12 10:03:21 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/12 10:03:20 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/12 10:03:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/12 10:03:19 | 000,067,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/12 10:02:25 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/12 09:59:52 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/12 09:59:46 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/12 09:57:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/12 09:56:48 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/06/04 17:35:30 | 000,135,168 | ---- | C] () -- C:\WINDOWS\UNDPX2K.exe
[2004/06/04 17:34:46 | 000,053,693 | ---- | C] () -- C:\WINDOWS\UNDPX2K.sys
[2004/01/27 08:13:54 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2000/09/08 18:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
========== LOP Check ==========
[2008/08/22 23:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Astar Games
[2008/02/12 02:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Christmasville
[2007/10/04 20:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Escape From Paradise
[2009/12/24 01:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EscapeTheMuseum2
[2009/04/10 23:20:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2007/05/11 21:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FloodLightGames
[2008/08/25 22:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreshGames
[2008/06/05 20:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2009/06/14 22:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2007/08/08 08:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gamelab
[2008/02/08 01:32:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Go Go Gourmet
[2008/08/30 03:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2008/08/25 22:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii Games
[2008/12/31 04:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2009/12/01 13:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hot Lava Games
[2011/04/13 22:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2007/03/24 04:21:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin
[2009/11/01 23:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2007/06/23 15:27:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2009/07/05 01:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2007/12/16 04:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2007/08/01 05:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NannyMania
[2008/10/20 17:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2011/04/22 13:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2007/10/07 16:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm
[2010/02/28 14:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2011/04/21 23:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2007/03/18 03:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2011/04/13 22:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2008/06/18 02:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2008/06/18 01:41:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2010/04/25 09:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SugarGames
[2010/04/28 23:32:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/16 01:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2009/07/05 22:07:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UClick
[2008/03/11 05:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Valusoft
[2009/06/20 22:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/04/28 21:55:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XLab
[2008/02/12 04:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2009/12/25 21:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/07/05 02:41:13 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Owner\Application Data\.#
[2007/01/06 08:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\acccore
[2007/05/02 20:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Balloon Express
[2011/05/04 02:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\bflixtoolbar
[2007/08/08 08:42:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Big Fish Games
[2008/08/30 22:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\cerasus.media
[2010/04/27 12:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2007/01/06 12:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Configuration
[2007/09/13 21:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DMCache
[2007/01/08 05:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Elaborate Bytes
[2010/03/31 22:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ElevatedDiagnostics
[2009/04/10 23:20:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Flood Light Games
[2007/05/11 21:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FloodLightGames
[2008/02/13 09:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ForgottenRiddles
[2008/08/26 00:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Friday's games
[2008/03/23 02:05:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Fuzzy Games
[2008/12/30 04:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GameInvest
[2008/08/25 23:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Gamelab
[2008/08/29 01:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Go-Go Gourmet Chef of the Year
[2008/08/25 22:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Gogii Games
[2009/06/13 22:47:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GOL_byHasbro
[2008/11/01 20:51:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\gtk-2.0
[2008/02/13 04:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Home Sweet Home
[2008/10/05 04:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\iWin
[2007/12/16 03:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Jane s Hotel
[2010/11/08 12:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LolClient
[2007/08/11 12:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Magic Academy
[2009/08/26 14:45:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MSNInstaller
[2008/02/13 06:11:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\My Games
[2009/12/24 03:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MysteryStudio
[2008/02/08 04:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Oberon Games
[2009/08/26 19:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Paltalk
[2010/02/28 14:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PlayFirst
[2008/11/07 02:24:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Pogo Games
[2007/06/17 01:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sandlot Games
[2007/01/07 06:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SlySoft
[2010/03/07 10:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SpinTop
[2009/07/05 02:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sudden Games
[2008/02/09 02:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Super-Cow
[2010/11/08 13:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SystemRequirementsLab
[2008/02/09 01:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TheScruffs
[2007/10/03 22:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TypingMaster7
[2008/03/11 05:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ubisoft
[2009/07/05 22:07:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\UClick
[2008/03/11 05:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Valusoft
[2007/01/11 11:57:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Viewpoint
[2010/03/30 16:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Vivox
[2011/04/29 03:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\vmntemplate
[2008/10/09 16:53:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WinPatrol
[2011/05/04 05:36:00 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\Tasks\ConfigExec.job
[2011/05/09 13:36:01 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\Tasks\DataUpload.job
[2011/05/09 14:39:19 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{360BC3AC-6E7C-4F61-A499-C991C7A3AEA2}.job
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2007/03/30 06:50:06 | 000,000,000 | ---D | M](C:\Documents and Settings\Owner\LOCAL?) -- C:\Documents and Settings\Owner\LOCAL᭓
(C:\Documents and Settings\Owner\LOCAL?) -- C:\Documents and Settings\Owner\LOCAL᭓
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E3CFE0C3
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D9F6664C
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B742A47D
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4F636E25
@Alternate Data Stream - 353 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:68C4BECC
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F878F14A
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:860D9052
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C0A4F645
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:002640E3
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E828A893
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:75EFCFC2
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC381680
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:86A8CE8D
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2C6A77F3
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:16F2A6FF
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:066DBD0D
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DA18D4E3
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:18AE7C5A
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EA2FBCA1
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C3B04546
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:41C283B2
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07B14078
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:00C31200
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5216CD26
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38849DE5
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10CFA7D4
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C24B973A
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C17FCA88
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AE8D8202
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:84499DA6
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5A27D490
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4CD2D817
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:48F0FFF8
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3B3A35EC
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C0D722EB
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ABE89FFE
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6DD87D86
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CB8D545
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D354012D
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4D066AD2
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3780BCC3
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3064D21D
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D18D7C38
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B83F1B83
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9B0F9E15
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:857F3067
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6468C896
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C270C64
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2FFB0790
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:29BCDA07
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B61DB9F
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A696643D
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5F51822D
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:492679C1
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2FC9D9C0
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B0A3DB99
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4E903DEB
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F686C4A
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E768F69D
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DD874E14
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C4A1F01E
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ADE16379
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:949483BD
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CD562B4
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FF8F1AE3
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B835A22
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3857ABB7
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CC174F28
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B9000539
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A08FFD4D
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:03392111
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:29213127
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C7D54A10
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A42A9F39
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2FF4577A
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:20DB61D6
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:132EDADA
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:95B7F1EC
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93C494CA
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90E3641D
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:85630A39
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:72E546C1
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5856B2C0
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4E158DDD
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E55CE2D1
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DA3C6C07
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:74699137
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5E1404CE
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EA701346
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E06AC882
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9AB338B9
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:85B76BC6
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CF23EC3
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FE4E15B1
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05113FB9
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EB603FE4
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:59D05D9A
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0951C4CC
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DA723860
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D10517E
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:592D7272
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:588B60C7
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB52BE62
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:426796C0
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D61FFEE
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:618BF152
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1B79AEF3
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F951183D
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:861A898F
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7BA6D322
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B3E9221
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:42ABD532
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:389D51A1
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:13B137AF
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F65733F1
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E5AFE07D
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D387C245
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:30C46519
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0A330F4B
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:814B9485
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C12E68D
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E71141D2
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6F1F1DBC
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:615435BE
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:54997B77
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:50631D57
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D66B5EAE
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D0570058
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:86B1B197
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:57BF34C6
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8AB6C1D7
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:753B0F80
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1D6686D8
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05816AFA
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:052A05A1
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0104E054
< End of report >
Any help is much appreciated. Thank you!