Solved Generic Host Process for Win32 has encountered a problem

The computer seems to be behaving much better. I don't get the Generic Host error anymore as I said and it connects to the internet automatically now too which it wasn't doing before and in fact put up a fight when I tried to make it connect. It has started making a loud beep sound from inside the body of the machine when it connects or comes up with a notification, I don't know what that's about!
One thing I have noticed is that if I plug my ipod in on a USB cable it doesn't charge. My UBS memory stick works fine on the same socket though.

I shall now follow the instructions in the previous post.

 

I didn't do it safe mode so got the blue screen. I'll download a fresh version and do it again in safe mode.

 

ComboFix 11-05-06.01 - Gary Dixon 06/05/2011 20:52:54.8.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.340 [GMT 1:00]
Running from: c:\documents and settings\Gary Dixon\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Gary Dixon\Desktop\CFScript.txt
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\ccrpTmr6.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-04-06 to 2011-05-06 )))))))))))))))))))))))))))))))
.
.
2011-05-05 20:44 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-05 20:44 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-01 12:05 . 2011-05-01 12:05 339968 ----a-w- c:\windows\system32\RapportBuka.dll
2011-04-29 11:44 . 2011-04-29 11:44 -------- d-----w- c:\documents and settings\Gary Dixon\Local Settings\Application Data\Trusteer
2011-04-28 17:39 . 2011-04-28 17:39 -------- d-----w- c:\documents and settings\Gary Dixon\Application Data\ElevatedDiagnostics
2011-04-28 14:57 . 2011-04-28 14:57 -------- d-----w- c:\windows\system32\wbem\Repository
2011-04-28 13:34 . 2011-04-28 13:34 53816 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2011-04-27 10:50 . 2011-04-28 14:55 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2011-04-14 08:01 . 2011-04-15 08:55 -------- d-----w- C:\D1_32
2011-04-10 16:59 . 2011-04-10 16:59 -------- d-----w- c:\documents and settings\Gary Dixon\Local Settings\Application Data\Thinstall
2011-04-10 16:59 . 2011-04-10 16:59 -------- d-----w- c:\documents and settings\Gary Dixon\Application Data\Thinstall
2011-04-10 16:58 . 2011-04-10 17:08 -------- d-----w- c:\program files\Microsoft Visio 2007 Portable
2011-04-09 15:50 . 2006-05-08 12:33 237568 ----a-w- c:\windows\system32\glut32.dll
2011-04-09 15:03 . 2011-04-09 15:03 -------- d-----w- c:\documents and settings\Gary Dixon\Application Data\Smaart
2011-04-07 14:15 . 2008-11-10 10:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2011-04-07 14:15 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2011-04-07 14:11 . 2011-04-07 14:11 -------- d-----w- c:\program files\Microsoft.NET
2011-04-07 14:08 . 2011-04-07 14:42 -------- d-----w- c:\windows\SHELLNEW
2011-04-07 14:07 . 2011-04-07 14:07 -------- d-----w- c:\documents and settings\Gary Dixon\Local Settings\Application Data\Microsoft Help
2011-04-07 14:07 . 2011-04-20 14:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2011-04-07 14:06 . 2011-04-07 14:06 -------- d-----r- C:\MSOCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-05 06:51 . 2004-08-03 21:59 95360 ----a-w- c:\windows\system32\drivers\atapi.sys
2011-03-07 05:33 . 2004-08-10 12:02 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37 . 2004-08-10 11:51 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21 . 2004-08-10 11:51 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:06 . 2004-08-10 11:51 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06 . 2004-08-10 11:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06 . 2004-08-10 11:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2004-08-10 11:51 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2006-09-21 12:07 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2004-08-10 11:51 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:32 . 2009-04-16 11:29 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2004-08-10 11:50 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-11 13:25 . 2004-08-10 12:01 229888 ----a-w- c:\windows\system32\fxscover.exe
2011-02-09 13:53 . 2004-08-10 11:51 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-10 11:51 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2004-08-10 11:51 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2004-08-10 11:51 974848 ----a-w- c:\windows\system32\mfc42u.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-06_09.47.28 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-05-01 20:16 . 2011-05-06 07:26 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2011-05-01 20:16 . 2011-05-06 16:07 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2006-09-25 17:05 . 2011-05-06 16:07 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2006-09-25 17:05 . 2011-05-06 07:26 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-05-06 12:01 . 2011-05-06 16:07 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-08 68856]
"LDM "= "c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-02-08 36864]
"TomTomHOME.exe "= "c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-03-09 247728]
"AdobeUpdater "= "c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2009-01-05 2356088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray "= "c:\windows\system32\igfxtray.exe" [2005-12-13 98304]
"igfxhkcmd "= "c:\windows\system32\hkcmd.exe" [2005-12-13 77824]
"igfxpers "= "c:\windows\system32\igfxpers.exe" [2005-12-13 118784]
"SigmatelSysTrayApp "= "stsystra.exe" [2006-03-24 282624]
"SynTPEnh "= "c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"Dell QuickSet "= "c:\program files\Dell\QuickSet\quickset.exe" [2006-06-29 1032192]
"IntelZeroConfig "= "c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 667718]
"IntelWireless "= "c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 602182]
"DVDLauncher "= "c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 49152]
"CTSVolFE.exe "= "c:\program files\Creative\Mixer\CTSVolFE.exe" [2005-02-23 57344]
"DMXLauncher "= "c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016]
"dla "= "c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup "= "c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler "= "c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]
"RealTray "= "c:\program files\Real\RealPlayer\RealPlay.exe" [2006-09-21 26112]
"LogitechCommunicationsManager "= "c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 284184]
"LogitechQuickCamRibbon "= "c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-11-15 746520]
"LVCOMSX "= "c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-11-15 244512]
"Adobe Reader Speed Launcher "= "c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AppleSyncNotifier "= "c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"MobileConnect "= "c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2008-03-13 2060288]
"MSKDetectorExe "= "c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 1121792]
"M-Audio Taskbar Icon "= "c:\windows\System32\M-AudioTaskBarIcon.exe" [2008-05-15 356864]
"SunJavaUpdateSched "= "c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"mcui_exe "= "c:\program files\McAfee.com\Agent\mcagent.exe" [2011-01-17 1193848]
"QuickTime Task "= "c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"iTunesHelper "= "c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
"DivXUpdate "= "c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-02-15 1230704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE "= "c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Gary Dixon\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Dell Network Assistant.lnk - c:\windows\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB3.exe [2006-9-21 7168]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-9-21 24576]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-2-8 196608]
Lotus Organizer EasyClip.lnk - c:\lotus\organize\easyclip.exe [2000-5-19 87040]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=" "
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=" "
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@= "Driver "
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring "=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring "=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe "=
"c:\\WINDOWS\\system32\\dpvsetup.exe "=
"c:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe "=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe "=
"c:\\Program Files\\Meyer Sound\\Compass\\Resources\\Data\\VirtualGalileoDaemon.exe "=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe "=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe "=
"c:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe "=
"c:\\Program Files\\Skype\\Phone\\Skype.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe "=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe "=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE "=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10421:UDP "= 10421:UDP:SingleClick Discovery Protocol
"10426:UDP "= 10426:UDP:SingleClick ICC
.
R3 zte_mf651_dc_enum;ZTE Mobile Connect DC Enumerator;c:\windows\system32\drivers\zte_mf651_dc_enum.sys [06/11/2009 13:59 80128]
S0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [28/04/2011 14:34 53816]
S1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [02/09/2010 13:01 84072]
S1 RapportBuka;RapportBuka;c:\windows\system32\drivers\RapportBuka.sys [04/03/2010 11:32 390528]
S1 RapportCerberus_26169;RapportCerberus_26169;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\26169\RapportCerberus_26169.sys [02/05/2011 11:49 57144]
S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [28/04/2011 14:34 66360]
S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [28/04/2011 14:34 158904]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [20/08/2009 12:07 233472]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [05/02/2010 12:24 135664]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [09/01/2010 17:12 88176]
S2 McMPFSvc;McAfee Personal Firewall Service; "c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [02/09/2010 13:00 271480]
S2 McNaiAnn;McAfee VirusScan Announcer; "c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [02/09/2010 13:00 271480]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [02/09/2010 13:03 188136]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [02/09/2010 13:01 141792]
S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [28/04/2011 14:34 870200]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [09/03/2011 13:30 92592]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [13/03/2008 20:08 24576]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [02/09/2010 13:01 55840]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [20/08/2009 12:07 36608]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [05/02/2010 12:24 135664]
S3 MAUSBFASTTRACKULTRA;Service for M-Audio Fast Track Ultra;c:\windows\system32\DRIVERS\MAudioFastTrackUltra.sys --> c:\windows\system32\DRIVERS\MAudioFastTrackUltra.sys [?]
S3 MAUSBRI;M-Audio Fast Track Ultra Service;c:\windows\system32\drivers\mausbftu.sys [08/03/2010 18:32 135944]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [02/09/2010 13:01 313288]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [02/09/2010 13:01 88544]
S3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [02/09/2010 13:01 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [02/09/2010 13:01 84264]
S3 RDID1046;EDIROL UA-25;c:\windows\system32\drivers\Rdwm1046.sys [18/02/2008 14:25 172401]
S3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;c:\windows\system32\drivers\tascusb2.sys [03/07/2008 15:14 396192]
S3 TASCAM_US122L_MIDI;TASCAM US-122L WDM MIDI Device;c:\windows\system32\drivers\tscusb2m.sys [03/07/2008 15:14 10752]
S3 TASCAM_US122L_WDM;TASCAM US-122L WDM;c:\windows\system32\drivers\tscusb2a.sys [03/07/2008 15:14 19904]
S3 US122;US122 Driver;c:\windows\system32\drivers\US122.sys [30/07/2004 12:49 131968]
S3 US122DL;US122 Firmware Downloader;c:\windows\system32\drivers\US122DL.sys [30/07/2004 13:02 18304]
S3 Us122WdmService;US122 Wdm Audio;c:\windows\system32\drivers\US122Wdm.sys [30/07/2004 12:49 39168]
S3 zte_mf651_cdc_acm;ZTE Mobile Connect CDC-ACM driver;c:\windows\system32\drivers\zte_mf651_cdc_acm.sys [06/11/2009 13:59 85248]
S3 zte_mf651_cdc_ecm;zte_mf651_cdc_ecm;c:\windows\system32\drivers\zte_mf651_cdc_ecm.sys [06/11/2009 13:59 49920]
S3 zte_mf651_cpo;ZTE Mobile Connect Mass Storage Device;c:\windows\system32\drivers\zte_mf651_cpo.sys [06/11/2009 13:59 9856]
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
.
2011-05-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 11:23]
.
2011-05-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 11:23]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
uInternet Connection Wizard,ShellNext = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=0060921
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-06 21:05
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101 "
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled "=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@= "c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe "
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker4 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
Completion time: 2011-05-06 21:12:07
ComboFix-quarantined-files.txt 2011-05-06 20:12
ComboFix2.txt 2011-05-06 09:53
.
Pre-Run: 18,215,718,912 bytes free
Post-Run: 18,202,910,720 bytes free
.
- - End Of File - - 2C02C545A2EFC96E829AC7E3A79C9B78

 

I already have OTL on my desktop, do I need to re-download it?

 

Again, too many characters so split into 2.

OTL logfile created on: 06/05/2011 21:56:05 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Gary Dixon\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

502.00 Mb Total Physical Memory | 145.00 Mb Available Physical Memory | 29.00% Memory free
1.00 Gb Paging File | 0.00 Gb Available in Paging File | 36.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.68 Gb Total Space | 16.50 Gb Free Space | 31.31% Space Free | Partition Type: NTFS
Drive D: | 17.21 Gb Total Space | 16.49 Gb Free Space | 95.85% Space Free | Partition Type: NTFS

Computer Name: GARYDIXON | User Name: Gary Dixon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/05 00:05:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gary Dixon\Desktop\OTL.exe
PRC - [2011/04/28 14:34:42 | 001,550,136 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2011/04/28 14:34:42 | 000,870,200 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/03/09 13:30:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011/03/09 13:30:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/01/17 17:15:32 | 001,193,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/11/12 15:17:32 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2010/11/12 15:17:32 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2010/09/04 13:09:24 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2009/04/07 09:39:44 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008/05/15 18:45:26 | 000,356,864 | ---- | M] (Avid Technology, Inc.) -- C:\WINDOWS\system32\M-AudioTaskBarIcon.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/13 20:08:58 | 000,024,576 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2008/02/08 19:32:32 | 000,036,864 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2007/08/27 18:12:28 | 001,082,664 | ---- | M] (SingleClick Systems) -- C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
PRC - [2007/08/27 16:36:34 | 000,111,912 | ---- | M] (SingleClick Systems) -- C:\Program Files\Dell Network Assistant\hnm_svc.exe
PRC - [2006/11/15 23:03:36 | 000,109,344 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2006/11/15 23:01:52 | 000,244,512 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
PRC - [2006/11/15 22:58:40 | 000,746,520 | ---- | M] () -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
PRC - [2006/11/15 22:57:20 | 000,171,544 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2006/10/31 02:03:48 | 000,284,184 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
PRC - [2006/09/21 13:45:38 | 000,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2006/06/29 12:13:32 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/06/29 12:12:34 | 000,376,832 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/05/01 09:34:00 | 000,262,217 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2006/05/01 09:28:26 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2006/05/01 09:28:06 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2006/05/01 09:26:14 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/03/24 23:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/02/23 15:57:24 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Mixer\CTSVolFE.exe
PRC - [2005/01/27 01:02:00 | 000,086,016 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2003/04/06 02:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
PRC - [2000/05/19 22:54:06 | 000,087,040 | ---- | M] (Lotus Development Corporation) -- C:\Lotus\organize\EasyClip.exe


========== Modules (SafeList) ==========

MOD - [2011/05/05 00:05:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gary Dixon\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/02/08 19:32:15 | 000,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Gary Dixon\Local Settings\temp\IadHide5.dll
MOD - [2006/11/15 23:03:24 | 000,092,960 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
MOD - [2006/06/29 12:13:50 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2005/12/13 23:39:58 | 000,073,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/04/28 14:34:42 | 000,870,200 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/03/09 13:30:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/11/12 15:17:32 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/11/12 15:17:32 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 21:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/09/04 13:09:24 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2009/04/07 09:39:44 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/03/13 20:08:58 | 000,024,576 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2007/08/27 16:36:34 | 000,111,912 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\Program Files\Dell Network Assistant\hnm_svc.exe -- (hnmsvc)
SRV - [2006/11/15 23:05:40 | 000,101,152 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006/11/15 23:03:36 | 000,109,344 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2006/06/29 12:12:34 | 000,376,832 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/05/01 09:34:00 | 000,262,217 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)


========== Driver Services (SafeList) ==========

DRV - [2011/05/02 11:49:20 | 000,057,144 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\26169\RapportCerberus_26169.sys -- (RapportCerberus_26169)
DRV - [2011/04/28 14:34:50 | 000,066,360 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/04/28 14:34:50 | 000,053,816 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/04/28 14:34:48 | 000,158,904 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/11/12 15:17:32 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/11/12 15:17:32 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/11/12 15:17:32 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/11/12 15:17:32 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/11/12 15:17:32 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/11/12 15:17:32 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/11/12 15:17:32 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/11/12 15:17:32 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/11/12 15:17:32 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/11/12 15:17:32 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/03/04 11:32:15 | 000,390,528 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\RapportBuka.sys -- (RapportBuka)
DRV - [2009/11/06 13:59:46 | 000,085,248 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zte_mf651_cdc_acm.sys -- (zte_mf651_cdc_acm)
DRV - [2009/11/06 13:59:46 | 000,049,920 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zte_mf651_cdc_ecm.sys -- (zte_mf651_cdc_ecm)
DRV - [2009/11/06 13:59:44 | 000,080,128 | ---- | M] (ZTE) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\zte_mf651_dc_enum.sys -- (zte_mf651_dc_enum)
DRV - [2009/11/06 13:59:44 | 000,009,856 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zte_mf651_cpo.sys -- (zte_mf651_cpo)
DRV - [2009/04/07 09:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/01/09 15:25:34 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/01/08 12:55:36 | 000,135,944 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mausbftu.sys -- (MAUSBRI)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/08/29 15:50:48 | 000,039,168 | ---- | M] (Frontier Design Group, LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\US122Wdm.sys -- (Us122WdmService)
DRV - [2007/08/29 15:50:34 | 000,018,304 | ---- | M] (Frontier Design Group) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\US122DL.sys -- (US122DL)
DRV - [2007/08/29 15:50:02 | 000,131,968 | ---- | M] (Frontier Design Group, LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\US122.sys -- (US122)
DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/02/01 17:24:42 | 000,075,776 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2006/12/18 18:01:20 | 000,012,672 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\packet.sys -- (Packet)
DRV - [2006/11/15 23:03:12 | 000,024,736 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2006/11/15 23:02:50 | 001,962,912 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2006/11/15 23:00:56 | 001,678,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006/11/11 04:48:00 | 000,040,352 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2006/11/11 04:43:49 | 000,487,328 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2006/10/25 03:54:00 | 000,396,192 | R--- | M] (TASCAM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tascusb2.sys -- (TASCAM_US122144)
DRV - [2006/10/25 03:54:00 | 000,019,904 | R--- | M] (TASCAM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tscusb2a.sys -- (TASCAM_US122L_WDM)
DRV - [2006/10/25 03:54:00 | 000,010,752 | R--- | M] (TASCAM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tscusb2m.sys -- (TASCAM_US122L_MIDI)
DRV - [2006/09/28 05:56:20 | 000,172,401 | ---- | M] (Roland Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rdwm1046.sys -- (RDID1046)
DRV - [2006/09/21 13:45:41 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/05/01 09:52:02 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/04/26 23:13:04 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2006/03/24 23:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/01/10 12:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/10/14 15:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 15:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 15:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/05 16:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/22 03:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 03:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 03:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/10/08 02:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/06/09 09:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DDMI2.sys -- (SDDMI2)
DRV - [2004/02/13 16:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2003/11/11 14:09:48 | 000,057,372 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2003/11/11 14:09:32 | 000,024,177 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2000/06/16 16:12:00 | 000,017,784 | ---- | M] (Syncrosoft Hard- und Software GmbH) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\NSynas32.sys -- (Nsynas32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://uk.red.clientapps.yahoo.com/...s/*http://uk.docs.yahoo.com/info/bt_side.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=0060921
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=0060921

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2

FF - HKLM\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/03/21 11:22:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/03/21 11:22:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/05/06 11:51:48 | 000,000,000 | ---D | M]

[2008/08/09 20:51:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gary Dixon\Application Data\Mozilla\Extensions
[2008/08/09 20:51:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gary Dixon\Application Data\Mozilla\Extensions\home2@tomtom.com
[2011/03/28 08:13:27 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM

O1 HOSTS File: ([2011/05/06 21:05:18 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101210083627.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [CTSVolFE.exe] C:\Program Files\Creative\Mixer\CTSVolFE.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
O4 - HKLM..\Run: [LVCOMSX] C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\system32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell Network Assistant.lnk = C:\WINDOWS\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB3.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Lotus Organizer EasyClip.lnk = C:\Lotus\organize\EasyClip.exe (Lotus Development Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\bw+0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw+0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0 {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0s {d6db5713-1974-4f8f-a560-59224f39ad98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\offline-8876480 {D6DB5713-1974-4F8F-A560-59224F39AD98} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Gary Dixon\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gary Dixon\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - C:\WINDOWS\System32\mcmjpg32.dll (MainConcept)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17746534284132352)

========== Files/Folders - Created Within 30 Days ==========

[2011/05/06 21:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/05/06 21:12:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/05/05 21:44:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/05 21:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/05 21:44:54 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/05 21:43:24 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gary Dixon\My Documents\mbam-setup.exe
[2011/05/05 11:31:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary Dixon\Desktop\CAF
[2011/05/05 01:05:30 | 001,153,912 | ---- | C] (Emsi Software GmbH) -- C:\Documents and Settings\Gary Dixon\Desktop\BlitzBlank.exe
[2011/05/05 00:05:48 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gary Dixon\Desktop\OTL.exe
[2011/05/04 23:10:44 | 000,083,968 | ---- | C] (eSage Lab) -- C:\Documents and Settings\Gary Dixon\Desktop\remover.exe
[2011/05/02 17:56:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/05/02 17:50:33 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/05/02 17:50:33 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/05/02 17:50:33 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/05/02 17:50:33 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/05/02 17:49:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/02 17:49:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/02 16:53:59 | 001,407,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Gary Dixon\Desktop\TDSSKiller.exe
[2011/05/01 18:17:28 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gary Dixon\Desktop\TFC.exe
[2011/05/01 13:05:34 | 000,339,968 | ---- | C] (Trusteer Ltd.) -- C:\WINDOWS\System32\RapportBuka.dll
[2011/04/29 12:44:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary Dixon\Local Settings\Application Data\Trusteer
[2011/04/28 18:39:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary Dixon\Application Data\ElevatedDiagnostics
[2011/04/28 18:31:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2011/04/28 18:30:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2011/04/28 14:34:50 | 000,053,816 | ---- | C] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2011/04/27 11:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/04/27 11:50:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/04/26 10:23:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/04/26 10:22:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/04/14 09:01:18 | 000,000,000 | ---D | C] -- C:\D1_32
[2011/04/10 17:59:56 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Gary Dixon\My Documents\My Shapes
[2011/04/10 17:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary Dixon\Local Settings\Application Data\Thinstall
[2011/04/10 17:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary Dixon\Application Data\Thinstall
[2011/04/10 17:58:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visio 2007 Portable
[2011/04/10 10:14:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary Dixon\My Documents\GSpot271a
[2011/04/09 16:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary Dixon\Application Data\Smaart
[2011/04/09 16:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Smaart 6
[2011/04/07 15:19:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary Dixon\My Documents\OneNote Notebooks
[2011/04/07 15:16:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2011/04/07 15:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/04/07 15:08:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2011/04/07 15:07:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary Dixon\Local Settings\Application Data\Microsoft Help
[2011/04/07 15:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2011/04/07 15:06:25 | 000,000,000 | R--D | C] -- C:\MSOCache

 

========== Files - Modified Within 30 Days ==========

[2011/05/06 21:55:02 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/06 21:19:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/06 21:18:45 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell Network Assistant.lnk
[2011/05/06 21:16:41 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/06 21:16:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/06 21:16:29 | 526,843,904 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/06 21:05:18 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/05/06 20:32:43 | 004,342,930 | R--- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\ComboFix.exe
[2011/05/06 13:52:18 | 000,023,354 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\My Documents\parking.pdf
[2011/05/05 21:45:00 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/05 21:43:25 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gary Dixon\My Documents\mbam-setup.exe
[2011/05/05 20:57:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/05/05 20:14:52 | 001,280,815 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\tdsskiller.zip
[2011/05/05 19:35:14 | 000,000,328 | -HS- | M] () -- C:\boot.ini
[2011/05/05 08:22:55 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\SystemLook.exe
[2011/05/05 01:05:38 | 001,153,912 | ---- | M] (Emsi Software GmbH) -- C:\Documents and Settings\Gary Dixon\Desktop\BlitzBlank.exe
[2011/05/05 00:05:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gary Dixon\Desktop\OTL.exe
[2011/05/04 23:09:24 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\RKUnhookerLE.EXE
[2011/05/04 23:08:50 | 000,039,605 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\bootkit_remover.rar
[2011/05/02 21:39:45 | 001,006,778 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\rkill.scr
[2011/05/02 09:55:40 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\dds.scr
[2011/05/02 09:55:05 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\MBRCheck.exe
[2011/05/01 19:03:38 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\qzrmvojf.exe
[2011/05/01 18:17:28 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gary Dixon\Desktop\TFC.exe
[2011/05/01 14:21:34 | 001,407,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Gary Dixon\Desktop\TDSSKiller.exe
[2011/05/01 13:05:35 | 000,339,968 | ---- | M] (Trusteer Ltd.) -- C:\WINDOWS\System32\RapportBuka.dll
[2011/05/01 12:53:38 | 000,000,527 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\GHundo.bat
[2011/05/01 12:51:00 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\GHremoval.bat
[2011/04/29 17:18:13 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/28 18:33:04 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/28 14:34:50 | 000,053,816 | ---- | M] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2011/04/15 08:59:54 | 000,282,128 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/14 23:12:39 | 000,445,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/14 23:12:39 | 000,072,978 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/14 13:19:52 | 000,018,140 | ---- | M] () -- C:\bar.emf
[2011/04/10 18:08:46 | 000,000,822 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\Shortcut to Microsoft Office Visio 2007.exe.lnk
[2011/04/09 16:00:38 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\Smaart 6.lnk
[2011/04/09 09:20:10 | 000,139,776 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/07 15:32:57 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/04/07 15:19:45 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk

========== Files Created - No Company Name ==========

[2011/05/06 21:16:29 | 526,843,904 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/06 20:32:43 | 004,342,930 | R--- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\ComboFix.exe
[2011/05/06 13:51:55 | 000,023,354 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\My Documents\parking.pdf
[2011/05/05 21:45:00 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/05 08:22:50 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\SystemLook.exe
[2011/05/04 23:09:18 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\RKUnhookerLE.EXE
[2011/05/04 23:08:42 | 000,039,605 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\bootkit_remover.rar
[2011/05/02 21:39:40 | 001,006,778 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\rkill.scr
[2011/05/02 17:56:44 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/05/02 17:56:36 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/05/02 17:50:33 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/02 17:50:33 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/02 17:50:33 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/02 17:50:33 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/02 17:50:33 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/02 15:40:24 | 001,280,815 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\tdsskiller.zip
[2011/05/02 09:55:34 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\dds.scr
[2011/05/02 09:54:54 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\MBRCheck.exe
[2011/05/01 19:03:35 | 000,301,568 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\qzrmvojf.exe
[2011/05/01 13:54:22 | 000,000,527 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\GHundo.bat
[2011/05/01 13:54:18 | 000,000,712 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\GHremoval.bat
[2011/04/26 10:24:53 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/12 13:22:20 | 000,018,140 | ---- | C] () -- C:\bar.emf
[2011/04/10 18:08:46 | 000,000,822 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\Shortcut to Microsoft Office Visio 2007.exe.lnk
[2011/04/09 16:50:02 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\glut32.dll
[2011/04/09 16:00:38 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\Smaart 6.lnk
[2011/04/07 15:19:45 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2011/03/15 09:28:24 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/03/15 09:28:23 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/09/21 19:55:47 | 000,070,671 | ---- | C] () -- C:\WINDOWS\Huawei ModemsUninstall.exe
[2010/07/15 17:31:58 | 004,648,960 | ---- | C] () -- C:\WINDOWS\System32\ls9-qt-mt336.dll
[2010/01/27 13:16:08 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\RemoveDevice.dll
[2010/01/09 16:22:41 | 000,007,258 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\N360BUOptions.ini
[2009/12/14 17:10:10 | 000,050,420 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/11/24 12:33:21 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2009/08/20 12:07:40 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/08/20 12:07:40 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/08/20 12:06:29 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Application Data\$_hpcst$.hpc
[2009/07/31 02:58:42 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2009/01/27 09:57:25 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/01/16 15:36:07 | 000,020,458 | ---- | C] () -- C:\WINDOWS\hpoins01.dat.temp
[2009/01/16 15:36:07 | 000,016,622 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat.temp
[2009/01/13 16:16:51 | 000,020,458 | ---- | C] () -- C:\WINDOWS\hpoins01.dat
[2009/01/13 16:16:51 | 000,016,622 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat
[2008/12/28 18:42:01 | 000,000,027 | ---- | C] () -- C:\WINDOWS\REDSHIFT.INI
[2008/03/07 17:43:56 | 000,084,734 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4
[2008/03/07 14:47:30 | 000,020,270 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceInstaller.xml
[2008/02/18 14:25:26 | 000,031,862 | ---- | C] () -- C:\WINDOWS\System32\RdCi1046.dll
[2008/02/18 14:25:26 | 000,004,088 | ---- | C] () -- C:\WINDOWS\System32\RD3T1046.DAT
[2008/02/08 19:34:06 | 000,042,594 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/02/08 19:32:24 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
[2008/02/03 17:28:00 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/10/10 07:57:29 | 000,000,859 | ---- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini
[2007/08/04 19:33:09 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2007/08/04 19:03:04 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/06/21 17:39:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Application Data\wklnhst.dat
[2007/06/08 18:02:25 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2007/06/08 17:59:40 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2007/03/12 17:20:33 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\3F6769B316.sys
[2006/11/15 23:03:12 | 000,024,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2006/11/15 23:00:56 | 001,678,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2006/11/01 17:08:24 | 000,000,092 | R--- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2006/10/19 13:32:36 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Local Settings\Application Data\fusioncache.dat
[2006/10/06 12:15:25 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\16B369673F.sys
[2006/10/04 11:17:18 | 000,000,023 | ---- | C] () -- C:\WINDOWS\hw32a4.ini
[2006/10/04 11:17:18 | 000,000,018 | ---- | C] () -- C:\WINDOWS\win32a4.ini
[2006/10/04 10:54:23 | 000,015,840 | ---- | C] () -- C:\WINDOWS\System32\machnm1.exe
[2006/10/04 10:14:24 | 000,139,776 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/28 16:17:25 | 000,000,193 | ---- | C] () -- C:\WINDOWS\mswine.ini
[2006/09/28 15:51:22 | 000,001,344 | ---- | C] () -- C:\WINDOWS\System32\odbcinst.ini
[2006/09/28 15:49:02 | 000,445,952 | ---- | C] () -- C:\WINDOWS\System32\RepODBC.DLL
[2006/09/28 15:49:02 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\RepRC.DLL
[2006/09/28 15:37:26 | 000,091,648 | ---- | C] () -- C:\WINDOWS\System32\Mros416.dll
[2006/09/28 15:05:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/27 15:29:08 | 000,006,580 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/09/21 13:55:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/21 13:44:50 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/09/21 13:42:37 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/09/21 13:40:04 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/09/21 13:35:50 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/09/21 13:08:56 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/09/21 13:08:46 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/09/21 13:08:42 | 000,000,474 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/05/19 20:49:28 | 004,198,400 | ---- | C] () -- C:\WINDOWS\System32\pm5d-qt-mt333.dll
[2006/05/19 20:49:24 | 001,265,664 | ---- | C] () -- C:\WINDOWS\System32\pm5d_widgets.dll
[2006/05/19 20:49:24 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\pm5d_utilities.dll
[2006/05/19 20:49:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\pm5d_transport.dll
[2006/05/19 20:49:22 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\pm5d_memapi.dll
[2006/05/19 20:49:22 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\pm5d_qtoptserver.dll
[2006/05/19 20:49:20 | 000,659,456 | ---- | C] () -- C:\WINDOWS\System32\pm5d_console.dll
[2006/04/07 15:02:48 | 004,198,400 | ---- | C] () -- C:\WINDOWS\System32\m7cl-qt-mt333.dll
[2006/04/07 15:02:48 | 001,310,720 | ---- | C] () -- C:\WINDOWS\System32\m7cl_widgets.dll
[2006/04/07 15:02:48 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\m7cl_console.dll
[2006/04/07 15:02:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\m7cl_utilities.dll
[2006/04/07 15:02:48 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\m7cl_memapi.dll
[2006/04/07 15:02:48 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\m7cl_transport.dll
[2006/04/07 15:02:48 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\m7cl_qtoptserver.dll
[2005/04/09 17:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/03/07 18:54:16 | 004,628,480 | ---- | C] () -- C:\WINDOWS\System32\smh-qt-mt333.dll
[2004/08/10 13:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 13:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:57:52 | 000,004,324 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 12:57:15 | 000,282,128 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 12:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 12:51:20 | 000,445,938 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 12:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 12:51:20 | 000,072,978 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 12:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 12:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 12:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 12:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 12:51:13 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2004/08/10 12:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 12:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 12:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 12:50:56 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum(2).dll
[2004/08/10 12:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[1999/03/10 09:23:00 | 000,222,928 | ---- | C] () -- C:\WINDOWS\System32\lobas09.dll
[1999/03/02 09:23:00 | 000,033,040 | ---- | C] () -- C:\WINDOWS\System32\dbmsspxn.dll
[1999/03/02 09:23:00 | 000,028,944 | ---- | C] () -- C:\WINDOWS\System32\dbmssocn.dll
[1998/07/16 19:44:54 | 000,161,792 | ---- | C] () -- C:\WINDOWS\System32\loor813.dll
[1998/07/14 18:37:42 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\loinf13.dll
[1998/07/14 18:36:12 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\loinf913.dll
[1998/07/14 17:48:32 | 000,135,680 | ---- | C] () -- C:\WINDOWS\System32\lotxt13.dll
[1998/07/10 19:54:28 | 000,163,328 | ---- | C] () -- C:\WINDOWS\System32\losyb13.dll
[1998/07/10 19:36:40 | 000,321,024 | ---- | C] () -- C:\WINDOWS\System32\lobas13.dll
[1998/07/01 18:51:46 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\loor713.dll
[1998/07/01 18:44:24 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\lodb213.dll
[1998/07/01 17:55:38 | 000,147,968 | ---- | C] () -- C:\WINDOWS\System32\loss613.dll
[1998/07/01 17:54:04 | 000,121,344 | ---- | C] () -- C:\WINDOWS\System32\loidp13.dll
[1998/07/01 17:43:14 | 000,305,152 | ---- | C] () -- C:\WINDOWS\System32\lodbf13.dll
[1998/07/01 17:40:10 | 000,346,112 | ---- | C] () -- C:\WINDOWS\System32\loflt13.dll
[1998/06/10 21:08:40 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\Reputil.dll
[1998/04/27 09:23:00 | 006,150,961 | ---- | C] () -- C:\WINDOWS\System32\jre116.exe
[1998/01/13 21:52:30 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\lotrn13.dll
[1997/11/14 09:23:00 | 000,031,008 | ---- | C] () -- C:\WINDOWS\System32\ivtrn09.dll
[1997/02/02 09:23:00 | 000,000,058 | ---- | C] () -- C:\WINDOWS\loss613.ini
[1997/02/02 09:23:00 | 000,000,058 | ---- | C] () -- C:\WINDOWS\loss09.ini
[1996/11/17 01:37:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1996/07/09 09:23:00 | 000,000,038 | ---- | C] () -- C:\WINDOWS\loidp13.ini
[1996/01/15 19:12:14 | 000,128,448 | ---- | C] () -- C:\WINDOWS\System32\loss09.dll
[1994/04/07 09:23:00 | 000,000,462 | ---- | C] () -- C:\WINDOWS\lodbf13.ini

========== LOP Check ==========

[2010/10/17 15:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Birdstep Technology
[2009/10/08 11:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Media
[2009/08/20 12:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2007/05/28 20:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SingleClick Systems
[2009/10/07 11:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Smaart
[2011/05/06 21:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/01/14 10:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2007/12/01 15:18:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/12/26 17:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone
[2009/03/13 18:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/05/28 17:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/04 18:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/17 17:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/04/28 15:56:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\BitTorrent
[2011/03/21 11:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\DDMSettings
[2011/03/17 16:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Downloaded Installations
[2011/04/28 18:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\ElevatedDiagnostics
[2010/07/06 20:20:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\GARMIN
[2011/03/02 15:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\GetRightToGo
[2006/09/28 14:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Leadertech
[2009/02/06 14:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Mp3tag
[2009/08/20 12:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\PC Suite
[2011/05/06 11:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\PrimoPDF
[2009/08/20 12:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Samsung
[2011/04/09 16:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Smaart
[2006/09/28 15:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Steinberg
[2011/04/10 17:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Thinstall
[2011/03/17 16:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\TiMax2
[2008/08/09 20:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\TomTom
[2010/01/14 10:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Trusteer
[2007/12/01 15:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Viewpoint
[2006/09/28 16:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Visio
[2008/12/26 17:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Vodafone

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/11/28 14:07:10 | 000,007,808 | ---- | M] () -- C:\Act 1.gpk
[2004/08/10 13:04:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/04/14 13:19:52 | 000,018,140 | ---- | M] () -- C:\bar.emf
[2011/05/05 07:51:54 | 000,000,790 | ---- | M] () -- C:\blitzblank.log
[2006/09/27 15:18:17 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/05/05 19:35:14 | 000,000,328 | -HS- | M] () -- C:\boot.ini
[2007/08/13 09:48:11 | 000,006,231 | -H-- | M] () -- C:\cache.dmx
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2011/05/06 21:12:07 | 000,019,041 | ---- | M] () -- C:\ComboFix.txt
[2004/08/10 13:04:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/09/21 13:15:14 | 000,005,642 | RH-- | M] () -- C:\dell.sdr
[2011/05/06 21:16:29 | 526,843,904 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/15 15:09:19 | 000,000,000 | ---- | M] () -- C:\hpfr3420.xml
[2009/07/15 15:09:22 | 000,000,502 | ---- | M] () -- C:\hpfr3425.log
[2006/10/04 12:38:25 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/10 13:04:08 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2006/09/21 13:46:25 | 000,000,896 | -H-- | M] () -- C:\IPH.PH
[2006/11/12 20:23:04 | 000,000,174 | ---- | M] () -- C:\IQ-POINT
[2010/03/25 09:05:58 | 000,000,147 | ---- | M] () -- C:\LEGO Creator Knights Kingdom Error Log_0.log
[2011/04/27 11:02:15 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2004/08/10 13:04:08 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/11/04 13:01:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/05/06 21:16:27 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys
[2011/05/06 09:56:41 | 000,000,359 | ---- | M] () -- C:\rkill.log
[2007/11/12 09:05:36 | 000,000,016 | ---- | M] () -- C:\s1d0
[2007/11/27 08:08:12 | 000,000,016 | ---- | M] () -- C:\s360
[2007/09/17 14:57:05 | 000,000,000 | ---- | M] () -- C:\s39s
[2007/09/16 09:26:27 | 000,000,016 | ---- | M] () -- C:\s3jc
[2007/12/04 13:43:09 | 000,000,016 | ---- | M] () -- C:\s5cs
[2006/11/09 17:56:08 | 000,000,170 | ---- | M] () -- C:\setup.log
[2011/05/02 16:54:24 | 000,002,022 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_02.05.2011_16.54.23_log.txt
[2011/05/02 17:07:34 | 000,002,022 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_02.05.2011_17.07.30_log.txt
[2011/05/02 17:10:05 | 000,002,022 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_02.05.2011_17.10.00_log.txt
[2011/05/02 17:11:14 | 000,002,022 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_02.05.2011_17.11.11_log.txt
[2011/05/02 17:15:42 | 000,002,022 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_02.05.2011_17.15.34_log.txt
[2011/05/05 20:14:03 | 000,000,414 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_05.05.2011_20.13.56_log.txt
[2011/05/05 20:54:45 | 000,066,310 | ---- | M] () -- C:\TDSSKiller.2.5.0.0_05.05.2011_20.17.05_log.txt

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004/08/10 13:03:42 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2007/11/23 18:45:33 | 000,001,626 | -H-- | M] () -- C:\Documents and Settings\Gary Dixon\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2004/08/10 12:56:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/10 12:56:46 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/10 12:56:46 | 000,872,448 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/12/01 10:14:28 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006/09/27 15:18:48 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Gary Dixon\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2004/08/10 13:08:38 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2011/03/25 14:26:43 | 002,661,254 | ---- | M] (Alexander Vigovsky ) -- C:\Documents and Settings\Gary Dixon\Desktop\ac3filter_1_63b.exe
[2011/05/05 01:05:38 | 001,153,912 | ---- | M] (Emsi Software GmbH) -- C:\Documents and Settings\Gary Dixon\Desktop\BlitzBlank.exe
[2011/05/06 20:32:43 | 004,342,930 | R--- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\ComboFix.exe
[2004/01/06 13:33:04 | 001,578,496 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\DCX-Remote.exe
[2009/11/24 11:39:46 | 007,744,980 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\FreewarePrimoPDF.exe
[2009/01/03 18:23:49 | 000,607,640 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Gary Dixon\Desktop\jre-6u11-windows-i586-p-iftw.exe
[2011/05/02 09:55:05 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\MBRCheck.exe
[2007/09/14 18:34:24 | 000,907,624 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\MM061A12.EXE
[2011/05/05 00:05:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gary Dixon\Desktop\OTL.exe
[2011/05/01 19:03:38 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\qzrmvojf.exe
[2010/09/01 15:33:49 | 000,083,968 | ---- | M] (eSage Lab) -- C:\Documents and Settings\Gary Dixon\Desktop\remover.exe
[2011/05/04 23:09:24 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\RKUnhookerLE.EXE
[2011/05/05 08:22:55 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\SystemLook.exe
[2011/05/01 14:21:34 | 001,407,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Gary Dixon\Desktop\TDSSKiller.exe
[2011/05/01 18:17:28 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gary Dixon\Desktop\TFC.exe
[2010/04/24 14:37:13 | 007,845,512 | ---- | M] (Interactive Frontiers ) -- C:\Documents and Settings\Gary Dixon\Desktop\v1home.exe
[2011/03/15 09:25:41 | 000,652,794 | ---- | M] (Xvid team ) -- C:\Documents and Settings\Gary Dixon\Desktop\XviD-1.2.2-07062009.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >
[2010/10/20 23:23:26 | 000,000,698 | ---- | M] () -- C:\WINDOWS\AppPatch\Custom\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2011/05/05 21:43:25 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gary Dixon\My Documents\mbam-setup.exe
[2008/08/09 20:48:06 | 018,878,872 | ---- | M] (TomTom International B.V.) -- C:\Documents and Settings\Gary Dixon\My Documents\TomTomHOME2winlatest.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2004/08/04 05:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2006/09/27 15:18:46 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Gary Dixon\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >
Huawei ModemsUninstall.exe

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2011/05/06 21:24:48 | 001,114,112 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2008/04/14 01:12:38 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >
[2006/07/10 00:42:28 | 000,557,056 | ---- | M] (Intel Corporation) -- C:\WINDOWS\Installer\iProInst.exe
[8 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/14 01:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 01:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 01:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 15:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 18:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/14 01:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/04 01:06:36 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004/08/04 01:06:36 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004/08/04 01:06:36 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 01:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 01:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >
[2004/08/04 05:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system\regsvr32.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEB71B81

< End of report >

 

========== Files - Modified Within 30 Days ==========

[2011/05/06 21:55:02 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/06 21:19:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/06 21:18:45 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell Network Assistant.lnk
[2011/05/06 21:16:41 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/06 21:16:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/06 21:16:29 | 526,843,904 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/06 21:05:18 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/05/06 20:32:43 | 004,342,930 | R--- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\ComboFix.exe
[2011/05/06 13:52:18 | 000,023,354 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\My Documents\parking.pdf
[2011/05/05 21:45:00 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/05 21:43:25 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gary Dixon\My Documents\mbam-setup.exe
[2011/05/05 20:57:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/05/05 20:14:52 | 001,280,815 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\tdsskiller.zip
[2011/05/05 19:35:14 | 000,000,328 | -HS- | M] () -- C:\boot.ini
[2011/05/05 08:22:55 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\SystemLook.exe
[2011/05/05 01:05:38 | 001,153,912 | ---- | M] (Emsi Software GmbH) -- C:\Documents and Settings\Gary Dixon\Desktop\BlitzBlank.exe
[2011/05/05 00:05:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gary Dixon\Desktop\OTL.exe
[2011/05/04 23:09:24 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\RKUnhookerLE.EXE
[2011/05/04 23:08:50 | 000,039,605 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\bootkit_remover.rar
[2011/05/02 21:39:45 | 001,006,778 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\rkill.scr
[2011/05/02 09:55:40 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\dds.scr
[2011/05/02 09:55:05 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\MBRCheck.exe
[2011/05/01 19:03:38 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\qzrmvojf.exe
[2011/05/01 18:17:28 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gary Dixon\Desktop\TFC.exe
[2011/05/01 14:21:34 | 001,407,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Gary Dixon\Desktop\TDSSKiller.exe
[2011/05/01 13:05:35 | 000,339,968 | ---- | M] (Trusteer Ltd.) -- C:\WINDOWS\System32\RapportBuka.dll
[2011/05/01 12:53:38 | 000,000,527 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\GHundo.bat
[2011/05/01 12:51:00 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\GHremoval.bat
[2011/04/29 17:18:13 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/28 18:33:04 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/28 14:34:50 | 000,053,816 | ---- | M] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2011/04/15 08:59:54 | 000,282,128 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/14 23:12:39 | 000,445,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/14 23:12:39 | 000,072,978 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/14 13:19:52 | 000,018,140 | ---- | M] () -- C:\bar.emf
[2011/04/10 18:08:46 | 000,000,822 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\Shortcut to Microsoft Office Visio 2007.exe.lnk
[2011/04/09 16:00:38 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\Smaart 6.lnk
[2011/04/09 09:20:10 | 000,139,776 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/07 15:32:57 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/04/07 15:19:45 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk

========== Files Created - No Company Name ==========

[2011/05/06 21:16:29 | 526,843,904 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/06 20:32:43 | 004,342,930 | R--- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\ComboFix.exe
[2011/05/06 13:51:55 | 000,023,354 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\My Documents\parking.pdf
[2011/05/05 21:45:00 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/05 08:22:50 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\SystemLook.exe
[2011/05/04 23:09:18 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\RKUnhookerLE.EXE
[2011/05/04 23:08:42 | 000,039,605 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\bootkit_remover.rar
[2011/05/02 21:39:40 | 001,006,778 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\rkill.scr
[2011/05/02 17:56:44 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/05/02 17:56:36 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/05/02 17:50:33 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/02 17:50:33 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/02 17:50:33 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/02 17:50:33 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/02 17:50:33 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/02 15:40:24 | 001,280,815 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\tdsskiller.zip
[2011/05/02 09:55:34 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\dds.scr
[2011/05/02 09:54:54 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\MBRCheck.exe
[2011/05/01 19:03:35 | 000,301,568 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\qzrmvojf.exe
[2011/05/01 13:54:22 | 000,000,527 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\GHundo.bat
[2011/05/01 13:54:18 | 000,000,712 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\GHremoval.bat
[2011/04/26 10:24:53 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/12 13:22:20 | 000,018,140 | ---- | C] () -- C:\bar.emf
[2011/04/10 18:08:46 | 000,000,822 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\Shortcut to Microsoft Office Visio 2007.exe.lnk
[2011/04/09 16:50:02 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\glut32.dll
[2011/04/09 16:00:38 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Desktop\Smaart 6.lnk
[2011/04/07 15:19:45 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2011/03/15 09:28:24 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/03/15 09:28:23 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/09/21 19:55:47 | 000,070,671 | ---- | C] () -- C:\WINDOWS\Huawei ModemsUninstall.exe
[2010/07/15 17:31:58 | 004,648,960 | ---- | C] () -- C:\WINDOWS\System32\ls9-qt-mt336.dll
[2010/01/27 13:16:08 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\RemoveDevice.dll
[2010/01/09 16:22:41 | 000,007,258 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\N360BUOptions.ini
[2009/12/14 17:10:10 | 000,050,420 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/11/24 12:33:21 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2009/08/20 12:07:40 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/08/20 12:07:40 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/08/20 12:06:29 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Application Data\$_hpcst$.hpc
[2009/07/31 02:58:42 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2009/01/27 09:57:25 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/01/16 15:36:07 | 000,020,458 | ---- | C] () -- C:\WINDOWS\hpoins01.dat.temp
[2009/01/16 15:36:07 | 000,016,622 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat.temp
[2009/01/13 16:16:51 | 000,020,458 | ---- | C] () -- C:\WINDOWS\hpoins01.dat
[2009/01/13 16:16:51 | 000,016,622 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat
[2008/12/28 18:42:01 | 000,000,027 | ---- | C] () -- C:\WINDOWS\REDSHIFT.INI
[2008/03/07 17:43:56 | 000,084,734 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4
[2008/03/07 14:47:30 | 000,020,270 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceInstaller.xml
[2008/02/18 14:25:26 | 000,031,862 | ---- | C] () -- C:\WINDOWS\System32\RdCi1046.dll
[2008/02/18 14:25:26 | 000,004,088 | ---- | C] () -- C:\WINDOWS\System32\RD3T1046.DAT
[2008/02/08 19:34:06 | 000,042,594 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/02/08 19:32:24 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
[2008/02/03 17:28:00 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/10/10 07:57:29 | 000,000,859 | ---- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini
[2007/08/04 19:33:09 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2007/08/04 19:03:04 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/06/21 17:39:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Application Data\wklnhst.dat
[2007/06/08 18:02:25 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2007/06/08 17:59:40 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2007/03/12 17:20:33 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\3F6769B316.sys
[2006/11/15 23:03:12 | 000,024,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2006/11/15 23:00:56 | 001,678,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2006/11/01 17:08:24 | 000,000,092 | R--- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2006/10/19 13:32:36 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Local Settings\Application Data\fusioncache.dat
[2006/10/06 12:15:25 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\16B369673F.sys
[2006/10/04 11:17:18 | 000,000,023 | ---- | C] () -- C:\WINDOWS\hw32a4.ini
[2006/10/04 11:17:18 | 000,000,018 | ---- | C] () -- C:\WINDOWS\win32a4.ini
[2006/10/04 10:54:23 | 000,015,840 | ---- | C] () -- C:\WINDOWS\System32\machnm1.exe
[2006/10/04 10:14:24 | 000,139,776 | ---- | C] () -- C:\Documents and Settings\Gary Dixon\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/28 16:17:25 | 000,000,193 | ---- | C] () -- C:\WINDOWS\mswine.ini
[2006/09/28 15:51:22 | 000,001,344 | ---- | C] () -- C:\WINDOWS\System32\odbcinst.ini
[2006/09/28 15:49:02 | 000,445,952 | ---- | C] () -- C:\WINDOWS\System32\RepODBC.DLL
[2006/09/28 15:49:02 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\RepRC.DLL
[2006/09/28 15:37:26 | 000,091,648 | ---- | C] () -- C:\WINDOWS\System32\Mros416.dll
[2006/09/28 15:05:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/27 15:29:08 | 000,006,580 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/09/21 13:55:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/21 13:44:50 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/09/21 13:42:37 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/09/21 13:40:04 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/09/21 13:35:50 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/09/21 13:08:56 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/09/21 13:08:46 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/09/21 13:08:42 | 000,000,474 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/05/19 20:49:28 | 004,198,400 | ---- | C] () -- C:\WINDOWS\System32\pm5d-qt-mt333.dll
[2006/05/19 20:49:24 | 001,265,664 | ---- | C] () -- C:\WINDOWS\System32\pm5d_widgets.dll
[2006/05/19 20:49:24 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\pm5d_utilities.dll
[2006/05/19 20:49:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\pm5d_transport.dll
[2006/05/19 20:49:22 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\pm5d_memapi.dll
[2006/05/19 20:49:22 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\pm5d_qtoptserver.dll
[2006/05/19 20:49:20 | 000,659,456 | ---- | C] () -- C:\WINDOWS\System32\pm5d_console.dll
[2006/04/07 15:02:48 | 004,198,400 | ---- | C] () -- C:\WINDOWS\System32\m7cl-qt-mt333.dll
[2006/04/07 15:02:48 | 001,310,720 | ---- | C] () -- C:\WINDOWS\System32\m7cl_widgets.dll
[2006/04/07 15:02:48 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\m7cl_console.dll
[2006/04/07 15:02:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\m7cl_utilities.dll
[2006/04/07 15:02:48 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\m7cl_memapi.dll
[2006/04/07 15:02:48 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\m7cl_transport.dll
[2006/04/07 15:02:48 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\m7cl_qtoptserver.dll
[2005/04/09 17:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/03/07 18:54:16 | 004,628,480 | ---- | C] () -- C:\WINDOWS\System32\smh-qt-mt333.dll
[2004/08/10 13:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 13:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:57:52 | 000,004,324 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 12:57:15 | 000,282,128 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 12:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 12:51:20 | 000,445,938 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 12:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 12:51:20 | 000,072,978 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 12:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 12:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 12:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 12:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 12:51:13 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2004/08/10 12:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 12:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 12:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 12:50:56 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum(2).dll
[2004/08/10 12:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[1999/03/10 09:23:00 | 000,222,928 | ---- | C] () -- C:\WINDOWS\System32\lobas09.dll
[1999/03/02 09:23:00 | 000,033,040 | ---- | C] () -- C:\WINDOWS\System32\dbmsspxn.dll
[1999/03/02 09:23:00 | 000,028,944 | ---- | C] () -- C:\WINDOWS\System32\dbmssocn.dll
[1998/07/16 19:44:54 | 000,161,792 | ---- | C] () -- C:\WINDOWS\System32\loor813.dll
[1998/07/14 18:37:42 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\loinf13.dll
[1998/07/14 18:36:12 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\loinf913.dll
[1998/07/14 17:48:32 | 000,135,680 | ---- | C] () -- C:\WINDOWS\System32\lotxt13.dll
[1998/07/10 19:54:28 | 000,163,328 | ---- | C] () -- C:\WINDOWS\System32\losyb13.dll
[1998/07/10 19:36:40 | 000,321,024 | ---- | C] () -- C:\WINDOWS\System32\lobas13.dll
[1998/07/01 18:51:46 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\loor713.dll
[1998/07/01 18:44:24 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\lodb213.dll
[1998/07/01 17:55:38 | 000,147,968 | ---- | C] () -- C:\WINDOWS\System32\loss613.dll
[1998/07/01 17:54:04 | 000,121,344 | ---- | C] () -- C:\WINDOWS\System32\loidp13.dll
[1998/07/01 17:43:14 | 000,305,152 | ---- | C] () -- C:\WINDOWS\System32\lodbf13.dll
[1998/07/01 17:40:10 | 000,346,112 | ---- | C] () -- C:\WINDOWS\System32\loflt13.dll
[1998/06/10 21:08:40 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\Reputil.dll
[1998/04/27 09:23:00 | 006,150,961 | ---- | C] () -- C:\WINDOWS\System32\jre116.exe
[1998/01/13 21:52:30 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\lotrn13.dll
[1997/11/14 09:23:00 | 000,031,008 | ---- | C] () -- C:\WINDOWS\System32\ivtrn09.dll
[1997/02/02 09:23:00 | 000,000,058 | ---- | C] () -- C:\WINDOWS\loss613.ini
[1997/02/02 09:23:00 | 000,000,058 | ---- | C] () -- C:\WINDOWS\loss09.ini
[1996/11/17 01:37:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1996/07/09 09:23:00 | 000,000,038 | ---- | C] () -- C:\WINDOWS\loidp13.ini
[1996/01/15 19:12:14 | 000,128,448 | ---- | C] () -- C:\WINDOWS\System32\loss09.dll
[1994/04/07 09:23:00 | 000,000,462 | ---- | C] () -- C:\WINDOWS\lodbf13.ini

========== LOP Check ==========

[2010/10/17 15:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Birdstep Technology
[2009/10/08 11:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Media
[2009/08/20 12:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2007/05/28 20:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SingleClick Systems
[2009/10/07 11:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Smaart
[2011/05/06 21:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/01/14 10:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2007/12/01 15:18:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/12/26 17:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone
[2009/03/13 18:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/05/28 17:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/04 18:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/17 17:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/04/28 15:56:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\BitTorrent
[2011/03/21 11:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\DDMSettings
[2011/03/17 16:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Downloaded Installations
[2011/04/28 18:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\ElevatedDiagnostics
[2010/07/06 20:20:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\GARMIN
[2011/03/02 15:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\GetRightToGo
[2006/09/28 14:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Leadertech
[2009/02/06 14:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Mp3tag
[2009/08/20 12:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\PC Suite
[2011/05/06 11:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\PrimoPDF
[2009/08/20 12:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Samsung
[2011/04/09 16:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Smaart
[2006/09/28 15:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Steinberg
[2011/04/10 17:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Thinstall
[2011/03/17 16:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\TiMax2
[2008/08/09 20:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\TomTom
[2010/01/14 10:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Trusteer
[2007/12/01 15:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Viewpoint
[2006/09/28 16:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Visio
[2008/12/26 17:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary Dixon\Application Data\Vodafone

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/11/28 14:07:10 | 000,007,808 | ---- | M] () -- C:\Act 1.gpk
[2004/08/10 13:04:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/04/14 13:19:52 | 000,018,140 | ---- | M] () -- C:\bar.emf
[2011/05/05 07:51:54 | 000,000,790 | ---- | M] () -- C:\blitzblank.log
[2006/09/27 15:18:17 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/05/05 19:35:14 | 000,000,328 | -HS- | M] () -- C:\boot.ini
[2007/08/13 09:48:11 | 000,006,231 | -H-- | M] () -- C:\cache.dmx
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2011/05/06 21:12:07 | 000,019,041 | ---- | M] () -- C:\ComboFix.txt
[2004/08/10 13:04:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/09/21 13:15:14 | 000,005,642 | RH-- | M] () -- C:\dell.sdr
[2011/05/06 21:16:29 | 526,843,904 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/15 15:09:19 | 000,000,000 | ---- | M] () -- C:\hpfr3420.xml
[2009/07/15 15:09:22 | 000,000,502 | ---- | M] () -- C:\hpfr3425.log
[2006/10/04 12:38:25 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/10 13:04:08 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2006/09/21 13:46:25 | 000,000,896 | -H-- | M] () -- C:\IPH.PH
[2006/11/12 20:23:04 | 000,000,174 | ---- | M] () -- C:\IQ-POINT
[2010/03/25 09:05:58 | 000,000,147 | ---- | M] () -- C:\LEGO Creator Knights Kingdom Error Log_0.log
[2011/04/27 11:02:15 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2004/08/10 13:04:08 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/11/04 13:01:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/05/06 21:16:27 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys
[2011/05/06 09:56:41 | 000,000,359 | ---- | M] () -- C:\rkill.log
[2007/11/12 09:05:36 | 000,000,016 | ---- | M] () -- C:\s1d0
[2007/11/27 08:08:12 | 000,000,016 | ---- | M] () -- C:\s360
[2007/09/17 14:57:05 | 000,000,000 | ---- | M] () -- C:\s39s
[2007/09/16 09:26:27 | 000,000,016 | ---- | M] () -- C:\s3jc
[2007/12/04 13:43:09 | 000,000,016 | ---- | M] () -- C:\s5cs
[2006/11/09 17:56:08 | 000,000,170 | ---- | M] () -- C:\setup.log
[2011/05/02 16:54:24 | 000,002,022 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_02.05.2011_16.54.23_log.txt
[2011/05/02 17:07:34 | 000,002,022 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_02.05.2011_17.07.30_log.txt
[2011/05/02 17:10:05 | 000,002,022 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_02.05.2011_17.10.00_log.txt
[2011/05/02 17:11:14 | 000,002,022 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_02.05.2011_17.11.11_log.txt
[2011/05/02 17:15:42 | 000,002,022 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_02.05.2011_17.15.34_log.txt
[2011/05/05 20:14:03 | 000,000,414 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_05.05.2011_20.13.56_log.txt
[2011/05/05 20:54:45 | 000,066,310 | ---- | M] () -- C:\TDSSKiller.2.5.0.0_05.05.2011_20.17.05_log.txt

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004/08/10 13:03:42 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2007/11/23 18:45:33 | 000,001,626 | -H-- | M] () -- C:\Documents and Settings\Gary Dixon\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2004/08/10 12:56:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/10 12:56:46 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/10 12:56:46 | 000,872,448 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/12/01 10:14:28 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006/09/27 15:18:48 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Gary Dixon\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2004/08/10 13:08:38 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2011/03/25 14:26:43 | 002,661,254 | ---- | M] (Alexander Vigovsky ) -- C:\Documents and Settings\Gary Dixon\Desktop\ac3filter_1_63b.exe
[2011/05/05 01:05:38 | 001,153,912 | ---- | M] (Emsi Software GmbH) -- C:\Documents and Settings\Gary Dixon\Desktop\BlitzBlank.exe
[2011/05/06 20:32:43 | 004,342,930 | R--- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\ComboFix.exe
[2004/01/06 13:33:04 | 001,578,496 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\DCX-Remote.exe
[2009/11/24 11:39:46 | 007,744,980 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\FreewarePrimoPDF.exe
[2009/01/03 18:23:49 | 000,607,640 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Gary Dixon\Desktop\jre-6u11-windows-i586-p-iftw.exe
[2011/05/02 09:55:05 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\MBRCheck.exe
[2007/09/14 18:34:24 | 000,907,624 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\MM061A12.EXE
[2011/05/05 00:05:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gary Dixon\Desktop\OTL.exe
[2011/05/01 19:03:38 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\qzrmvojf.exe
[2010/09/01 15:33:49 | 000,083,968 | ---- | M] (eSage Lab) -- C:\Documents and Settings\Gary Dixon\Desktop\remover.exe
[2011/05/04 23:09:24 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\RKUnhookerLE.EXE
[2011/05/05 08:22:55 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Desktop\SystemLook.exe
[2011/05/01 14:21:34 | 001,407,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Gary Dixon\Desktop\TDSSKiller.exe
[2011/05/01 18:17:28 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gary Dixon\Desktop\TFC.exe
[2010/04/24 14:37:13 | 007,845,512 | ---- | M] (Interactive Frontiers ) -- C:\Documents and Settings\Gary Dixon\Desktop\v1home.exe
[2011/03/15 09:25:41 | 000,652,794 | ---- | M] (Xvid team ) -- C:\Documents and Settings\Gary Dixon\Desktop\XviD-1.2.2-07062009.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >
[2010/10/20 23:23:26 | 000,000,698 | ---- | M] () -- C:\WINDOWS\AppPatch\Custom\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2011/05/05 21:43:25 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gary Dixon\My Documents\mbam-setup.exe
[2008/08/09 20:48:06 | 018,878,872 | ---- | M] (TomTom International B.V.) -- C:\Documents and Settings\Gary Dixon\My Documents\TomTomHOME2winlatest.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2004/08/04 05:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2006/09/27 15:18:46 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Gary Dixon\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >
Huawei ModemsUninstall.exe

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2011/05/06 21:24:48 | 001,114,112 | ---- | M] () -- C:\Documents and Settings\Gary Dixon\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2008/04/14 01:12:38 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >
[2006/07/10 00:42:28 | 000,557,056 | ---- | M] (Intel Corporation) -- C:\WINDOWS\Installer\iProInst.exe
[8 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/14 01:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 01:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 01:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 15:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 18:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/14 01:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/04 01:06:36 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004/08/04 01:06:36 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004/08/04 01:06:36 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 01:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 01:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >
[2004/08/04 05:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system\regsvr32.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEB71B81

< End of report >

 

I need to go to bed and will do this in the morning.

Thank you for for continued help, despite the time difference!

 

Today I got something popping up every time I try to use the internet calling itself XP Total Security 2011. I googled it (on another machine) and found that it is malware. How are these getting past McAfee?

I will now do the scans that you have asked but it feels like I need to go back a few steps to deal with this new threat.

 

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Starting removal of ActiveX control {166B1BCA-3F9C-11CF-8075-444553540000}
C:\WINDOWS\Downloaded Program Files\setup.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Starting removal of ActiveX control {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
C:\WINDOWS\Downloaded Program Files\mcinsctl.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw+0\ deleted successfully.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw+0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw-0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw00\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw00s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw-0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw10\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw10s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw20\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw20s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw30\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw30s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw40\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw40s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw50\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw50s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw60\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw60s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw70\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw70s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw80\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw80s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw90\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw90s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwa0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwa0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwb0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwb0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwc0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwc0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwd0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwd0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwe0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwe0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwf0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwf0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwfile-8876480\ deleted successfully.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwg0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwg0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwh0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwh0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwi0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwi0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwj0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwj0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwk0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwk0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwl0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwl0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwm0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwm0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwn0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwn0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwo0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwo0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwp0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwp0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwq0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwq0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwr0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwr0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bws0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bws0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwt0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwt0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwu0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwu0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwv0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwv0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bww0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bww0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwx0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwx0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwy0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwy0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwz0\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwz0s\ deleted successfully.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
C:\WINDOWS\system32\3F6769B316.sys moved successfully.
C:\WINDOWS\system32\16B369673F.sys moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9Plus folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome\BH00 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\AxMetaStream_Win folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint folder moved successfully.
C:\Documents and Settings\Gary Dixon\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 folder moved successfully.
C:\Documents and Settings\Gary Dixon\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 folder moved successfully.
C:\Documents and Settings\Gary Dixon\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 folder moved successfully.
C:\Documents and Settings\Gary Dixon\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 folder moved successfully.
C:\Documents and Settings\Gary Dixon\Application Data\Viewpoint\Viewpoint Experience Technology\Resources folder moved successfully.
C:\Documents and Settings\Gary Dixon\Application Data\Viewpoint\Viewpoint Experience Technology folder moved successfully.
C:\Documents and Settings\Gary Dixon\Application Data\Viewpoint folder moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:BEB71B81 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Gary Dixon
->Temp folder emptied: 404213 bytes
->Temporary Internet Files folder emptied: 36071570 bytes
->Java cache emptied: 9268 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 1572 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Owner
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 35.00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Gary Dixon
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: Owner

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 05082011_104436

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Gary Dixon\Local Settings\Temp\~DFAA2C.tmp not found!
File\Folder C:\Documents and Settings\Gary Dixon\Local Settings\Temp\~DFAA63.tmp not found!
File\Folder C:\Documents and Settings\Gary Dixon\Local Settings\Temp\~DFAB72.tmp not found!
File\Folder C:\Documents and Settings\Gary Dixon\Local Settings\Temp\~DFABA5.tmp not found!
File\Folder C:\Documents and Settings\Gary Dixon\Local Settings\Temp\~DFAE27.tmp not found!
File\Folder C:\Documents and Settings\Gary Dixon\Local Settings\Temp\~DFAECF.tmp not found!
C:\Documents and Settings\Gary Dixon\Local Settings\Temp\~DFE649.tmp moved successfully.
C:\Documents and Settings\Gary Dixon\Local Settings\Temporary Internet Files\Content.IE5\9D12WLHU\98859-active-generic-host-process-win32-services-has-encountered-problem-5[1].html moved successfully.
C:\Documents and Settings\Gary Dixon\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...

 

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 25
Out of date Java installed!
Adobe Flash Player
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
``````````End of Log````````````

 

When I ran the online scanner I got a message saying that internet explorer had closed to protect me from some malicious software.