Author Topic: Restriction Warning (Read 24855 times)

overthehill · « **Reply #30 on:** September 11, 2010, 02:14:25 PM »

Here goes the attached link. No they said nothing about Norton. And yes, I'm still using Avast.
I really have to commend you Broni for helping out this old fellow. Thanks.

http://www.computerhope.com/forum/index.php/topic,109580.0.html

Broni · « **Reply #31 on:** September 11, 2010, 02:22:54 PM »

You're very welcome

Run Norton Removal Tool: http://www.symantec.com/norton/support/kb/web_view.jsp?wv_type=public_web&docurl=20080710133834EN

When you're done....

Re-run OTL, but paste this in "Custom scans" box:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

Post resulting log.

overthehill · « **Reply #32 on:** September 11, 2010, 02:39:03 PM »

Broni. Log as requested.overthehill

OTL logfile created on: 9/11/2010 3:56:53 PM - Run 10
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\Bonham\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 230.42 Gb Total Space | 202.88 Gb Free Space | 88.05% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WINXP_MCE
Current User Name: Bonham
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Bonham\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
PRC - C:\Program Files\Common Files\EPSON\eEBAPI\eEBSvc.exe ()
PRC - C:\Program Files\Common Files\EPSON\eEBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Intel\Intel Desktop Utilities\iduServ.exe (Intel(R) Corporation)
PRC - C:\Program Files\Intel\Intel Desktop Utilities\iptray.exe (Intel(R) Corporation)
PRC - C:\Program Files\Folding@home\Folding@home-x86\FahCore_78.exe ()
PRC - C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe (Motorola)
PRC - C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe ()
PRC - C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
PRC - C:\Program Files\IncrediMail\bin\ImApp.exe (IncrediMail, Ltd.)
PRC - C:\Program Files\WhatPulse\WhatPulse.exe (WhatPulse.org)
PRC - C:\Program Files\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Program Files\Folding@home\Folding@home-x86\[email protected] ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe ()
PRC - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe (Sonic Solutions)
PRC - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe (Sonic Solutions)
PRC - C:\Program Files\SpywareGuard\sgmain.exe ()
PRC - C:\Program Files\SpywareGuard\sgbhp.exe ()

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Bonham\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll (BillP Studios)

========== Win32 Services (SafeList) ==========

SRV - (AWService) -- C:\Program Files\Intel\IDU\awServ.exe File not found
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (EpsonBidirectionalService) -- C:\Program Files\Common Files\EPSON\eEBAPI\eEBSvc.exe ()
SRV - (EPSONStatusAgent2) -- C:\Program Files\Common Files\EPSON\eEBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
SRV - (IduService) Intel(R) -- C:\Program Files\Intel\Intel Desktop Utilities\iduServ.exe (Intel(R) Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (MotoConnect Service) -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe ()
SRV - (RoxLiveShare) -- C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe (Sonic Solutions)
SRV - (RoxMediaDB) -- C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe (Sonic Solutions)
SRV - (RoxWatch) -- C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe (Sonic Solutions)
SRV - (RoxUPnPRenderer) -- C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe (Sonic Solutions)
SRV - (RoxUpnpServer) -- C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe (Sonic Solutions)

========== Driver Services (SafeList) ==========

DRV - (SABProcEnum) -- C:\Program Files\Internet Explorer\SABProcEnum.sys File not found
DRV - (PCASp50) -- C:\WINDOWS\System32\Drivers\PCASp50.sys File not found
DRV - (NVIDIAHWAccess) -- C:\Documents and Settings\Bonham\Application Data\NVIDIA\HWAccess.sys File not found
DRV - (Lbd) -- C:\WINDOWS\System32\DRIVERS\Lbd.sys File not found
DRV - (catchme) -- C:\DOCUME~1\Bonham\LOCALS~1\Temp\catchme.sys File not found
DRV - (osaio) -- C:\WINDOWS\system32\drivers\osaio.sys (OSA Technologies, An Avocent Company)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (cpuidlep) -- C:\WINDOWS\System32\drivers\cpuidlep.sys ()
DRV - (smbusp) Intel(R) -- C:\WINDOWS\system32\drivers\intelsmb.sys (Intel Corporation)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (cpudrv) -- C:\Program Files\SystemRequirementsLab\cpudrv.sys ()
DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
DRV - (PSI) -- C:\WINDOWS\system32\drivers\psi_mf.sys (Secunia)
DRV - (NCHSSVAD) -- C:\WINDOWS\system32\drivers\nchssvad.sys (NCH Swift Sound)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (NTIDrvr) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (e1express) Intel(R) -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation)
DRV - (NAL) -- C:\WINDOWS\system32\drivers\iqvw32.sys (Intel Corporation )
DRV - (sfng32) -- C:\WINDOWS\system32\drivers\sfng32.sys (Sonic Focus, Inc)
DRV - (IAMTXP) Driver for Intel(R) -- C:\WINDOWS\system32\drivers\IAMTXP.sys (Intel Corporation)
DRV - (RxFilter) -- C:\WINDOWS\system32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (OsaFsLoc) -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys (OSA Technologies)
DRV - (cdudf_xp) -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys (Sonic Solutions)
DRV - (pwd_2k) -- C:\WINDOWS\System32\drivers\Pwd_2k.sys (Sonic Solutions)
DRV - (dvd_2K) -- C:\WINDOWS\System32\drivers\dvd_2k.sys (Sonic Solutions)
DRV - (mmc_2K) -- C:\WINDOWS\System32\drivers\mmc_2k.sys (Sonic Solutions)
DRV - (iaStor) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (drvmcdb) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (FVDSCSI) -- C:\WINDOWS\system32\drivers\fvdscsi.sys (FarStone Inc.)
DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (SMBios) Intel (R) -- C:\WINDOWS\system32\drivers\SMBios.sys (Intel Corporation)
DRV - (fcdabus) -- C:\WINDOWS\system32\drivers\fcdabus.sys (FarStone Inc.)
DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mymanitoba.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[2010/04/17 21:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Mozilla\Extensions
[2010/04/11 16:44:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bonham\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/04/17 21:02:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/15 11:04:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/15 11:04:22 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2002/01/09 00:26:42 | 000,319,488 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll

O1 HOSTS File: ([2010/04/28 22:13:19 | 000,381,116 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 209.216.253.186   www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.2   test3201.winmx.com test3205.winmx.com
O1 - Hosts: 205.238.40.2   test3202.winmx.com test3206.winmx.com
O1 - Hosts: 205.238.40.1   test3203.winmx.com test3207.winmx.com
O1 - Hosts: 205.238.40.1   test3204.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.2   c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 205.238.40.2   c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 205.238.40.2   c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 205.238.40.2   c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 205.238.40.2   c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 205.238.40.1   c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1   c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 205.238.40.1   c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 205.238.40.1   c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 205.238.40.2   c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.2   c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 205.238.40.2   c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 205.238.40.2   c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 205.238.40.2   c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 205.238.40.2   c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 205.238.40.1   c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 205.238.40.1   c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 205.238.40.1   c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 205.238.40.1   c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 13038 more lines...
O2 - BHO: (no name) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - No CLSID value found.
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (no name) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - No CLSID value found.
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ipTray.exe] C:\Program Files\Intel\IDU\iptray.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OCDLMgr] C:\Program Files\IZArc\OpenCandy\OCSetupHlp.dll (OpenCandy, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe (WhatPulse.org)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LaunchU3.exe.lnk = C:\WINDOWS\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe ()
O4 - Startup: C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\[email protected] = C:\Program Files\Folding@home\Folding@home-x86\[email protected] ()
O4 - Startup: C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\speedfan.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O4 - Startup: C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108799
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108799
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Mah%20Jong%20Medley/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1189528423203 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1189528318687 (MUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash5r42.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.2.10.2 72.2.10.4
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - Reg Error: Value error. File not found
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - Reg Error: Value error. File not found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/Bonham/LOCALS~1/Temp/msoclip1/01/clip_image002.gif
O24 - Desktop Components:1 () -
O24 - Desktop Components:2 () - file:///C:/Documents%20and%20Settings/Bonham/Local%20Settings/Application%20Data/IM/Runtime/Message/%7B74C62D20-1BC8-452C-B919-F9FAEBDDC056%7D/Forward/image0323232323232.jpg
O24 - Desktop Components:3 () -
O24 - Desktop Components:4 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Bonham\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bonham\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/17 01:03:13 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks)
Drivers32: vidc.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)

========== Files/Folders - Created Within 30 Days ==========

[2010/09/11 15:50:32 | 000,921,512 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Bonham\Desktop\Norton_Removal_Tool.exe
[2010/09/11 15:03:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Application Data\Intel
[2010/09/11 15:03:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel
[2010/09/11 15:01:11 | 000,970,752 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ismbun.exe
[2010/09/11 14:58:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Desktop\IDU_3.1.1.012
[2010/09/11 13:58:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/11 13:43:20 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bonham\Desktop\OTL.exe
[2010/09/10 00:57:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bonham\Recent
[2010/09/08 12:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Intel Corporation
[2010/09/03 18:28:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/09/02 20:26:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/09/02 20:00:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/09/01 21:38:50 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/09/01 21:36:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/09/01 21:36:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/09/01 21:36:35 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/09/01 21:36:35 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/09/01 21:36:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/31 13:37:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/31 13:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2010/08/31 13:36:54 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/08/31 13:36:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/08/31 13:36:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/03/27 09:24:12 | 000,648,064 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Program Files\autoruns.exe
[2009/03/27 09:24:12 | 000,540,544 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Program Files\autorunsc.exe

========== Files - Modified Within 30 Days ==========

[2010/09/11 15:50:54 | 000,921,512 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Bonham\Desktop\Norton_Removal_Tool.exe
[2010/09/11 15:33:55 | 000,162,182 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\topic,109580.0.html
[2010/09/11 15:13:29 | 000,001,057 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/11 15:13:29 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2010/09/11 15:13:29 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/11 15:12:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/11 15:09:18 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/11 15:07:27 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/09/11 15:07:26 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LaunchU3.exe.lnk
[2010/09/11 15:07:15 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/11 15:07:01 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/11 15:06:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/11 15:05:40 | 013,070,336 | ---- | M] () -- C:\Documents and Settings\Bonham\NTUSER.DAT
[2010/09/11 15:05:40 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Bonham\ntuser.ini
[2010/09/11 15:02:51 | 000,255,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/11 15:01:21 | 000,001,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Intel(R) Desktop Utilities.lnk
[2010/09/11 15:00:48 | 000,008,413 | ---- | M] (OSA Technologies, An Avocent Company) -- C:\WINDOWS\System32\drivers\osaio.sys
[2010/09/11 14:56:23 | 012,713,957 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\IDU_3.1.1.012.zip
[2010/09/11 13:43:35 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bonham\Desktop\OTL.exe
[2010/09/11 13:14:04 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Microsoft Word.lnk
[2010/09/11 12:24:37 | 006,228,992 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\911 photos - Never Forget !.pps
[2010/09/11 09:44:51 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Jumble, That Scrambled Word Game!.url
[2010/09/09 09:05:29 | 000,070,734 | ---- | M] () -- C:\Program Files\Storage Drives.JPG
[2010/09/09 08:48:11 | 000,049,244 | ---- | M] () -- C:\Program Files\autoruns.chm
[2010/09/08 23:57:40 | 002,643,698 | -H-- | M] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\IconCache.db
[2010/09/07 23:12:06 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/09/07 17:28:55 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/07 10:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/07 10:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/07 09:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/07 09:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/07 09:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/07 09:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/07 09:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/07 09:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/07 09:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/08/31 13:36:39 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/08/31 13:36:39 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/08/31 13:36:39 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/08/31 13:36:39 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/08/31 13:36:39 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/08/30 15:13:57 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/08/24 23:35:30 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\SpeedFan.lnk
[2010/08/24 23:35:29 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2010/08/24 23:27:59 | 000,070,696 | ---- | M] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/24 23:25:26 | 001,029,907 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\The Shopping Channel - Official Site.mht
[2010/08/24 09:27:15 | 000,016,603 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Nesco.jpg
[2010/08/23 19:21:31 | 000,002,459 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Microsoft PowerPoint.lnk
[2010/08/22 20:06:01 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\switchShakeIcon.job
[2010/08/17 21:53:40 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Computer Hope.url
[2010/08/16 21:35:31 | 000,002,471 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Microsoft Excel.lnk
[2010/08/16 13:37:29 | 001,585,152 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Invitation2.pps
[2010/08/16 12:43:45 | 000,478,665 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Bernie Vermette - Grand Mamou.wav.wav
[2010/08/15 23:30:37 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\Bonham\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/08/15 23:30:37 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2010/08/14 12:14:30 | 001,711,464 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\James Blunt- You Are Beaytiful.wav.wav

========== Files Created - No Company Name ==========

[2010/09/11 15:33:55 | 000,162,182 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\topic,109580.0.html
[2010/09/11 15:04:35 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\[email protected]
[2010/09/11 15:04:34 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\speedfan.lnk
[2010/09/11 15:01:21 | 000,001,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Intel(R) Desktop Utilities.lnk
[2010/09/11 14:54:43 | 012,713,957 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\IDU_3.1.1.012.zip
[2010/09/11 12:24:37 | 006,228,992 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\911 photos - Never Forget !.pps
[2010/09/09 09:05:29 | 000,070,734 | ---- | C] () -- C:\Program Files\Storage Drives.JPG
[2010/09/07 23:12:06 | 000,000,386 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/09/03 18:18:29 | 000,000,544 | ---- | C] () -- C:\Documents and Settings\Bonham\CFScript.txt
[2010/09/01 21:36:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/09/01 21:36:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/09/01 21:36:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/30 15:13:57 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/08/24 23:21:23 | 001,029,907 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\The Shopping Channel - Official Site.mht
[2010/08/24 09:28:02 | 000,016,603 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\Nesco.jpg
[2010/08/16 12:43:53 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\switchShakeIcon.job
[2010/08/16 12:43:42 | 000,478,665 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\Bernie Vermette - Grand Mamou.wav.wav
[2010/08/14 12:55:26 | 001,585,152 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\Invitation2.pps
[2010/08/14 12:27:50 | 001,711,464 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\James Blunt- You Are Beaytiful.wav.wav
[2010/07/16 23:04:48 | 000,019,724 | ---- | C] () -- C:\Program Files\FAHlog.txt
[2010/06/27 01:09:05 | 000,004,484 | ---- | C] () -- C:\WINDOWS\System32\drivers\cpuidlep.sys
[2010/04/06 22:25:53 | 000,327,002 | ---- | C] () -- C:\Program Files\Jumble.jpg
[2010/04/01 19:49:14 | 000,768,191 | ---- | C] () -- C:\Program Files\scan0001.pdf
[2010/04/01 19:29:53 | 005,613,568 | ---- | C] () -- C:\Program Files\Doc1.doc
[2010/03/11 11:17:20 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010/02/10 01:09:09 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll
[2010/02/10 01:09:09 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll
[2010/02/10 01:06:58 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2010/01/11 19:58:04 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\EEBAPI.dll
[2010/01/11 19:58:04 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\EEBDSCVR.dll
[2010/01/11 19:58:04 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\EBAPI.dll
[2010/01/11 19:19:51 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2010/01/08 13:10:43 | 000,005,212 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/11/26 14:03:47 | 000,000,221 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/08/03 01:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009/08/03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009/08/03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/12/16 16:46:54 | 000,049,244 | ---- | C] () -- C:\Program Files\autoruns.chm
[2008/03/16 23:51:57 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/19 19:15:05 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Bonham\Application Data\$_hpcst$.hpc
[2007/11/29 02:03:00 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/11/27 01:41:15 | 021,216,112 | ---- | C] () -- C:\Program Files\aaw2007.exe
[2007/11/21 17:41:08 | 000,550,690 | ---- | C] () -- C:\Program Files\sbstar11.exe
[2007/11/17 12:06:23 | 003,458,671 | ---- | C] () -- C:\Program Files\PCTuneUpSetup.exe
[2007/11/14 22:03:20 | 000,160,768 | ---- | C] () -- C:\WINDOWS\System32\midas11.dll
[2007/11/14 22:00:10 | 010,138,931 | ---- | C] () -- C:\Program Files\setupLE.exe
[2007/06/06 16:31:45 | 006,820,520 | ---- | C] () -- C:\Program Files\FirefoxGoogleToolbarSetup.exe
[2007/03/18 16:32:23 | 002,108,000 | ---- | C] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\rx_audio.Cache
[2007/03/15 21:59:33 | 001,529,264 | ---- | C] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\rx_image.Cache
[2007/03/11 22:52:47 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2007/03/10 22:36:13 | 000,000,247 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/03/10 00:13:44 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/05 19:22:24 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2007/03/04 12:31:52 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/03/02 20:44:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/03/01 22:40:12 | 000,000,171 | ---- | C] () -- C:\WINDOWS\EPSON CX3200 Installer.ini
[2007/02/27 16:24:19 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\fusioncache.dat
[2006/09/20 11:17:32 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\lpcio.dll
[2006/09/19 20:35:27 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/19 20:15:09 | 000,000,436 | R--- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/09/19 20:05:51 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/07/28 08:32:44 | 000,007,005 | ---- | C] () -- C:\Program Files\Eula.txt
[2005/12/01 17:05:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/11/14 15:40:28 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2005/11/10 12:30:04 | 003,596,288 | R--- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/15 13:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/07/15 13:35:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/11/30 05:10:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/02/05 08:05:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\VDExt800.dll
[2003/10/02 02:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 02:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/09/19 14:03:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\GDExt800.dll
[2003/09/04 17:49:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\VDExt712.dll
[2003/08/16 07:52:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\GDExt712.dll
[2003/07/30 07:19:24 | 000,006,397 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartCd.sys
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010/02/25 09:59:33 | 000,128,832 | ---- | M] () -- C:\aaw7boot.log
[2008/03/17 01:03:13 | 000,000,100 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/05/24 09:21:44 | 000,000,279 | ---- | M] () -- C:\Boot.bak
[2010/09/11 15:13:29 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2007/02/26 17:57:13 | 000,000,103 | ---- | M] () -- C:\BootErr.log
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2006/09/19 19:17:44 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/09/04 09:33:38 | 000,000,251 | ---- | M] () -- C:\INSTALL.LOG
[2010/04/09 00:34:00 | 000,016,264 | ---- | M] () -- C:\Install.log.txt
[2006/09/19 19:17:44 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/08/31 13:08:49 | 000,007,183 | ---- | M] () -- C:\JavaRa.log
[2006/09/19 19:17:44 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/10 17:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/07 09:40:25 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/11 15:06:49 | 3219,091,456 | -HS- | M] () -- C:\pagefile.sys
[2009/11/04 16:00:59 | 000,000,805 | ---- | M] () -- C:\rollback.ini
[2010/09/02 20:52:46 | 000,015,232 | ---- | M] () -- C:\RootRepeal report 09-02-10 (20-52-45).txt
[2010/02/17 14:46:52 | 000,198,086 | ---- | M] () -- C:\Sensors.JPG

< %systemroot%\Fonts\*.com >
[2006/04/18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004/08/10 10:00:00 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006/12/29 10:57:18 | 000,273,920 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp4v2.dll
[2007/11/05 20:06:06 | 000,278,016 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5mu.dll
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2010/09/07 10:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2007/11/27 01:38:27 | 021,216,112 | ---- | M] () -- C:\Program Files\aaw2007.exe
[2010/09/09 08:48:11 | 000,049,244 | ---- | M] () -- C:\Program Files\autoruns.chm
[2009/03/31 00:01:00 | 000,648,064 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Program Files\autoruns.exe
[2009/03/31 00:01:00 | 000,540,544 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Program Files\autorunsc.exe
[2010/04/01 19:29:54 | 005,613,568 | ---- | M] () -- C:\Program Files\Doc1.doc
[2009/03/31 00:01:00 | 000,007,005 | ---- | M] () -- C:\Program Files\Eula.txt
[2010/07/16 23:04:48 | 000,019,724 | ---- | M] () -- C:\Program Files\FAHlog.txt
[2007/06/06 16:31:45 | 006,820,520 | ---- | M] () -- C:\Program Files\FirefoxGoogleToolbarSetup.exe
[2010/04/06 22:25:53 | 000,327,002 | ---- | M] () -- C:\Program Files\Jumble.jpg
[2007/11/17 12:06:41 | 003,458,671 | ---- | M] () -- C:\Program Files\PCTuneUpSetup.exe
[2007/11/21 17:41:15 | 000,550,690 | ---- | M] () -- C:\Program Files\sbstar11.exe
[2010/04/01 19:49:14 | 000,768,191 | ---- | M] () -- C:\Program Files\scan0001.pdf
[2007/11/14 22:00:10 | 010,138,931 | ---- | M] () -- C:\Program Files\setupLE.exe
[2010/09/09 09:05:29 | 000,070,734 | ---- | M] () -- C:\Program Files\Storage Drives.JPG

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2006/09/19 15:08:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006/09/19 15:08:23 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006/09/19 15:08:23 | 000,909,312 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/09/07 09:49:37 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >
[2006/09/27 20:03:19 | 000,010,436 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\default.pls
[2006/09/27 22:33:13 | 000,000,240 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\UpdateLog.GDZ

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/03/25 00:51:32 | 000,000,170 | -HS- | M] () -- C:\Documents and Settings\Bonham\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2008/02/09 00:21:52 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Bonham\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2010/02/23 01:05:46 | 000,078,160 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Bonham\Desktop\AutoFix.exe
[2010/07/03 13:06:36 | 004,388,296 | ---- | M] (Foxit Software) -- C:\Documents and Settings\Bonham\Desktop\FoxitPDFEditor220.0205_enu_Setup.exe
[2010/09/11 15:50:54 | 000,921,512 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Bonham\Desktop\Norton_Removal_Tool.exe
[2010/09/11 13:43:35 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bonham\Desktop\OTL.exe
[2010/03/29 20:25:26 | 002,957,656 | ---- | M] (PKWARE, Inc.) -- C:\Documents and Settings\Bonham\Desktop\ZIPReader.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2004/08/10 10:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2007/02/26 17:50:09 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Bonham\Favorites\Desktop.ini
[2010/08/16 12:42:49 | 000,000,250 | ---- | M] () -- C:\Documents and Settings\Bonham\Favorites\NCH Audio and Telephony Software.lnk

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2008/02/14 11:32:54 | 000,000,008 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2009/04/02 22:54:13 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\Bonham\Cookies\desktop.ini
[2010/09/11 15:55:21 | 000,065,536 | -HS- | M] () -- C:\Documents and Settings\Bonham\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe
[3 C:\WINDOWS\inf\*.tmp files -> C:\WINDOWS\inf\*.tmp -> ]

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2004/08/04 07:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2007/11/20 21:19:12 | 000,005,120 | -HS- | M] () -- C:\Program Files\Messenger\Thumbs.db
[3 C:\Program Files\Messenger\*.tmp files -> C:\Program Files\Messenger\*.tmp -> ]

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-12 13:47:44

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:71173EF9
@Alternate Data Stream - 88 bytes -> C:\Program Files\autoruns.chm:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Bonham\Desktop\The Shopping Channel - Official Site.mht:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Bonham\Desktop\LG Manual.pdf:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Bonham\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf:SummaryInformation
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Bonham\My Documents\Word Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Bonham\My Documents\Excel Files:Roxio EMC Stream
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B879A65B
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0656FCD2
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B63300D1
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DA18FD1D
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:211ED887
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D68FBF6D
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
< End of report >

Broni · « **Reply #33 on:** September 11, 2010, 03:03:14 PM »

Quote

under C:\ProgramFiles\Intel, there used to be and IDU folder

You're perfectly fine. I can see:

Quote

C:\Program Files\Intel\Intel Desktop Utilities\iduServ.exe (Intel(R) Corporation)
C:\Program Files\Intel\Intel Desktop Utilities\iptray.exe (Intel(R) Corporation)

Same thing. Probably new version and you have Intel Desktop Utilities instead of IDU.

=========================================================

Uninstall Ask.com, as it's considered as an adware.

===========================================================

Run OTL

Under the [color="#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following

Code: [Select]

:OTL
DRV - (catchme) -- C:\DOCUME~1\Bonham\LOCALS~1\Temp\catchme.sys File not found
O2 - BHO: (no name) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - No CLSID value found.
O2 - BHO: (no name) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - No CLSID value found.
O4 - HKLM..\Run: [ipTray.exe] C:\Program Files\Intel\IDU\iptray.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - Reg Error: Value error. File not found
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - Reg Error: Value error. File not found
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - Reg Error: Key error. File not found
[2010/09/01 21:36:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[3 C:\WINDOWS\inf\*.tmp files -> C:\WINDOWS\inf\*.tmp -> ]
[3 C:\Program Files\Messenger\*.tmp files -> C:\Program Files\Messenger\*.tmp -> ]
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:71173EF9
@Alternate Data Stream - 88 bytes -> C:\Program Files\autoruns.chm:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Bonham\Desktop\The Shopping Channel - Official Site.mht:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Bonham\Desktop\LG Manual.pdf:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Bonham\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf:SummaryInformation
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Bonham\My Documents\Word Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Bonham\My Documents\Excel Files:Roxio EMC Stream
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B879A65B
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0656FCD2
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B63300D1
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DA18FD1D
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:211ED887
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D68FBF6D
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
[Reboot]

Then click the [color="#FF0000"]Run Fix[/color] button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

overthehill · « **Reply #34 on:** September 11, 2010, 03:25:50 PM »

Broni. As requested.
All processes killed
========== OTL ==========
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\DOCUME~1\Bonham\LOCALS~1\Temp\catchme.sys File not found not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9AA2F14F-E956-44B8-8694-A5B615CDF341}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AA2F14F-E956-44B8-8694-A5B615CDF341}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ipTray.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\dvd\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12D51199-0DB5-46FE-A120-47A3D7D937CC}\ deleted successfully.
File {12D51199-0DB5-46FE-A120-47A3D7D937CC} - Reg Error: Value error. File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tv\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}\ deleted successfully.
File {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - Reg Error: Value error. File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{4F07DA45-8170-4859-9B5F-037EF2970034} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F07DA45-8170-4859-9B5F-037EF2970034}\ not found.
C:\Qoobox\TestC folder moved successfully.
C:\Qoobox\Test folder moved successfully.
C:\Qoobox\Quarantine\Registry_backups folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32 folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\Bonham\Local Settings folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\Bonham folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings folder moved successfully.
C:\Qoobox\Quarantine\C folder moved successfully.
C:\Qoobox\Quarantine folder moved successfully.
C:\Qoobox\LastRun folder moved successfully.
C:\Qoobox\BackEnv folder moved successfully.
C:\Qoobox folder moved successfully.
C:\WINDOWS\inf\SET4B3.tmp deleted successfully.
C:\WINDOWS\inf\SET4EE.tmp deleted successfully.
C:\WINDOWS\inf\SET8C2.tmp deleted successfully.
C:\Program Files\Messenger\SET295.tmp deleted successfully.
C:\Program Files\Messenger\SET43.tmp deleted successfully.
C:\Program Files\Messenger\uninst0.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:71173EF9 deleted successfully.
ADS C:\Program Files\autoruns.chm:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\Bonham\Desktop\The Shopping Channel - Official Site.mht:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\Bonham\Desktop\LG Manual.pdf:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\Bonham\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\Bonham\My Documents\Word Files:Roxio EMC Stream deleted successfully.
ADS C:\Documents and Settings\Bonham\My Documents\Excel Files:Roxio EMC Stream deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:B879A65B deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0656FCD2 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:B63300D1 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DA18FD1D deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:211ED887 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D68FBF6D deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Bonham
->Temp folder emptied: 22561786 bytes
->Temporary Internet Files folder emptied: 18763154 bytes
->Java cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 70984 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 40.00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Bonham
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.12.0 log created on 09112010_163556

Files\Folders moved on Reboot...
C:\Documents and Settings\Bonham\Local Settings\Temporary Internet Files\Content.IE5\RLB0N3HL\board,9.0[1].html moved successfully.
C:\Documents and Settings\Bonham\Local Settings\Temporary Internet Files\Content.IE5\GJPO5G5T\index[5].htm moved successfully.
C:\Documents and Settings\Bonham\Local Settings\Temporary Internet Files\Content.IE5\GJPO5G5T\topic,109562.30[1].html moved successfully.
File\Folder C:\Documents and Settings\Bonham\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat not found!
File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!

Registry entries deleted on Reboot...

Quick Scan
OTL logfile created on: 9/11/2010 4:43:49 PM - Run 11
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\Bonham\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 81.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 230.42 Gb Total Space | 202.89 Gb Free Space | 88.05% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WINXP_MCE
Current User Name: Bonham
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Bonham\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
PRC - C:\Program Files\Common Files\EPSON\eEBAPI\eEBSvc.exe ()
PRC - C:\Program Files\Common Files\EPSON\eEBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Intel\Intel Desktop Utilities\iduServ.exe (Intel(R) Corporation)
PRC - C:\Program Files\Folding@home\Folding@home-x86\FahCore_78.exe ()
PRC - C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe (Motorola)
PRC - C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe ()
PRC - C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
PRC - C:\Program Files\IncrediMail\bin\ImApp.exe (IncrediMail, Ltd.)
PRC - C:\Program Files\WhatPulse\WhatPulse.exe (WhatPulse.org)
PRC - C:\Program Files\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Program Files\Folding@home\Folding@home-x86\[email protected] ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe ()
PRC - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe (Sonic Solutions)
PRC - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe (Sonic Solutions)
PRC - C:\Program Files\SpywareGuard\sgmain.exe ()
PRC - C:\Program Files\SpywareGuard\sgbhp.exe ()

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Bonham\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll (BillP Studios)

========== Win32 Services (SafeList) ==========

SRV - (AWService) -- C:\Program Files\Intel\IDU\awServ.exe File not found
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (EpsonBidirectionalService) -- C:\Program Files\Common Files\EPSON\eEBAPI\eEBSvc.exe ()
SRV - (EPSONStatusAgent2) -- C:\Program Files\Common Files\EPSON\eEBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
SRV - (IduService) Intel(R) -- C:\Program Files\Intel\Intel Desktop Utilities\iduServ.exe (Intel(R) Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (MotoConnect Service) -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe ()
SRV - (RoxLiveShare) -- C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe (Sonic Solutions)
SRV - (RoxMediaDB) -- C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe (Sonic Solutions)
SRV - (RoxWatch) -- C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe (Sonic Solutions)
SRV - (RoxUPnPRenderer) -- C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe (Sonic Solutions)
SRV - (RoxUpnpServer) -- C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe (Sonic Solutions)

========== Driver Services (SafeList) ==========

DRV - (SABProcEnum) -- C:\Program Files\Internet Explorer\SABProcEnum.sys File not found
DRV - (PCASp50) -- C:\WINDOWS\System32\Drivers\PCASp50.sys File not found
DRV - (NVIDIAHWAccess) -- C:\Documents and Settings\Bonham\Application Data\NVIDIA\HWAccess.sys File not found
DRV - (Lbd) -- C:\WINDOWS\System32\DRIVERS\Lbd.sys File not found
DRV - (osaio) -- C:\WINDOWS\system32\drivers\osaio.sys (OSA Technologies, An Avocent Company)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (cpuidlep) -- C:\WINDOWS\System32\drivers\cpuidlep.sys ()
DRV - (smbusp) Intel(R) -- C:\WINDOWS\system32\drivers\intelsmb.sys (Intel Corporation)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (cpudrv) -- C:\Program Files\SystemRequirementsLab\cpudrv.sys ()
DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
DRV - (PSI) -- C:\WINDOWS\system32\drivers\psi_mf.sys (Secunia)
DRV - (NCHSSVAD) -- C:\WINDOWS\system32\drivers\nchssvad.sys (NCH Swift Sound)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (NTIDrvr) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (e1express) Intel(R) -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation)
DRV - (NAL) -- C:\WINDOWS\system32\drivers\iqvw32.sys (Intel Corporation )
DRV - (sfng32) -- C:\WINDOWS\system32\drivers\sfng32.sys (Sonic Focus, Inc)
DRV - (IAMTXP) Driver for Intel(R) -- C:\WINDOWS\system32\drivers\IAMTXP.sys (Intel Corporation)
DRV - (RxFilter) -- C:\WINDOWS\system32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (OsaFsLoc) -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys (OSA Technologies)
DRV - (cdudf_xp) -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys (Sonic Solutions)
DRV - (pwd_2k) -- C:\WINDOWS\System32\drivers\Pwd_2k.sys (Sonic Solutions)
DRV - (dvd_2K) -- C:\WINDOWS\System32\drivers\dvd_2k.sys (Sonic Solutions)
DRV - (mmc_2K) -- C:\WINDOWS\System32\drivers\mmc_2k.sys (Sonic Solutions)
DRV - (iaStor) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (drvmcdb) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (FVDSCSI) -- C:\WINDOWS\system32\drivers\fvdscsi.sys (FarStone Inc.)
DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (SMBios) Intel (R) -- C:\WINDOWS\system32\drivers\SMBios.sys (Intel Corporation)
DRV - (fcdabus) -- C:\WINDOWS\system32\drivers\fcdabus.sys (FarStone Inc.)
DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mymanitoba.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[2010/04/17 21:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Mozilla\Extensions
[2010/04/11 16:44:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bonham\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/04/17 21:02:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/15 11:04:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/15 11:04:22 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2002/01/09 00:26:42 | 000,319,488 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll

O1 HOSTS File: ([2010/09/11 16:36:14 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OCDLMgr] C:\Program Files\IZArc\OpenCandy\OCSetupHlp.dll (OpenCandy, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe (WhatPulse.org)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LaunchU3.exe.lnk = C:\WINDOWS\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe ()
O4 - Startup: C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\[email protected] = C:\Program Files\Folding@home\Folding@home-x86\[email protected] ()
O4 - Startup: C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\speedfan.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O4 - Startup: C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108799
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108799
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Mah%20Jong%20Medley/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1189528423203 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1189528318687 (MUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash5r42.cab (Shockwave Flash Object)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.2.10.2 72.2.10.4
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/Bonham/LOCALS~1/Temp/msoclip1/01/clip_image002.gif
O24 - Desktop Components:1 () -
O24 - Desktop Components:2 () - file:///C:/Documents%20and%20Settings/Bonham/Local%20Settings/Application%20Data/IM/Runtime/Message/%7B74C62D20-1BC8-452C-B919-F9FAEBDDC056%7D/Forward/image0323232323232.jpg
O24 - Desktop Components:3 () -
O24 - Desktop Components:4 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Bonham\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bonham\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/17 01:03:13 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/09/11 15:50:32 | 000,921,512 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Bonham\Desktop\Norton_Removal_Tool.exe
[2010/09/11 15:03:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Application Data\Intel
[2010/09/11 15:03:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel
[2010/09/11 14:58:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Desktop\IDU_3.1.1.012
[2010/09/11 13:58:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/11 13:43:20 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bonham\Desktop\OTL.exe
[2010/09/10 00:57:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bonham\Recent
[2010/09/08 12:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Intel Corporation
[2010/09/03 18:28:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/09/02 20:26:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/09/02 20:00:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/09/01 21:38:50 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/09/01 21:36:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/09/01 21:36:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/09/01 21:36:35 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/09/01 21:36:35 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/08/31 13:37:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/31 13:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2010/07/20 21:47:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Application Data\Foxit Software
[2010/07/18 02:06:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Local Settings\Application Data\OpenCandy
[2010/07/18 00:10:21 | 000,000,000 | ---D | C] -- C:\Program Files\Motherboard Monitor 5
[2010/07/17 22:51:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Application Data\OpenCandy
[2010/07/17 12:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Application Data\SUPERAntiSpyware.com
[2010/07/03 13:06:36 | 004,388,296 | ---- | C] (Foxit Software) -- C:\Documents and Settings\Bonham\Desktop\FoxitPDFEditor220.0205_enu_Setup.exe
[2010/06/28 22:41:30 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/06/26 23:48:30 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2009/03/27 09:24:12 | 000,648,064 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Program Files\autoruns.exe
[2009/03/27 09:24:12 | 000,540,544 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Program Files\autorunsc.exe

========== Files - Modified Within 90 Days ==========

[2010/09/11 16:40:41 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/11 16:39:22 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/09/11 16:39:22 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LaunchU3.exe.lnk
[2010/09/11 16:38:34 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/11 16:38:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/11 16:38:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/11 16:37:24 | 013,070,336 | ---- | M] () -- C:\Documents and Settings\Bonham\NTUSER.DAT
[2010/09/11 16:36:14 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/09/11 16:12:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/11 15:50:54 | 000,921,512 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Bonham\Desktop\Norton_Removal_Tool.exe
[2010/09/11 15:33:55 | 000,162,182 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\topic,109580.0.html
[2010/09/11 15:13:29 | 000,001,057 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/11 15:13:29 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2010/09/11 15:13:29 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/11 15:05:40 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Bonham\ntuser.ini
[2010/09/11 15:02:51 | 000,255,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/11 15:01:21 | 000,001,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Intel(R) Desktop Utilities.lnk
[2010/09/11 15:00:48 | 000,008,413 | ---- | M] (OSA Technologies, An Avocent Company) -- C:\WINDOWS\System32\drivers\osaio.sys
[2010/09/11 14:56:23 | 012,713,957 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\IDU_3.1.1.012.zip
[2010/09/11 13:43:35 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bonham\Desktop\OTL.exe
[2010/09/11 13:14:04 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Microsoft Word.lnk
[2010/09/11 12:24:37 | 006,228,992 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\911 photos - Never Forget !.pps
[2010/09/11 09:44:51 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Jumble, That Scrambled Word Game!.url
[2010/09/09 09:05:29 | 000,070,734 | ---- | M] () -- C:\Program Files\Storage Drives.JPG
[2010/09/09 08:48:11 | 000,049,244 | ---- | M] () -- C:\Program Files\autoruns.chm
[2010/09/08 23:57:40 | 002,643,698 | -H-- | M] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\IconCache.db
[2010/09/07 23:12:06 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/09/07 17:28:55 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/07 10:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/07 10:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/07 09:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/07 09:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/07 09:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/07 09:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/07 09:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/07 09:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/07 09:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/08/30 15:13:57 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/08/24 23:35:30 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\SpeedFan.lnk
[2010/08/24 23:35:29 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2010/08/24 23:27:59 | 000,070,696 | ---- | M] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/24 23:25:26 | 001,029,907 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\The Shopping Channel - Official Site.mht
[2010/08/24 09:27:15 | 000,016,603 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Nesco.jpg
[2010/08/23 19:21:31 | 000,002,459 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Microsoft PowerPoint.lnk
[2010/08/22 20:06:01 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\switchShakeIcon.job
[2010/08/17 21:53:40 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Computer Hope.url
[2010/08/16 21:35:31 | 000,002,471 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Microsoft Excel.lnk
[2010/08/16 13:37:29 | 001,585,152 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Invitation2.pps
[2010/08/16 12:43:45 | 000,478,665 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Bernie Vermette - Grand Mamou.wav.wav
[2010/08/15 23:30:37 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\Bonham\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/08/15 23:30:37 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2010/08/14 12:14:30 | 001,711,464 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\James Blunt- You Are Beaytiful.wav.wav
[2010/08/11 22:43:28 | 000,494,888 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/11 22:43:28 | 000,436,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/11 22:43:28 | 000,069,716 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/10 00:18:52 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/26 23:21:12 | 000,000,342 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\My eBay.url
[2010/07/21 11:03:39 | 000,045,787 | ---- | M] () -- C:\Documents and Settings\Bonham\My Documents\Proud to be Canadian.gif
[2010/07/21 00:04:20 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\You might be right.doc
[2010/07/17 23:07:03 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\IZArc.lnk
[2010/07/17 20:17:31 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Amazing Half Time Show.doc
[2010/07/17 18:29:18 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Any Video Converter.lnk
[2010/07/17 17:41:41 | 000,000,901 | ---- | M] () -- C:\Documents and Settings\Bonham\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2010/07/17 17:41:41 | 000,000,883 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2010/07/11 09:09:23 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\speedfan.lnk
[2010/07/03 13:06:36 | 004,388,296 | ---- | M] (Foxit Software) -- C:\Documents and Settings\Bonham\Desktop\FoxitPDFEditor220.0205_enu_Setup.exe
[2010/07/02 01:01:31 | 000,112,128 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Folding July 1 2010.xls
[2010/06/27 01:09:05 | 000,004,484 | ---- | M] () -- C:\WINDOWS\System32\drivers\cpuidlep.sys

========== Files Created - No Company Name ==========

[2010/09/11 15:33:55 | 000,162,182 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\topic,109580.0.html
[2010/09/11 15:04:35 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\[email protected]
[2010/09/11 15:04:34 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\speedfan.lnk
[2010/09/11 15:01:21 | 000,001,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Intel(R) Desktop Utilities.lnk
[2010/09/11 14:54:43 | 012,713,957 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\IDU_3.1.1.012.zip
[2010/09/11 12:24:37 | 006,228,992 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\911 photos - Never Forget !.pps
[2010/09/09 09:05:29 | 000,070,734 | ---- | C] () -- C:\Program Files\Storage Drives.JPG
[2010/09/07 23:12:06 | 000,000,386 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/09/03 18:18:29 | 000,000,544 | ---- | C] () -- C:\Documents and Settings\Bonham\CFScript.txt
[2010/09/01 21:36:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/09/01 21:36:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/09/01 21:36:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/30 15:13:57 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/08/24 23:21:23 | 001,029,907 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\The Shopping Channel - Official Site.mht
[2010/08/24 09:28:02 | 000,016,603 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\Nesco.jpg
[2010/08/16 12:43:53 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\switchShakeIcon.job
[2010/08/16 12:43:42 | 000,478,665 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\Bernie Vermette - Grand Mamou.wav.wav
[2010/08/14 12:55:26 | 001,585,152 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\Invitation2.pps
[2010/08/14 12:27:50 | 001,711,464 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\James Blunt- You Are Beaytiful.wav.wav
[2010/07/21 11:06:04 | 000,045,787 | ---- | C] () -- C:\Documents and Settings\Bonham\My Documents\Proud to be Canadian.gif
[2010/07/21 00:04:19 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\You might be right.doc
[2010/07/17 20:35:06 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\Amazing Half Time Show.doc
[2010/07/16 23:04:48 | 000,019,724 | ---- | C] () -- C:\Program Files\FAHlog.txt
[2010/07/03 16:59:39 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2010/07/02 00:35:02 | 000,112,128 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\Folding July 1 2010.xls
[2010/06/27 01:09:05 | 000,004,484 | ---- | C] () -- C:\WINDOWS\System32\drivers\cpuidlep.sys
[2010/06/26 23:48:31 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\SpeedFan.lnk
[2010/06/18 13:47:36 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2010/04/06 22:25:53 | 000,327,002 | ---- | C] () -- C:\Program Files\Jumble.jpg
[2010/04/01 19:49:14 | 000,768,191 | ---- | C] () -- C:\Program Files\scan0001.pdf
[2010/04/01 19:29:53 | 005,613,568 | ---- | C] () -- C:\Program Files\Doc1.doc
[2010/03/11 11:17:20 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010/02/10 01:09:09 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll
[2010/02/10 01:09:09 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll
[2010/02/10 01:06:58 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2010/01/11 19:58:04 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\EEBAPI.dll
[2010/01/11 19:58:04 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\EEBDSCVR.dll
[2010/01/11 19:58:04 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\EBAPI.dll
[2010/01/11 19:19:51 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2010/01/08 13:10:43 | 000,005,212 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/11/26 14:03:47 | 000,000,221 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/08/03 01:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009/08/03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009/08/03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/12/16 16:46:54 | 000,049,244 | ---- | C] () -- C:\Program Files\autoruns.chm
[2008/03/16 23:51:57 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/19 19:15:05 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Bonham\Application Data\$_hpcst$.hpc
[2007/11/29 02:03:00 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/11/27 01:41:15 | 021,216,112 | ---- | C] () -- C:\Program Files\aaw2007.exe
[2007/11/21 17:41:08 | 000,550,690 | ---- | C] () -- C:\Program Files\sbstar11.exe
[2007/11/17 12:06:23 | 003,458,671 | ---- | C] () -- C:\Program Files\PCTuneUpSetup.exe
[2007/11/14 22:03:20 | 000,160,768 | ---- | C] () -- C:\WINDOWS\System32\midas11.dll
[2007/11/14 22:00:10 | 010,138,931 | ---- | C] () -- C:\Program Files\setupLE.exe
[2007/06/06 16:31:45 | 006,820,520 | ---- | C] () -- C:\Program Files\FirefoxGoogleToolbarSetup.exe
[2007/03/18 16:32:23 | 002,108,000 | ---- | C] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\rx_audio.Cache
[2007/03/15 21:59:33 | 001,529,264 | ---- | C] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\rx_image.Cache
[2007/03/11 22:52:47 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2007/03/10 22:36:13 | 000,000,247 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/03/10 00:13:44 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/05 19:22:24 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2007/03/04 12:31:52 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/03/02 20:44:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/03/01 22:40:12 | 000,000,171 | ---- | C] () -- C:\WINDOWS\EPSON CX3200 Installer.ini
[2007/02/27 16:24:19 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\fusioncache.dat
[2006/09/20 11:17:32 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\lpcio.dll
[2006/09/19 20:35:27 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/19 20:15:09 | 000,000,436 | R--- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/09/19 20:05:51 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/07/28 08:32:44 | 000,007,005 | ---- | C] () -- C:\Program Files\Eula.txt
[2005/12/01 17:05:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/11/14 15:40:28 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2005/11/10 12:30:04 | 003,596,288 | R--- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/15 13:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/07/15 13:35:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/11/30 05:10:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/02/05 08:05:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\VDExt800.dll
[2003/10/02 02:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 02:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/09/19 14:03:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\GDExt800.dll
[2003/09/04 17:49:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\VDExt712.dll
[2003/08/16 07:52:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\GDExt712.dll
[2003/07/30 07:19:24 | 000,006,397 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartCd.sys
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010/02/10 00:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/02/23 11:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2007/03/04 12:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2008/06/05 10:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/02/28 00:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2007/12/23 12:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eBay
[2010/03/29 19:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileCure
[2008/07/12 09:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2008/03/12 11:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/03/12 11:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2009/04/17 22:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2007/10/25 11:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2009/04/09 16:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/05/20 12:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Novatel Wireless
[2010/02/24 02:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/04/21 22:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2009/12/05 19:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlotSoft
[2007/03/16 00:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2008/01/21 18:01:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2010/04/24 00:29:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2010/08/09 22:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/16 01:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\USBSRService
[2007/12/29 14:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WholeSecurity
[2010/03/27 23:01:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\AnvSoft
[2010/03/25 16:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Auslogics
[2008/02/23 11:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Babylon
[2007/04/01 16:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Backup MyPC
[2007/12/24 14:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\eBay
[2010/02/12 20:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\EPSON
[2006/09/19 20:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\FarStone
[2010/09/09 08:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Folding@home-x86
[2009/03/30 16:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Foxit
[2010/07/20 21:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Foxit Software
[2010/04/01 21:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\FreeMoviesToDVD
[2010/03/27 22:36:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\GetGo Software
[2009/02/07 00:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\GlarySoft
[2010/03/11 18:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Image Zone Express
[2010/06/03 23:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\IObit
[2007/04/01 16:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Leadertech
[2010/03/25 23:05:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\LockHunter
[2010/04/09 12:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\MxBoost
[2009/04/10 01:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\NCH Swift Sound
[2010/04/19 09:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\NesterSoft
[2009/02/13 21:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\NewspaperDirect
[2010/07/17 22:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\OpenCandy
[2010/02/10 19:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Opera
[2010/03/22 11:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\PC Magazine Utilities
[2010/02/28 20:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Printer Info Cache
[2007/03/15 23:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\River Past G5
[2007/04/09 16:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\SlipStream
[2009/04/17 21:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\SpinTop
[2010/04/11 16:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Thunderbird
[2010/04/24 00:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Toolbar4
[2010/02/15 22:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Uniblue
[2010/04/16 01:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\USBSafelyRemove
[2010/03/11 10:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Video Converter for Any Flv Player
[2010/05/22 21:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\WhatPulse
[2010/06/05 00:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\WinPatrol
[2010/09/07 23:12:06 | 000,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job
[2010/08/22 20:06:01 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job

========== Purity Check ==========

< End of report >

Broni · « **Reply #35 on:** September 11, 2010, 03:37:53 PM »

Still same problem?

overthehill · « **Reply #36 on:** September 11, 2010, 03:50:15 PM »

I'm afraid so. Don't really know what my alternatives are. I don't have the XP OS disk. What they gave me were 4 Recovery (XP) disks and upgrade Vista OS disk. And, not sure that I wanta go there(Vista)?
overthehill

Broni · « **Reply #37 on:** September 11, 2010, 03:56:29 PM »

Is Intel Desktop Utilities listed in Add\Remove?
If so, uninstall it, leave it that way for now and see your CD/DVD drive access is back.
Restart computer after uninstalling.

overthehill · « **Reply #38 on:** September 11, 2010, 04:07:10 PM »

Tried that. Same results. overthehill

Broni · « **Reply #39 on:** September 11, 2010, 04:22:00 PM »

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64-bit users go HERE

Double-click SystemLook.exe to run it.
Vista users:: Right click on SystemLook.exe, click Run As Administrator
Copy the content of the following box into the main textfield:

Code: [Select]

:reg
HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider /s

Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

overthehill · « **Reply #40 on:** September 11, 2010, 04:36:29 PM »

As requested.overthehill

SystemLook 04.09.10 by jpshortstuff
Log created at 17:59 on 11/09/2010 by Bonham
Administrator - Elevation successful

========== reg ==========

[HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider]
(No values found)

[HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider\S-1-5-21-3912740996-3383120692-1400082210-1004]
(Unable to open key)

[HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider\S-1-5-21-3912740996-3383120692-1400082210-500]
"Migrate"= 0x0000000002 (2)

[HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider\S-1-5-21-3912740996-3383120692-1400082210-500\Data]
"Blocking"=01 00 00 00 2c 03 49 56 1e 50 35 c9 42 96 b9 a1 69 79 0a 2a 87 24 64 77 28 c3 cf ac (REG_BINARY)

[HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider\S-1-5-21-3912740996-3383120692-1400082210-500\Data\14d96c20-255b-11d1-898f-00c04fb6bfc4]
"Display String"="InfoDelivery"

[HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider\S-1-5-21-3912740996-3383120692-1400082210-500\Data\14d96c20-255b-11d1-898f-00c04fb6bfc4\00000000-0000-0000-0000-000000000000]
"Display String"="Subscriptions"

[HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider\S-1-5-21-3912740996-3383120692-1400082210-500\Data\89c39569-6841-11d2-9f59-0000f8085266]
"Display String"="IdentityMgr"

[HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider\S-1-5-21-3912740996-3383120692-1400082210-500\Data\89c39569-6841-11d2-9f59-0000f8085266\600abcad-d4ea-4928-ac75-e366246f0c56]
"Display String"="Identities"

[HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider\S-1-5-21-3912740996-3383120692-1400082210-500\Data\89c39569-6841-11d2-9f59-0000f8085266\600abcad-d4ea-4928-ac75-e366246f0c56\IdentitiesPass]
"Behavior"=02 00 00 00 02 00 00 00 10 00 00 00 57 00 69 00 6e 00 64 00 6f 00 77 00 73 00 00 00 14 00 00 00 dd 09 45 15 b7 f0 3d a4 ca d3 15 58 28 84 96 91 24 4a 07 a6 (REG_BINARY)
"Item Data"=02 00 00 00 18 00 00 00 32 c0 36 31 a8 37 61 61 5c 37 c9 ed 8e 2f 05 94 98 df 56 7d c6 62 45 56 38 00 00 00 65 e6 b4 4a f2 c4 e7 c0 b4 52 88 e7 71 76 b7 08 1c 3d 32 a8 58 8e de 0b df 30 92 ac d8 c5 38 a8 78 7c 79 24 86 8f 55 cf 42 88 c4 9e 58 55 ab dc 01 1e 93 71 19 9c d8 12 (REG_BINARY)

[HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider\S-1-5-21-3912740996-3383120692-1400082210-500\Data 2]
(No values found)

[HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider\S-1-5-21-3912740996-3383120692-1400082210-500\Data 2\Windows]
"Value"=01 00 00 00 1c 00 00 00 03 00 00 00 7c 72 21 56 b2 3e f5 d1 fc d5 46 eb 11 78 37 5d f8 6b 1d 0a a8 eb f7 9d 10 00 00 00 86 b2 d8 b2 5b ec f3 b6 83 e8 f1 74 eb 4e 1c a8 14 00 00 00 02 34 8a d6 f1 d5 07 24 87 48 bd ef a7 12 87 9b 02 63 5d ad (REG_BINARY)

-= EOF =-

Broni · « **Reply #41 on:** September 11, 2010, 04:55:45 PM »

OK, I found one more possible culprit....

Run OTL

Under the [color="#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following

Code: [Select]

:OTL
SRV - (AWService) -- C:\Program Files\Intel\IDU\awServ.exe File not found

:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]

Then click the [color="#FF0000"]Run Fix[/color] button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

overthehill · « **Reply #42 on:** September 11, 2010, 05:15:17 PM »

As requested.overthehill

All processes killed
========== OTL ==========
Service AWService stopped successfully!
Service AWService deleted successfully!
File C:\Program Files\Intel\IDU\awServ.exe File not found not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Bonham
->Temp folder emptied: 1368926 bytes
->Temporary Internet Files folder emptied: 2877779 bytes
->Java cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18538 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 4.00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Bonham
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.12.0 log created on 09112010_182850

Files\Folders moved on Reboot...
C:\Documents and Settings\Bonham\Local Settings\Temporary Internet Files\Content.IE5\ZH0BH8VB\index[4].htm moved successfully.
C:\Documents and Settings\Bonham\Local Settings\Temporary Internet Files\Content.IE5\KZK3KZLW\index[6].htm moved successfully.
C:\Documents and Settings\Bonham\Local Settings\Temporary Internet Files\Content.IE5\131KIXRU\board,9.0[2].html moved successfully.
C:\Documents and Settings\Bonham\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!

Registry entries deleted on Reboot...

OTL logfile created on: 9/11/2010 6:35:05 PM - Run 12
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\Bonham\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 82.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 230.42 Gb Total Space | 202.86 Gb Free Space | 88.04% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WINXP_MCE
Current User Name: Bonham
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Bonham\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
PRC - C:\Program Files\Common Files\EPSON\eEBAPI\eEBSvc.exe ()
PRC - C:\Program Files\Common Files\EPSON\eEBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Folding@home\Folding@home-x86\FahCore_78.exe ()
PRC - C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe (Motorola)
PRC - C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe ()
PRC - C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
PRC - C:\Program Files\IncrediMail\bin\ImApp.exe (IncrediMail, Ltd.)
PRC - C:\Program Files\WhatPulse\WhatPulse.exe (WhatPulse.org)
PRC - C:\Program Files\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Program Files\Folding@home\Folding@home-x86\[email protected] ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe ()
PRC - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe (Sonic Solutions)
PRC - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe (Sonic Solutions)
PRC - C:\Program Files\SpywareGuard\sgmain.exe ()
PRC - C:\Program Files\SpywareGuard\sgbhp.exe ()

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Bonham\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll (BillP Studios)

========== Win32 Services (SafeList) ==========

SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (EpsonBidirectionalService) -- C:\Program Files\Common Files\EPSON\eEBAPI\eEBSvc.exe ()
SRV - (EPSONStatusAgent2) -- C:\Program Files\Common Files\EPSON\eEBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (MotoConnect Service) -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe ()
SRV - (RoxLiveShare) -- C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe (Sonic Solutions)
SRV - (RoxMediaDB) -- C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe (Sonic Solutions)
SRV - (RoxWatch) -- C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe (Sonic Solutions)
SRV - (RoxUPnPRenderer) -- C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe (Sonic Solutions)
SRV - (RoxUpnpServer) -- C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe (Sonic Solutions)

========== Driver Services (SafeList) ==========

DRV - (SABProcEnum) -- C:\Program Files\Internet Explorer\SABProcEnum.sys File not found
DRV - (PCASp50) -- C:\WINDOWS\System32\Drivers\PCASp50.sys File not found
DRV - (NVIDIAHWAccess) -- C:\Documents and Settings\Bonham\Application Data\NVIDIA\HWAccess.sys File not found
DRV - (Lbd) -- C:\WINDOWS\System32\DRIVERS\Lbd.sys File not found
DRV - (osaio) -- C:\WINDOWS\system32\drivers\osaio.sys (OSA Technologies, An Avocent Company)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (cpuidlep) -- C:\WINDOWS\System32\drivers\cpuidlep.sys ()
DRV - (smbusp) Intel(R) -- C:\WINDOWS\system32\drivers\intelsmb.sys (Intel Corporation)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (cpudrv) -- C:\Program Files\SystemRequirementsLab\cpudrv.sys ()
DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
DRV - (PSI) -- C:\WINDOWS\system32\drivers\psi_mf.sys (Secunia)
DRV - (NCHSSVAD) -- C:\WINDOWS\system32\drivers\nchssvad.sys (NCH Swift Sound)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (NTIDrvr) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (e1express) Intel(R) -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation)
DRV - (NAL) -- C:\WINDOWS\system32\drivers\iqvw32.sys (Intel Corporation )
DRV - (sfng32) -- C:\WINDOWS\system32\drivers\sfng32.sys (Sonic Focus, Inc)
DRV - (IAMTXP) Driver for Intel(R) -- C:\WINDOWS\system32\drivers\IAMTXP.sys (Intel Corporation)
DRV - (RxFilter) -- C:\WINDOWS\system32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (OsaFsLoc) -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys (OSA Technologies)
DRV - (cdudf_xp) -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys (Sonic Solutions)
DRV - (pwd_2k) -- C:\WINDOWS\System32\drivers\Pwd_2k.sys (Sonic Solutions)
DRV - (dvd_2K) -- C:\WINDOWS\System32\drivers\dvd_2k.sys (Sonic Solutions)
DRV - (mmc_2K) -- C:\WINDOWS\System32\drivers\mmc_2k.sys (Sonic Solutions)
DRV - (iaStor) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (drvmcdb) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (FVDSCSI) -- C:\WINDOWS\system32\drivers\fvdscsi.sys (FarStone Inc.)
DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (SMBios) Intel (R) -- C:\WINDOWS\system32\drivers\SMBios.sys (Intel Corporation)
DRV - (fcdabus) -- C:\WINDOWS\system32\drivers\fcdabus.sys (FarStone Inc.)
DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mymanitoba.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[2010/04/17 21:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Mozilla\Extensions
[2010/04/11 16:44:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bonham\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/04/17 21:02:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/15 11:04:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/15 11:04:22 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2002/01/09 00:26:42 | 000,319,488 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll

O1 HOSTS File: ([2010/09/11 16:36:14 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OCDLMgr] C:\Program Files\IZArc\OpenCandy\OCSetupHlp.dll (OpenCandy, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe (WhatPulse.org)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LaunchU3.exe.lnk = C:\WINDOWS\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe ()
O4 - Startup: C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\[email protected] = C:\Program Files\Folding@home\Folding@home-x86\[email protected] ()
O4 - Startup: C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\speedfan.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O4 - Startup: C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108799
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108799
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Mah%20Jong%20Medley/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1189528423203 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1189528318687 (MUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash5r42.cab (Shockwave Flash Object)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.2.10.2 72.2.10.4
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/Bonham/LOCALS~1/Temp/msoclip1/01/clip_image002.gif
O24 - Desktop Components:1 () -
O24 - Desktop Components:2 () - file:///C:/Documents%20and%20Settings/Bonham/Local%20Settings/Application%20Data/IM/Runtime/Message/%7B74C62D20-1BC8-452C-B919-F9FAEBDDC056%7D/Forward/image0323232323232.jpg
O24 - Desktop Components:3 () -
O24 - Desktop Components:4 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Bonham\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bonham\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/17 01:03:13 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/09/11 15:50:32 | 000,921,512 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Bonham\Desktop\Norton_Removal_Tool.exe
[2010/09/11 15:03:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Application Data\Intel
[2010/09/11 15:03:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel
[2010/09/11 14:58:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Desktop\IDU_3.1.1.012
[2010/09/11 13:58:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/11 13:43:20 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bonham\Desktop\OTL.exe
[2010/09/10 00:57:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bonham\Recent
[2010/09/08 12:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Intel Corporation
[2010/09/03 18:28:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/09/02 20:26:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/09/02 20:00:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/09/01 21:38:50 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/09/01 21:36:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/09/01 21:36:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/09/01 21:36:35 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/09/01 21:36:35 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/08/31 13:37:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/31 13:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2010/07/20 21:47:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Application Data\Foxit Software
[2010/07/18 02:06:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Local Settings\Application Data\OpenCandy
[2010/07/18 00:10:21 | 000,000,000 | ---D | C] -- C:\Program Files\Motherboard Monitor 5
[2010/07/17 22:51:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Application Data\OpenCandy
[2010/07/17 12:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bonham\Application Data\SUPERAntiSpyware.com
[2010/07/03 13:06:36 | 004,388,296 | ---- | C] (Foxit Software) -- C:\Documents and Settings\Bonham\Desktop\FoxitPDFEditor220.0205_enu_Setup.exe
[2010/06/28 22:41:30 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/06/26 23:48:30 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2009/03/27 09:24:12 | 000,648,064 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Program Files\autoruns.exe
[2009/03/27 09:24:12 | 000,540,544 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Program Files\autorunsc.exe

========== Files - Modified Within 90 Days ==========

[2010/09/11 18:33:15 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/11 18:31:54 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/09/11 18:31:53 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LaunchU3.exe.lnk
[2010/09/11 18:31:09 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/11 18:31:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/11 18:30:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/11 18:30:00 | 013,070,336 | ---- | M] () -- C:\Documents and Settings\Bonham\NTUSER.DAT
[2010/09/11 18:12:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/11 17:57:54 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\SystemLook.exe
[2010/09/11 17:26:55 | 000,253,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/11 16:36:14 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/09/11 15:50:54 | 000,921,512 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Bonham\Desktop\Norton_Removal_Tool.exe
[2010/09/11 15:33:55 | 000,162,182 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\topic,109580.0.html
[2010/09/11 15:13:29 | 000,001,057 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/11 15:13:29 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2010/09/11 15:13:29 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/11 15:05:40 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Bonham\ntuser.ini
[2010/09/11 15:00:48 | 000,008,413 | ---- | M] (OSA Technologies, An Avocent Company) -- C:\WINDOWS\System32\drivers\osaio.sys
[2010/09/11 14:56:23 | 012,713,957 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\IDU_3.1.1.012.zip
[2010/09/11 13:43:35 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bonham\Desktop\OTL.exe
[2010/09/11 13:14:04 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Microsoft Word.lnk
[2010/09/11 12:24:37 | 006,228,992 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\911 photos - Never Forget !.pps
[2010/09/11 09:44:51 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Jumble, That Scrambled Word Game!.url
[2010/09/09 09:05:29 | 000,070,734 | ---- | M] () -- C:\Program Files\Storage Drives.JPG
[2010/09/09 08:48:11 | 000,049,244 | ---- | M] () -- C:\Program Files\autoruns.chm
[2010/09/08 23:57:40 | 002,643,698 | -H-- | M] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\IconCache.db
[2010/09/07 23:12:06 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/09/07 17:28:55 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/07 10:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/07 10:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/07 09:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/07 09:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/07 09:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/07 09:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/07 09:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/07 09:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/07 09:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/08/30 15:13:57 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/08/24 23:35:30 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\SpeedFan.lnk
[2010/08/24 23:35:29 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2010/08/24 23:27:59 | 000,070,696 | ---- | M] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/24 23:25:26 | 001,029,907 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\The Shopping Channel - Official Site.mht
[2010/08/24 09:27:15 | 000,016,603 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Nesco.jpg
[2010/08/23 19:21:31 | 000,002,459 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Microsoft PowerPoint.lnk
[2010/08/22 20:06:01 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\switchShakeIcon.job
[2010/08/17 21:53:40 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Computer Hope.url
[2010/08/16 21:35:31 | 000,002,471 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Microsoft Excel.lnk
[2010/08/16 13:37:29 | 001,585,152 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Invitation2.pps
[2010/08/16 12:43:45 | 000,478,665 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Bernie Vermette - Grand Mamou.wav.wav
[2010/08/15 23:30:37 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\Bonham\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/08/15 23:30:37 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2010/08/14 12:14:30 | 001,711,464 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\James Blunt- You Are Beaytiful.wav.wav
[2010/08/11 22:43:28 | 000,494,888 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/11 22:43:28 | 000,436,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/11 22:43:28 | 000,069,716 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/10 00:18:52 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/26 23:21:12 | 000,000,342 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\My eBay.url
[2010/07/21 11:03:39 | 000,045,787 | ---- | M] () -- C:\Documents and Settings\Bonham\My Documents\Proud to be Canadian.gif
[2010/07/21 00:04:20 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\You might be right.doc
[2010/07/17 23:07:03 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\IZArc.lnk
[2010/07/17 20:17:31 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Amazing Half Time Show.doc
[2010/07/17 18:29:18 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Any Video Converter.lnk
[2010/07/17 17:41:41 | 000,000,901 | ---- | M] () -- C:\Documents and Settings\Bonham\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2010/07/17 17:41:41 | 000,000,883 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2010/07/11 09:09:23 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\speedfan.lnk
[2010/07/03 13:06:36 | 004,388,296 | ---- | M] (Foxit Software) -- C:\Documents and Settings\Bonham\Desktop\FoxitPDFEditor220.0205_enu_Setup.exe
[2010/07/02 01:01:31 | 000,112,128 | ---- | M] () -- C:\Documents and Settings\Bonham\Desktop\Folding July 1 2010.xls
[2010/06/27 01:09:05 | 000,004,484 | ---- | M] () -- C:\WINDOWS\System32\drivers\cpuidlep.sys

========== Files Created - No Company Name ==========

[2010/09/11 17:57:54 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\SystemLook.exe
[2010/09/11 15:33:55 | 000,162,182 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\topic,109580.0.html
[2010/09/11 15:04:35 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\[email protected]
[2010/09/11 15:04:34 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\Bonham\Start Menu\Programs\Startup\speedfan.lnk
[2010/09/11 14:54:43 | 012,713,957 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\IDU_3.1.1.012.zip
[2010/09/11 12:24:37 | 006,228,992 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\911 photos - Never Forget !.pps
[2010/09/09 09:05:29 | 000,070,734 | ---- | C] () -- C:\Program Files\Storage Drives.JPG
[2010/09/07 23:12:06 | 000,000,386 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/09/03 18:18:29 | 000,000,544 | ---- | C] () -- C:\Documents and Settings\Bonham\CFScript.txt
[2010/09/01 21:36:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/09/01 21:36:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/09/01 21:36:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/30 15:13:57 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/08/24 23:21:23 | 001,029,907 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\The Shopping Channel - Official Site.mht
[2010/08/24 09:28:02 | 000,016,603 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\Nesco.jpg
[2010/08/16 12:43:53 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\switchShakeIcon.job
[2010/08/16 12:43:42 | 000,478,665 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\Bernie Vermette - Grand Mamou.wav.wav
[2010/08/14 12:55:26 | 001,585,152 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\Invitation2.pps
[2010/08/14 12:27:50 | 001,711,464 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\James Blunt- You Are Beaytiful.wav.wav
[2010/07/21 11:06:04 | 000,045,787 | ---- | C] () -- C:\Documents and Settings\Bonham\My Documents\Proud to be Canadian.gif
[2010/07/21 00:04:19 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\You might be right.doc
[2010/07/17 20:35:06 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\Amazing Half Time Show.doc
[2010/07/16 23:04:48 | 000,019,724 | ---- | C] () -- C:\Program Files\FAHlog.txt
[2010/07/03 16:59:39 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2010/07/02 00:35:02 | 000,112,128 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\Folding July 1 2010.xls
[2010/06/27 01:09:05 | 000,004,484 | ---- | C] () -- C:\WINDOWS\System32\drivers\cpuidlep.sys
[2010/06/26 23:48:31 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Bonham\Desktop\SpeedFan.lnk
[2010/06/18 13:47:36 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2010/04/06 22:25:53 | 000,327,002 | ---- | C] () -- C:\Program Files\Jumble.jpg
[2010/04/01 19:49:14 | 000,768,191 | ---- | C] () -- C:\Program Files\scan0001.pdf
[2010/04/01 19:29:53 | 005,613,568 | ---- | C] () -- C:\Program Files\Doc1.doc
[2010/03/11 11:17:20 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010/02/10 01:09:09 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll
[2010/02/10 01:09:09 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll
[2010/02/10 01:06:58 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2010/01/11 19:58:04 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\EEBAPI.dll
[2010/01/11 19:58:04 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\EEBDSCVR.dll
[2010/01/11 19:58:04 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\EBAPI.dll
[2010/01/11 19:19:51 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2010/01/08 13:10:43 | 000,005,212 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/11/26 14:03:47 | 000,000,221 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/08/03 01:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009/08/03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009/08/03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009/08/03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/12/16 16:46:54 | 000,049,244 | ---- | C] () -- C:\Program Files\autoruns.chm
[2008/03/16 23:51:57 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/19 19:15:05 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Bonham\Application Data\$_hpcst$.hpc
[2007/11/29 02:03:00 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/11/27 01:41:15 | 021,216,112 | ---- | C] () -- C:\Program Files\aaw2007.exe
[2007/11/21 17:41:08 | 000,550,690 | ---- | C] () -- C:\Program Files\sbstar11.exe
[2007/11/17 12:06:23 | 003,458,671 | ---- | C] () -- C:\Program Files\PCTuneUpSetup.exe
[2007/11/14 22:03:20 | 000,160,768 | ---- | C] () -- C:\WINDOWS\System32\midas11.dll
[2007/11/14 22:00:10 | 010,138,931 | ---- | C] () -- C:\Program Files\setupLE.exe
[2007/06/06 16:31:45 | 006,820,520 | ---- | C] () -- C:\Program Files\FirefoxGoogleToolbarSetup.exe
[2007/03/18 16:32:23 | 002,108,000 | ---- | C] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\rx_audio.Cache
[2007/03/15 21:59:33 | 001,529,264 | ---- | C] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\rx_image.Cache
[2007/03/11 22:52:47 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2007/03/10 22:36:13 | 000,000,247 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/03/10 00:13:44 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/05 19:22:24 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2007/03/04 12:31:52 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/03/02 20:44:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/03/01 22:40:12 | 000,000,171 | ---- | C] () -- C:\WINDOWS\EPSON CX3200 Installer.ini
[2007/02/27 16:24:19 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Bonham\Local Settings\Application Data\fusioncache.dat
[2006/09/20 11:17:32 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\lpcio.dll
[2006/09/19 20:35:27 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/19 20:15:09 | 000,000,436 | R--- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/09/19 20:05:51 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/07/28 08:32:44 | 000,007,005 | ---- | C] () -- C:\Program Files\Eula.txt
[2005/12/01 17:05:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/11/14 15:40:28 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2005/11/10 12:30:04 | 003,596,288 | R--- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/15 13:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/07/15 13:35:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/11/30 05:10:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/02/05 08:05:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\VDExt800.dll
[2003/10/02 02:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 02:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/09/19 14:03:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\GDExt800.dll
[2003/09/04 17:49:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\VDExt712.dll
[2003/08/16 07:52:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\GDExt712.dll
[2003/07/30 07:19:24 | 000,006,397 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartCd.sys
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010/02/10 00:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/02/23 11:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2007/03/04 12:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2008/06/05 10:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/02/28 00:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2007/12/23 12:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eBay
[2010/03/29 19:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileCure
[2008/07/12 09:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2008/03/12 11:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/03/12 11:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2009/04/17 22:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2007/10/25 11:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2009/04/09 16:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/05/20 12:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Novatel Wireless
[2010/02/24 02:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/04/21 22:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2009/12/05 19:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlotSoft
[2007/03/16 00:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2008/01/21 18:01:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2010/04/24 00:29:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2010/08/09 22:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/16 01:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\USBSRService
[2007/12/29 14:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WholeSecurity
[2010/03/27 23:01:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\AnvSoft
[2010/03/25 16:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Auslogics
[2008/02/23 11:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Babylon
[2007/04/01 16:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Backup MyPC
[2007/12/24 14:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\eBay
[2010/02/12 20:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\EPSON
[2006/09/19 20:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\FarStone
[2010/09/09 08:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Folding@home-x86
[2009/03/30 16:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Foxit
[2010/07/20 21:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Foxit Software
[2010/04/01 21:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\FreeMoviesToDVD
[2010/03/27 22:36:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\GetGo Software
[2009/02/07 00:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\GlarySoft
[2010/03/11 18:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Image Zone Express
[2010/06/03 23:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\IObit
[2007/04/01 16:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Leadertech
[2010/03/25 23:05:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\LockHunter
[2010/04/09 12:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\MxBoost
[2009/04/10 01:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\NCH Swift Sound
[2010/04/19 09:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\NesterSoft
[2009/02/13 21:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\NewspaperDirect
[2010/07/17 22:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\OpenCandy
[2010/02/10 19:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Opera
[2010/03/22 11:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\PC Magazine Utilities
[2010/02/28 20:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Printer Info Cache
[2007/03/15 23:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\River Past G5
[2007/04/09 16:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\SlipStream
[2009/04/17 21:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\SpinTop
[2010/04/11 16:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Thunderbird
[2010/04/24 00:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Toolbar4
[2010/02/15 22:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Uniblue
[2010/04/16 01:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\USBSafelyRemove
[2010/03/11 10:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\Video Converter for Any Flv Player
[2010/05/22 21:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\WhatPulse
[2010/06/05 00:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bonham\Application Data\WinPatrol
[2010/09/07 23:12:06 | 000,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job
[2010/08/22 20:06:01 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job

========== Purity Check ==========

< End of report >

Broni · « **Reply #43 on:** September 11, 2010, 05:18:46 PM »

Did you restart computer?
If not, do so.
Same problem?

overthehill · « **Reply #44 on:** September 11, 2010, 05:29:13 PM »

Yes,Broni. Same problem. overthehill

Computer Hope Forum

News:

Author Topic: Restriction Warning (Read 24855 times)

overthehill

Re: Restriction Warning

Broni

Re: Restriction Warning

overthehill

Re: Restriction Warning

Broni

Re: Restriction Warning

overthehill

Re: Restriction Warning

Broni

Re: Restriction Warning

overthehill

Re: Restriction Warning

Broni

Re: Restriction Warning

overthehill

Re: Restriction Warning

Broni

Re: Restriction Warning

overthehill

Re: Restriction Warning

Broni

Re: Restriction Warning

overthehill

Re: Restriction Warning

Broni

Re: Restriction Warning

overthehill

Re: Restriction Warning