spybot blocked, windows redirect, windows and adaware update blocked

%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav

OTS logfile created on: 4/25/2010 10:50:41 PM - Run 1
OTS by OldTimer - Version 3.1.30.0     Folder = C:\Documents and Settings\Barry\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
767.00 Mb Total Physical Memory | 286.00 Mb Available Physical Memory | 37.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 18.35 Gb Free Space | 49.30% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 931.28 Gb Total Space | 608.52 Gb Free Space | 65.34% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 74.52 Gb Total Space | 52.48 Gb Free Space | 70.42% Space Free | Partition Type: NTFS
 
Computer Name: OFFICE
Current User Name: Barry
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
 
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Barry\Desktop\OTS.exe -> [2010/04/25 22:28:31 | 000,639,488 | ---- | M] (OldTimer Tools)
bfr.exe -> C:\Documents and Settings\Barry\Local Settings\Temp\Bfr.exe -> [2010/04/04 12:01:58 | 000,173,568 | ---- | M] ()
aawservice.exe -> C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -> [2010/02/04 11:52:57 | 001,228,208 | ---- | M] (Lavasoft)
aawtray.exe -> C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe -> [2010/02/04 11:52:57 | 000,814,160 | ---- | M] (Lavasoft)
mcsacore.exe -> C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -> [2009/12/08 14:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.)
qttask.exe -> C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe -> [2009/11/02 13:34:10 | 000,413,696 | ---- | M] (Apple Inc.)
mcmscsvc.exe -> C:\Program Files\McAfee\MSC\mcmscsvc.exe -> [2009/04/17 18:20:30 | 000,797,864 | ---- | M] (McAfee, Inc.)
mcagent.exe -> c:\Program Files\McAfee.com\Agent\mcagent.exe -> [2009/04/17 18:20:30 | 000,645,328 | ---- | M] (McAfee, Inc.)
mcsvrcnt.exe -> C:\Program Files\McAfee\MSC\mcsvrcnt.exe -> [2009/04/17 18:20:30 | 000,262,168 | ---- | M] (McAfee, Inc.)
mcshield.exe -> C:\Program Files\McAfee\VirusScan\Mcshield.exe -> [2009/03/25 11:05:48 | 000,144,704 | ---- | M] (McAfee, Inc.)
mcsysmon.exe -> C:\Program Files\McAfee\VirusScan\mcsysmon.exe -> [2009/03/24 00:03:18 | 000,606,736 | ---- | M] (McAfee, Inc.)
mpfsrv.exe -> C:\Program Files\McAfee\MPF\MpfSrv.exe -> [2009/03/19 11:42:02 | 000,884,360 | ---- | M] (McAfee, Inc.)
realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2009/02/05 09:03:21 | 000,198,160 | ---- | M] (RealNetworks, Inc.)
mcnasvc.exe -> c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -> [2009/01/09 11:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.)
msksrver.exe -> C:\Program Files\McAfee\MSK\msksrver.exe -> [2009/01/09 09:22:10 | 000,026,640 | ---- | M] (McAfee, Inc.)
mcproxy.exe -> c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -> [2009/01/09 08:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
wmp54gv4.exe -> C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe -> [2005/11/16 06:49:44 | 005,238,272 | ---- | M] (Linksys)
wlservice.exe -> C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe -> [2004/02/06 22:56:14 | 000,041,025 | ---- | M] (GEMTEKS)
mm_tray.exe -> C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe -> [2002/10/31 12:57:56 | 000,090,112 | ---- | M] (MUSICMATCH, Inc.)
directcd.exe -> C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe -> [2002/04/10 17:44:04 | 000,679,936 | ---- | M] (Roxio)
nopdb.exe -> C:\Program Files\Speed Disk\NOPDB.EXE -> [2002/01/30 06:00:00 | 000,172,065 | ---- | M] (Symantec Corporation)
devldr32.exe -> C:\WINDOWS\SYSTEM32\devldr32.exe -> [2001/08/31 14:44:30 | 000,025,600 | ---- | M] (Creative Technology Ltd.)
nprotect.exe -> C:\Program Files\Norton Utilities\NPROTECT.EXE -> [2001/08/10 06:00:00 | 000,135,168 | ---- | M] (Symantec Corporation)
sysdoc32.exe -> C:\Program Files\Norton Utilities\SYSDOC32.EXE -> [2001/08/10 06:00:00 | 000,024,614 | ---- | M] (Symantec Corporation)
sagent2.exe -> C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe -> [2001/08/09 02:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION)
wkcalrem.exe -> C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe -> [2001/08/07 18:06:54 | 000,024,633 | ---- | M] (Microsoft® Corporation)
 
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Barry\Desktop\OTS.exe -> [2010/04/25 22:28:31 | 000,639,488 | ---- | M] (OldTimer Tools)
 
[Win32 Services - Safe List]
(WMP54Gv4SVC) WMP54Gv4SVC [Auto | Running] ->  -> File not found
(Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -> [2010/02/04 11:52:57 | 001,228,208 | ---- | M] (Lavasoft)
(McAfee SiteAdvisor Service) McAfee SiteAdvisor Service [Auto | Running] -> C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -> [2009/12/08 14:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.)
(mcmscsvc) McAfee Services [Auto | Running] -> C:\Program Files\McAfee\MSC\mcmscsvc.exe -> [2009/04/17 18:20:30 | 000,797,864 | ---- | M] (McAfee, Inc.)
(McODS) McAfee Scanner [On_Demand | Stopped] -> C:\Program Files\McAfee\VirusScan\mcods.exe -> [2009/04/01 14:21:30 | 000,365,072 | ---- | M] (McAfee, Inc.)
(McShield) McAfee Real-time Scanner [Unknown | Running] -> C:\Program Files\McAfee\VirusScan\Mcshield.exe -> [2009/03/25 11:05:48 | 000,144,704 | ---- | M] (McAfee, Inc.)
(McSysmon) McAfee SystemGuards [On_Demand | Running] -> C:\Program Files\McAfee\VirusScan\mcsysmon.exe -> [2009/03/24 00:03:18 | 000,606,736 | ---- | M] (McAfee, Inc.)
(MpfService) McAfee Personal Firewall Service [Auto | Running] -> C:\Program Files\McAfee\MPF\MPFSrv.exe -> [2009/03/19 11:42:02 | 000,884,360 | ---- | M] (McAfee, Inc.)
(MBackMonitor) MBackMonitor [On_Demand | Stopped] -> C:\Program Files\McAfee\MBK\MBackMonitor.exe -> [2009/01/09 13:05:26 | 000,068,112 | ---- | M] (McAfee)
(McNASvc) McAfee Network Agent [Auto | Running] -> c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -> [2009/01/09 11:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.)
(MSK80Service) McAfee Anti-Spam Service [Auto | Running] -> C:\Program Files\McAfee\MSK\MskSrver.exe -> [2009/01/09 09:22:10 | 000,026,640 | ---- | M] (McAfee, Inc.)
(McProxy) McAfee Proxy Service [Auto | Running] -> c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -> [2009/01/09 08:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.)
(NMSSvc) Intel(R) NMS [On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\NMSSvc.Exe -> [2002/02/27 10:57:34 | 001,118,208 | ---- | M] (Intel Corporation)
(Speed Disk service) Speed Disk service [Auto | Running] -> C:\Program Files\Speed Disk\NOPDB.EXE -> [2002/01/30 06:00:00 | 000,172,065 | ---- | M] (Symantec Corporation)
(NProtectService) Norton Unerase Protection [Auto | Running] -> C:\Program Files\Norton Utilities\NPROTECT.EXE -> [2001/08/10 06:00:00 | 000,135,168 | ---- | M] (Symantec Corporation)
(EPSONStatusAgent2) EPSON Printer Status Agent2 [Auto | Running] -> C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe -> [2001/08/09 02:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION)
 
[Driver Services - Safe List]
(Lbd) Lbd [File_System | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\Lbd.sys -> [2010/02/04 11:53:02 | 000,064,288 | ---- | M] (Lavasoft AB)
(mfesmfk) McAfee Inc. mfesmfk [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\mfesmfk.sys -> [2009/03/25 11:06:30 | 000,040,552 | ---- | M] (McAfee, Inc.)
(mfehidk) McAfee Inc. mfehidk [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\mfehidk.sys -> [2009/03/25 11:06:28 | 000,214,024 | ---- | M] (McAfee, Inc.)
(mfeavfk) McAfee Inc. mfeavfk [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\mfeavfk.sys -> [2009/03/25 11:06:28 | 000,079,880 | ---- | M] (McAfee, Inc.)
(mfebopk) McAfee Inc. mfebopk [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\mfebopk.sys -> [2009/03/25 11:06:28 | 000,035,272 | ---- | M] (McAfee, Inc.)
(mferkdk) McAfee Inc. mferkdk [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\mferkdk.sys -> [2009/03/25 11:05:54 | 000,034,216 | ---- | M] (McAfee, Inc.)
(MPFP) MPFP [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\Mpfp.sys -> [2008/10/23 13:08:54 | 000,120,136 | ---- | M] (McAfee, Inc.)
(scsiscan) SCSI Scanner Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\scsiscan.sys -> [2008/04/13 14:45:33 | 000,011,520 | ---- | M] (Microsoft Corporation)
(gameenum) Game Port Enumerator [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -> [2008/04/13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation)
(amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\amdagp.sys -> [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\sisagp.sys -> [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation)
(SymEvent) SymEvent [Kernel | On_Demand | Running] -> C:\Program Files\Symantec\SYMEVENT.SYS -> [2006/01/31 14:35:34 | 000,123,248 | ---- | M] (Symantec Corporation)
(RT61) Linksys Wireless-G PCI Adapter Driver(RT61) [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\rt61.sys -> [2005/10/27 15:06:30 | 000,356,096 | ---- | M] (Ralink Technology Inc.)
(BCM42RLY) BCM42RLY [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\bcm42rly.sys -> [2005/02/01 18:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation)
(nv) nv [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys -> [2003/10/06 14:16:00 | 001,550,043 | ---- | M] (NVIDIA Corporation)
(MxlW2k) MxlW2k [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\MxlW2k.sys -> [2002/10/31 13:02:20 | 000,028,164 | ---- | M] (MusicMatch, Inc.)
(Cdr4_xp) Cdr4_xp [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\cdr4_xp.sys -> [2002/09/10 21:44:38 | 000,059,440 | ---- | M] (Roxio)
(Cdralw2k) Cdralw2k [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\cdralw2k.sys -> [2002/09/10 21:44:38 | 000,023,724 | ---- | M] (Roxio)
(dvd_2K) dvd_2K [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\Dvd_2k.sys -> [2002/04/10 18:01:12 | 000,024,554 | ---- | M] (Roxio)
(mmc_2K) mmc_2K [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\Mmc_2k.sys -> [2002/04/10 18:01:00 | 000,029,638 | ---- | M] (Roxio)
(pwd_2k) pwd_2k [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\pwd_2K.sys -> [2002/04/10 18:00:44 | 000,117,898 | ---- | M] (Roxio)
(cdudf_xp) cdudf_xp [File_System | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\cdudf_xp.sys -> [2002/04/10 17:48:04 | 000,236,032 | ---- | M] (Roxio)
(UdfReadr_xp) UdfReadr_xp [File_System | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\udfreadr_xp.sys -> [2002/04/10 17:45:16 | 000,206,336 | ---- | M] (Roxio)
(NMSCFG) NIC Management Service Configuration Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\NMSCFG.SYS -> [2002/02/27 10:57:52 | 000,009,868 | ---- | M] (Intel Corporation)
(NPDriver) Norton Unerase Protection Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\NPDRIVER.SYS -> [2002/02/05 06:03:00 | 000,034,578 | ---- | M] (Symantec Corporation)
(emu10k) Creative SB Live! Value (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\emu10k1f.sys -> [2001/09/13 19:09:48 | 000,777,088 | ---- | M] (Creative Technology Ltd.)
(sfman) Creative SoundFont Manager Driver (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\sfman.sys -> [2001/08/31 14:37:58 | 000,036,992 | ---- | M] (Creative Technology Ltd.)
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\sparrow.sys -> [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.)
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\sym_u3.sys -> [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic)
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\sym_hi.sys -> [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic)
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\symc8xx.sys -> [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic)
(symc810) symc810 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\symc810.sys -> [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.)
(hpt3xx) hpt3xx [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\hpt3xx.sys -> [2001/08/17 14:52:24 | 000,038,144 | ---- | M] (HighPoint Technologies, Inc.)
(ultra) ultra [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\ultra.sys -> [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.)
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\ql12160.sys -> [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation)
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\ql1080.sys -> [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\ql1280.sys -> [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation)
(dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -> [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation)
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\mraid35x.sys -> [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.)
(asc) asc [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\asc.sys -> [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\asc3550.sys -> [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.)
(AliIde) AliIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\aliide.sys -> [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.)
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\DRIVERS\cmdide.sys -> [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.)
(msgame) Sidewinder HID to Joystick Port Enabler [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\msgame.sys -> [2001/08/17 14:02:40 | 000,035,200 | ---- | M] (Microsoft Corporation)
(nv4) nv4 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\NV4.SYS -> [2001/08/17 13:50:26 | 000,731,648 | ---- | M] (NVIDIA Corporation)
(ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\AC97INTC.SYS -> [2001/08/17 13:20:04 | 000,096,256 | ---- | M] (Intel Corporation)
(ctljystk) Creative SBLive! Gameport [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\ctljystk.sys -> [2001/08/17 13:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.)
(EL90XBC) 3Com EtherLink XL 90XB/C Adapter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -> [2001/08/17 13:11:06 | 000,066,591 | ---- | M] (3Com Corporation)
(Eplpdx02) Eplpdx02 [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\EPLPDX02.SYS -> [2001/08/09 22:03:00 | 000,070,084 | ---- | M] (MK Systems CO., LTD.)
(emu10k1) Creative Interface Manager Driver (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\ctlface.sys -> [2001/07/11 12:34:52 | 000,006,912 | ---- | M] (Creative Technology Ltd.)
(PfModNT) PfModNT [Kernel | Auto | Running] -> C:\WINDOWS\SYSTEM32\PfModNT.sys -> [1999/12/17 02:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.)
(ONSIO) ONSIO [Kernel | Auto | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\onsio.sys -> [1998/09/14 08:41:14 | 000,285,216 | ---- | M] ()
(SMPLSCSI) SMPLSCSI [Kernel | Boot | Stopped] -> C:\WINDOWS\System32\drivers\SMPLSCSI.SYS -> [1998/08/01 12:00:44 | 000,060,928 | ---- | M] (OnSpec Electronic, Inc.)
(ASPI32) ASPI32 [Kernel | Auto | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\ASPI32.SYS -> [1997/12/22 18:02:46 | 000,023,936 | ---- | M] (Adaptec)
 
[Registry - All]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" ->  [binary data] -> 
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> 
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: Main\\"Default_Page_URL" -> http://www.dellnet.com -> 
HKEY_USERS\.DEFAULT\: Main\\"First Home Page" -> http://www.dellnet.com -> 
HKEY_USERS\.DEFAULT\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> 
HKEY_USERS\.DEFAULT\: URLSearchHooks\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> [2008/07/28 06:47:40 | 000,882,416 | ---- | M] (Yahoo! Inc.)
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: Main\\"Default_Page_URL" -> http://www.dellnet.com -> 
HKEY_USERS\S-1-5-18\: Main\\"First Home Page" -> http://www.dellnet.com -> 
HKEY_USERS\S-1-5-18\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> 
HKEY_USERS\S-1-5-18\: URLSearchHooks\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> [2008/07/28 06:47:40 | 000,882,416 | ---- | M] (Yahoo! Inc.)
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
HKEY_USERS\S-1-5-19\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
HKEY_USERS\S-1-5-20\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\] > -> -> 
HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> 
HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\: Main\\"Page_Transitions" -> 1 -> 
HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\: Main\\"SearchMigratedDefaultName" -> Yahoo! Search -> 
HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\: Main\\"SearchMigratedDefaultURL" -> http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 -> 
HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\: Main\\"Start Page" -> http://home.eastlink.ca/index.html?region=NS -> 
HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\: URLSearchHooks\\"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" [HKLM] -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor Toolbar] -> [2009/11/23 10:26:38 | 000,204,048 | ---- | M] (McAfee, Inc.)
HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\WINDOWS\SYSTEM32\ieframe.dll [Microsoft Url Search Hook] -> [2010/03/11 08:38:52 | 006,067,200 | ---- | M] (Microsoft Corporation)
HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\: "ProxyEnable" -> 0 -> 
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Barry\Application Data\Mozilla\FireFox\Profiles\05zlbu38.default\prefs.js -> 
browser.startup.homepage -> "https://www.ble.ac.uk/webapps/portal/frameset.jsp" ->
network.proxy.no_proxies_on -> "*.local" ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/09/02 12:00:43 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\[email protected] -> C:\Program Files\Java\jre6\lib\deploy\jqs\ff [C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF] -> [2009/02/25 15:34:25 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45} -> C:\Program Files\McAfee\SiteAdvisor [C:\PROGRAM FILES\MCAFEE\SITEADVISOR] -> [2010/04/21 08:32:43 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 2.0.0.15\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 2.0.0.15\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2009/10/20 17:11:11 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 2.0.0.15\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2009/10/20 17:11:11 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
  -> C:\Documents and Settings\Barry\Application Data\Mozilla\Firefox\Profiles\05zlbu38.default\extensions -> [2009/11/27 10:23:39 | 000,000,000 | ---D | M]
BitComet Video Downloader   -> C:\Documents and Settings\Barry\Application Data\Mozilla\Firefox\Profiles\05zlbu38.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} -> [2009/10/20 17:11:15 | 000,000,000 | ---D | M]
  -> C:\Documents and Settings\Barry\Application Data\Mozilla\Firefox\Profiles\05zlbu38.default\extensions\staged-xpis -> [2009/11/27 10:23:39 | 000,000,000 | ---D | M]
< FireFox SearchPlugins [User Folders] > -> 
 siteadvisor.xml -> C:\Documents and Settings\Barry\Application Data\Mozilla\Firefox\Profiles\05zlbu38.default\searchplugins\siteadvisor.xml -> [2008/03/18 14:35:01 | 000,002,386 | ---- | M] ()
< FireFox Extensions [Program Folders] > -> 
  -> C:\Program Files\Mozilla Firefox\extensions -> [2010/03/13 17:05:07 | 000,000,000 | ---D | M]
Firefox (default)   -> C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2008/07/08 10:05:59 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} -> [2009/05/18 16:48:45 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} -> [2008/10/29 15:45:44 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} -> [2009/02/25 15:34:57 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -> [2009/04/01 10:36:19 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} -> [2009/08/18 10:33:09 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} -> [2010/03/13 17:05:08 | 000,000,000 | ---D | M]
  -> C:\Program Files\Mozilla Firefox\extensions\[email protected] -> [2008/03/31 22:09:27 | 000,000,000 | ---D | M]
< HOSTS File > ([2001/08/18 08:00:00 | 000,000,734 | ---- | M] - 19 lines) -> C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS -> 
Reset Hosts
127.0.0.1       localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [&Yahoo! Toolbar Helper] -> [2008/07/28 06:47:40 | 000,882,416 | ---- | M] (Yahoo! Inc.)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> Reg Error: Key error. [Adobe PDF Reader Link Helper] -> File not found
{27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> c:\Program Files\McAfee\MSK\mskapbho.dll [McAfee Phishing Filter] -> [2009/01/09 09:22:10 | 000,246,800 | ---- | M] ()
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [HKLM] -> C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll [BitComet Helper] -> [2010/01/28 04:55:08 | 000,671,480 | ---- | M] (BitComet)
{5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> C:\Program Files\McAfee\VirusScan\scriptsn.dll [scriptproxy] -> [2009/03/25 11:05:56 | 000,062,784 | ---- | M] (McAfee, Inc.)
{89044184-F260-4FDD-8FAB-2662814846E5} [HKLM] -> C:\WINDOWS\SYSTEM32\msnwinnet.dll [VPN-OEM Extension] -> [2002/08/29 06:41:00 | 000,794,624 | ---- | M] ()
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/01/22 15:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation)
{B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor BHO] -> [2009/11/23 10:26:38 | 000,204,048 | ---- | M] (McAfee, Inc.)
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} [HKLM] -> C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll [MSN Search Toolbar Helper] -> [2005/06/15 19:02:08 | 000,577,232 | ---- | M] (Microsoft Corporation)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/10/11 04:17:29 | 000,041,760 | ---- | M] (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2009/10/11 04:17:12 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.)
{EF3FA1F1-05F2-4639-92A2-2351228BFB1B} [HKLM] -> C:\WINDOWS\SYSTEM32\assjwug.dll [TChkBHO Class] -> [2001/12/31 20:00:00 | 000,131,072 | ---- | M] ()
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [SingleInstance Class] -> [2008/07/28 06:47:42 | 000,160,496 | ---- | M] (Yahoo! Inc)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" [HKLM] -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor Toolbar] -> [2009/11/23 10:26:38 | 000,204,048 | ---- | M] (McAfee, Inc.)
"{ACB1E670-3217-45C4-A021-6B829A8A27CB}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll [MSN Search Toolbar] -> [2005/06/15 19:02:08 | 000,577,232 | ---- | M] (Microsoft Corporation)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> [2008/07/28 06:47:40 | 000,882,416 | ---- | M] (Yahoo! Inc.)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\] > -> HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\Software\Microsoft\Internet Explorer\Toolbar\ -> 
ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
ShellBrowser\\"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll [MSN Search Toolbar] -> [2005/06/15 19:02:08 | 000,577,232 | ---- | M] (Microsoft Corporation)
WebBrowser\\"{01E04581-4EEE-11D0-BFE9-00AA005B4383}" [HKLM] -> C:\WINDOWS\SYSTEM32\browseui.dll [&Address] -> [2008/04/13 20:11:50 | 001,025,024 | ---- | M] (Microsoft Corporation)
WebBrowser\\"{0E5CBF21-D15F-11D0-8301-00AA005B4383}" [HKLM] -> C:\WINDOWS\SYSTEM32\shell32.dll [&Links] -> [2008/06/17 15:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation)
WebBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll [MSN Search Toolbar] -> [2005/06/15 19:02:08 | 000,577,232 | ---- | M] (Microsoft Corporation)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"AdaptecDirectCD" -> C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe ["C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"] -> [2002/04/10 17:44:04 | 000,679,936 | ---- | M] (Roxio)
"AHQInit" -> C:\Program Files\Creative\SBLive\Program\AHQINIT.EXE [C:\Program Files\Creative\SBLive\Program\AHQInit.exe] -> [2001/03/28 02:00:00 | 000,102,400 | ---- | M] (Creative Technology Ltd)
"Ink Monitor" -> C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe [C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe] -> [2001/12/07 05:48:34 | 000,258,118 | ---- | M] (BillP Studios)
"iTunesHelper" -> C:\Program Files\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2008/02/04 14:18:40 | 000,267,048 | ---- | M] (Apple Inc.)
"KernelFaultCheck" ->  [%systemroot%\system32\dumprep 0 -k] -> File not found
"mcagent_exe" -> C:\Program Files\McAfee.com\Agent\mcagent.exe ["C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey] -> [2009/04/17 18:20:30 | 000,645,328 | ---- | M] (McAfee, Inc.)
"McENUI" -> C:\Program Files\McAfee\MHN\McENUI.exe [C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide] -> [2009/01/09 14:41:12 | 001,176,808 | ---- | M] (McAfee, Inc.)
"Microsoft Works Update Detection" -> C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe] -> [2001/08/16 23:41:58 | 000,028,738 | ---- | M] (Microsoft® Corporation)
"MMTray" -> C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe] -> [2002/10/31 12:57:56 | 000,090,112 | ---- | M] (MUSICMATCH, Inc.)
"NvCplDaemon" -> C:\WINDOWS\System32\NvCpl.DLL [RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup] -> [2003/10/06 14:16:00 | 005,058,560 | ---- | M] (NVIDIA Corporation)
"nwiz" -> C:\WINDOWS\System32\nwiz.exe [nwiz.exe /install] -> [2003/10/06 14:16:00 | 000,741,376 | ---- | M] (NVIDIA Corporation)
"QuickTime Task" -> C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe ["C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime] -> [2009/11/02 13:34:10 | 000,413,696 | ---- | M] (Apple Inc.)
"SunJavaUpdateSched" -> C:\Program Files\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2009/10/11 04:17:36 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.)
"TkBellExe" -> C:\Program Files\MpcStar\Codecs\Real\RCAPlugins\realsched.exe ["C:\Program Files\MpcStar\Codecs\Real\RCAPlugins\realsched.exe"  -osboot] -> File not found
"UpdReg" -> C:\WINDOWS\Updreg.exe [C:\WINDOWS\Updreg.exe] -> [2000/05/11 02:00:00 | 000,090,112 | ---- | M] (Creative Technology Ltd.)
< Run [HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\] > -> HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"ctfmon.exe" -> C:\WINDOWS\SYSTEM32\ctfmon.exe [C:\WINDOWS\system32\ctfmon.exe] -> [2008/04/13 20:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
"YVIBBBHA8C" -> C:\Documents and Settings\Barry\Local Settings\Temp\Bfr.exe [C:\DOCUME~1\Barry\LOCALS~1\Temp\Bfr.exe] -> [2010/04/04 12:01:58 | 000,173,568 | ---- | M] ()
< Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> 
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> [2008/04/23 03:38:16 | 000,029,696 | ---- | M] (Adobe Systems Incorporated)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk -> C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE -> [2001/08/22 22:09:00 | 000,135,680 | ---- | M] (SEIKO EPSON CORPORATION)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk -> C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe -> [2001/08/07 18:06:54 | 000,024,633 | ---- | M] (Microsoft® Corporation)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Norton System Doctor.lnk -> C:\Program Files\Norton Utilities\SYSDOC32.EXE -> [2001/08/10 06:00:00 | 000,024,614 | ---- | M] (Symantec Corporation)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk -> C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-ca\bin\WindowsSearch.exe -> [2005/09/20 17:10:04 | 000,238,080 | ---- | M] (Microsoft Corporation)
< Barry Startup Folder > -> C:\Documents and Settings\Barry\Start Menu\Programs\Startup -> 
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> 
< Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup -> 
< Software Policy Settings [HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006] > -> HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [227] -> File not found
\\"NoDrives" ->  [0] -> File not found
\\"NoDriveAutoRun" ->  [67108863] -> File not found
\\"HonorAutoRunSetting" ->  [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" ->  [0] -> File not found
\\"legalnoticecaption" ->  [] -> File not found
\\"legalnoticetext" ->  [] -> File not found
\\"shutdownwithoutlogon" ->  [1] -> File not found
\\"undockwithoutlogon" ->  [1] -> File not found
\\"DisableRegistryTools" ->  [0] -> File not found
\\"HideLegacyLogonScripts" ->  [0] -> File not found
\\"HideLogoffScripts" ->  [0] -> File not found
\\"RunLogonScriptSync" ->  [1] -> File not found
\\"RunStartupScriptSync" ->  [0] -> File not found
\\"HideStartupScripts" ->  [0] -> File not found
\\"EnableLUA" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"CDRAutoRun" ->  [0] -> File not found
\\"NoDriveTypeAutoRun" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"CDRAutoRun" ->  [0] -> File not found
\\"NoDriveTypeAutoRun" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006] > -> HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"" ->  [] -> File not found
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006] > -> HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"HideLegacyLogonScripts" ->  [0] -> File not found
\\"HideLogoffScripts" ->  [0] -> File not found
\\"HideStartupScripts" ->  [0] -> File not found
\\"RunLogonScriptSync" ->  [1] -> File not found
\\"RunStartupScriptSync" ->  [0] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> 
E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000] -> [2010/01/06 10:06:24 | 010,352,976 | ---- | M] (Microsoft Corporation)
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> 
E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000] -> [2010/01/06 10:06:24 | 010,352,976 | ---- | M] (Microsoft Corporation)
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\] > -> HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\Software\Microsoft\Internet Explorer\MenuExt\ -> 
&MSN Search -> C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll [res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll/search.htm] -> [2005/06/15 19:02:08 | 000,577,232 | ---- | M] (Microsoft Corporation)
E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000] -> [2010/01/06 10:06:24 | 010,352,976 | ---- | M] (Microsoft Corporation)
Open in new background tab -> C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-ca\msntabres.dll [res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-ca\msntabres.dll/229?7313fd9b99c4d1da9203beb7e3ee65b] -> [2005/09/20 18:17:18 | 000,131,072 | ---- | M] (Microsoft Corporation)
Open in new foreground tab -> C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-ca\msntabres.dll [res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-ca\msntabres.dll/230?7313fd9b99c4d1da9203beb7e3ee65b] -> [2005/09/20 18:17:18 | 000,131,072 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2007/04/19 14:10:18 | 000,063,840 | ---- | M] (Microsoft Corporation)
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}:{FE54FA40-D68C-11d2-98FA-00C0F0318AFE} [HKLM] -> C:\WINDOWS\SYSTEM32\shdocvw.dll [Button: Real.com] -> [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}:res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll/206 [HKLM] -> C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll [Button: BitComet] -> [2010/01/28 04:55:08 | 000,671,480 | ---- | M] (BitComet)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 20:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 20:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\WINDOWS\SYSTEM32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 000,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{39FD89BF-D3F1-45b6-BB56-3582CCF489E1}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] -> C:\WINDOWS\SYSTEM32\shdocvw.dll [Real.com] -> [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{E023F504-0C5A-4750-A1E7-A9046DEA8A21}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 20:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\WINDOWS\SYSTEM32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 000,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{39FD89BF-D3F1-45b6-BB56-3582CCF489E1}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] -> C:\WINDOWS\SYSTEM32\shdocvw.dll [Real.com] -> [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{E023F504-0C5A-4750-A1E7-A9046DEA8A21}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 20:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\] > -> HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\WINDOWS\SYSTEM32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 000,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{39FD89BF-D3F1-45b6-BB56-3582CCF489E1}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] -> C:\WINDOWS\SYSTEM32\shdocvw.dll [Real.com] -> [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{E023F504-0C5A-4750-A1E7-A9046DEA8A21}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 20:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\] > -> HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4942 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\] > -> HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{00000075-9980-0010-8000-00AA00389B71} [HKLM] -> http://codecs.microsoft.com/codecs/i386/voxacm.CAB [Reg Error: Key error.] -> 
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} [HKLM] -> http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab [Reg Error: Key error.] -> 
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} [HKLM] -> http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab [MSN Photo Upload Tool] -> 
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212612801343 [MUWebControl Class] -> 
{8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab [Facebook Photo Uploader 5 Control] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] -> 
{9F1C11AA-197B-4942-BA54-47A8489BB47F} [HKLM] -> http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37558.4998726852 [Reg Error: Key error.] -> 
{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.4.1/jinstall-1_4_1-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> 
{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} [HKLM] ->  [Reg Error: Value error.] -> 
Microsoft XML Parser for Java [HKLM] -> file://C:\WINDOWS\Java\classes\xmldso.cab [Reg Error: Key error.] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 24.222.0.94 24.222.0.95 -> 
NameServer -> 93.188.164.100,93.188.161.155 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{ECA8E80D-29C3-41B9-A9E5-2A8073B3D609}\\DhcpNameServer -> 24.222.0.94 24.222.0.95   (Linksys Wireless-G PCI Adapter) -> 
{ECA8E80D-29C3-41B9-A9E5-2A8073B3D609}\\NameServer -> 93.188.164.100,93.188.161.155   (Linksys Wireless-G PCI Adapter) -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\WINDOWS\system32\userinit.exe -> C:\WINDOWS\SYSTEM32\userinit.exe -> [2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> 
logonui.exe -> C:\WINDOWS\System32\logonui.exe -> [2008/04/13 20:12:24 | 000,514,560 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
rundll32 shell32 -> C:\WINDOWS\System32\shell32.dll -> [2008/06/17 15:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation)
Control_RunDLL "sysdm.cpl" -> C:\WINDOWS\System32\sysdm.cpl -> [2008/04/13 20:12:41 | 000,300,544 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
crypt32chain -> C:\WINDOWS\System32\crypt32.dll -> [2008/04/13 20:11:51 | 000,599,040 | ---- | M] (Microsoft Corporation)
cryptnet -> C:\WINDOWS\System32\cryptnet.dll -> [2008/04/13 20:11:51 | 000,064,512 | ---- | M] (Microsoft Corporation)
cscdll -> C:\WINDOWS\System32\cscdll.dll -> [2008/04/13 20:11:51 | 000,101,888 | ---- | M] (Microsoft Corporation)
dimsntfy -> C:\WINDOWS\SYSTEM32\dimsntfy.dll -> [2008/04/13 20:11:52 | 000,019,456 | ---- | M] (Microsoft Corporation)
ScCertProp -> C:\WINDOWS\System32\wlnotify.dll -> [2008/04/13 20:12:09 | 000,092,672 | ---- | M] (Microsoft Corporation)
Schedule -> C:\WINDOWS\System32\wlnotify.dll -> [2008/04/13 20:12:09 | 000,092,672 | ---- | M] (Microsoft Corporation)
sclgntfy -> C:\WINDOWS\System32\sclgntfy.dll -> [2008/04/13 20:12:05 | 000,020,480 | ---- | M] (Microsoft Corporation)
SensLogn -> C:\WINDOWS\System32\wlnotify.dll -> [2008/04/13 20:12:09 | 000,092,672 | ---- | M] (Microsoft Corporation)
termsrv -> C:\WINDOWS\System32\wlnotify.dll -> [2008/04/13 20:12:09 | 000,092,672 | ---- | M] (Microsoft Corporation)
WgaLogon -> C:\WINDOWS\System32\WgaLogon.dll -> [2007/02/15 18:00:26 | 000,236,928 | ---- | M] (Microsoft Corporation)
wlballoon -> C:\WINDOWS\System32\wlnotify.dll -> [2008/04/13 20:12:09 | 000,092,672 | ---- | M] (Microsoft Corporation)
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> 
"{fbeb8a05-beee-4442-804e-409d6c4515e9}" [HKLM] -> C:\WINDOWS\SYSTEM32\shell32.dll [CDBurn] -> [2008/06/17 15:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation)
"{7849596a-48ea-486e-8937-a2a3009f31a9}" [HKLM] -> C:\WINDOWS\SYSTEM32\shell32.dll [PostBootReminder] -> [2008/06/17 15:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation)
"{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKLM] -> C:\WINDOWS\SYSTEM32\stobject.dll [SysTray] -> [2008/04/13 20:12:07 | 000,121,856 | ---- | M] (Microsoft Corporation)
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> C:\WINDOWS\SYSTEM32\webcheck.dll [WebCheck] -> [2010/03/11 08:38:54 | 000,233,472 | ---- | M] (Microsoft Corporation)
"{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKLM] -> C:\WINDOWS\SYSTEM32\WPDShServiceObj.dll [WPDShServiceObj] -> [2006/10/18 21:47:22 | 000,133,632 | ---- | M] (Microsoft Corporation)
< SharedTaskScheduler [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler -> 
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}" [HKLM] -> C:\WINDOWS\SYSTEM32\browseui.dll [Browseui preloader] -> [2008/04/13 20:11:50 | 001,025,024 | ---- | M] (Microsoft Corporation)
"{8C7461EF-2B13-11d2-BE35-3078302C2030}" [HKLM] -> C:\WINDOWS\SYSTEM32\browseui.dll [Component Categories cache daemon] -> [2008/04/13 20:11:50 | 001,025,024 | ---- | M] (Microsoft Corporation)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}" [HKLM] -> C:\WINDOWS\System32\shell32.dll [] -> [2008/06/17 15:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation)
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
*SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
msapsspc.dll -> C:\WINDOWS\System32\msapsspc.dll -> [2008/04/13 20:11:58 | 000,086,016 | ---- | M] (Microsoft Corporation)
schannel.dll -> C:\WINDOWS\System32\schannel.dll -> [2009/06/25 04:25:26 | 000,147,456 | ---- | M] (Microsoft Corporation)
digest.dll -> C:\WINDOWS\System32\digest.dll -> [2008/04/13 20:11:52 | 000,068,608 | ---- | M] (Microsoft Corporation)
msnsspc.dll -> C:\WINDOWS\System32\msnsspc.dll -> [2008/04/13 20:12:00 | 000,290,816 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 
*LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 
msv1_0 -> C:\WINDOWS\System32\msv1_0.dll -> [2009/09/11 10:18:39 | 000,136,192 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 
*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 
kerberos -> C:\WINDOWS\System32\kerberos.dll -> [2009/06/25 04:25:26 | 000,301,568 | ---- | M] (Microsoft Corporation)
msv1_0 -> C:\WINDOWS\System32\msv1_0.dll -> [2009/09/11 10:18:39 | 000,136,192 | ---- | M] (Microsoft Corporation)
schannel -> C:\WINDOWS\System32\schannel.dll -> [2009/06/25 04:25:26 | 000,147,456 | ---- | M] (Microsoft Corporation)
wdigest -> C:\WINDOWS\System32\wdigest.dll -> [2009/06/25 04:25:26 | 000,054,272 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 14:53:32 | 000,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\SYSTEM32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 20:12:34 | 000,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2009/02/06 18:51:28 | 003,885,408 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" -> C:\Program Files\Windows Live\Messenger\wlcsdk.exe [C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call] -> [2009/02/06 18:21:00 | 000,583,024 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 14:53:32 | 000,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\SYSTEM32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 20:12:34 | 000,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" -> C:\Program Files\BearShare Applications\BearShare\BearShare.exe [C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare] -> [2010/01/12 05:24:32 | 017,758,136 | ---- | M] (MusicLab, LLC)
"C:\Program Files\BitComet\BitComet.exe" -> C:\Program Files\BitComet\BitComet.exe [C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe] -> [2010/02/21 06:11:24 | 002,969,336 | ---- | M] (www.BitComet.com)
"C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> [2007/07/24 15:17:08 | 000,229,376 | ---- | M] (Apple Inc.)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" -> C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe [C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent] -> [2009/01/09 11:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.)
"C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2008/02/04 14:18:34 | 019,926,824 | ---- | M] (Apple Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2008/09/18 14:50:21 | 000,147,456 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\Messenger\msmsgs.exe" -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> [2008/04/13 20:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2009/02/06 18:51:28 | 003,885,408 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" -> C:\Program Files\Windows Live\Messenger\wlcsdk.exe [C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call] -> [2009/02/06 18:21:00 | 000,583,024 | ---- | M] (Microsoft Corporation)
"C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\SAGENT4.EXE" -> C:\WINDOWS\System32\SPOOL\DRIVERS\W32X86\3\SAGENT4.EXE [C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\SAGENT4.EXE:*:Enabled:SAgent4] -> [2004/04/30 01:07:00 | 000,122,880 | ---- | M] (SEIKO EPSON CORPORATION)
"C:\WINDOWS\SYSTEM32\spoolsv.exe" -> C:\WINDOWS\System32\spoolsv.exe [C:\WINDOWS\SYSTEM32\spoolsv.exe:*:Enabled:spoolsv.exe] -> [2008/04/13 20:12:36 | 000,057,856 | ---- | M] (Microsoft Corporation)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
"AlternateShell" -> cmd.exe -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" ->  [System32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  -> 
C:\AUTOEXEC.001 [] -> C:\AUTOEXEC.001 [ NTFS ] -> [2001/08/31 11:50:52 | 000,000,000 | ---- | M] ()
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2004/03/30 13:12:32 | 000,000,000 | ---- | M] ()
Z:\Autograph Virtual Keyboard.exe [MZ | ] -> Z:\Autograph Virtual Keyboard.exe [ NTFS ] -> [2007/10/24 08:50:40 | 000,034,816 | ---- | M] (Eastmond Publishing Ltd.)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
\{3d60b472-7e58-11db-b929-0007e90755ca}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d60b472-7e58-11db-b929-0007e90755ca}\Shell
\{3d60b472-7e58-11db-b929-0007e90755ca}\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d60b472-7e58-11db-b929-0007e90755ca}\Shell\AutoRun
\{3d60b472-7e58-11db-b929-0007e90755ca}\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d60b472-7e58-11db-b929-0007e90755ca}\Shell\AutoRun\command
\{3d60b472-7e58-11db-b929-0007e90755ca}\Shell\AutoRun\command\\"" -> G:\LaunchU3.exe [G:\LaunchU3.exe] -> File not found
\{638ef06e-a019-11db-b937-0007e90755ca}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{638ef06e-a019-11db-b937-0007e90755ca}\Shell
\{638ef06e-a019-11db-b937-0007e90755ca}\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{638ef06e-a019-11db-b937-0007e90755ca}\Shell\AutoRun
\{638ef06e-a019-11db-b937-0007e90755ca}\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{638ef06e-a019-11db-b937-0007e90755ca}\Shell\AutoRun\command
\{638ef06e-a019-11db-b937-0007e90755ca}\Shell\AutoRun\command\\"" -> G:\LaunchU3.exe [G:\LaunchU3.exe -a] -> File not found
\{638ef070-a019-11db-b937-0007e90755ca}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{638ef070-a019-11db-b937-0007e90755ca}\Shell
\{638ef070-a019-11db-b937-0007e90755ca}\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{638ef070-a019-11db-b937-0007e90755ca}\Shell\AutoRun
\{638ef070-a019-11db-b937-0007e90755ca}\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{638ef070-a019-11db-b937-0007e90755ca}\Shell\AutoRun\command
\{638ef070-a019-11db-b937-0007e90755ca}\Shell\AutoRun\command\\"" -> G:\LaunchU3.exe [G:\LaunchU3.exe -a] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\SOFTWARE\Classes\<extension>\ -> 
.com [@ = ComFile] -> Reg Error: Key error. -> File not found
.exe [@ = exefile] -> Reg Error: Key error. -> File not found
 
[Registry - Additional Scans - Safe List]
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ -> 
0 -> [Key] -> 
0 -> FriendlyName = My Current Home Page -> 
0 -> Source = About:Home -> 
0 -> SubscribedURL = About:Home -> 
< Desktop WallPaper > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General -> 
WallPaper -> C:\Documents and Settings\Barry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp -> 
BackupWallPaper -> C:\Documents and Settings\Barry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp -> 
< Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> 
"bootini" -> 0 -> 
"services" -> 0 -> 
"startup" -> 0 -> 
"system.ini" -> 0 -> 
"win.ini" -> 0 -> 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
6to4 ->  -> File not found
Ias -> C:\WINDOWS\SYSTEM32\IAS -> [2002/09/10 21:06:16 | 000,000,000 | ---D | M]
Iprip ->  -> File not found
Irmon ->  -> File not found
NWCWorkstation ->  -> File not found
Nwsapagent ->  -> File not found
Wmi -> C:\WINDOWS\SYSTEM32\wmi.dll -> [2008/04/13 20:11:15 | 000,005,632 | ---- | M] (Microsoft Corporation)
WmdmPmSp ->  -> File not found
Ip6FwHlp ->  -> File not found
*MultiFile Done* -> -> 
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
batfile [open] -> "%1" %* -> 
cmdfile [open] -> "%1" %* -> 
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
htmlfile [edit] -> "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 -> [2007/04/19 14:07:38 | 000,061,280 | ---- | M] (Microsoft Corporation)
htmlfile [print] -> "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 -> [2007/04/19 14:07:38 | 000,061,280 | ---- | M] (Microsoft Corporation)
piffile [open] -> "%1" %* -> 
scrfile [config] -> "%1" -> 
scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2008/04/13 20:12:41 | 000,135,168 | ---- | M] (Microsoft Corporation)
scrfile [open] -> "%1" /S -> 
Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> 
Directory [find] -> %SystemRoot%\Explorer.exe -> [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
Drive [find] -> %SystemRoot%\Explorer.exe -> [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
{01001202-823E-46CD-A70E-BEE818F97169} -> Microsoft Encarta Encyclopedia Standard 2002
{01A4AEDE-F219-49A2-B855-16A016EAF9A4} -> Intel(R) PROSet II
{02DFB3FD-CF52-4183-8BCA-2A127D4888F4} -> iTunes
{089759B6-8B18-4AE5-9350-E132E0C22C01} -> Simply Accounting by Sage 2007
{0AAA9C97-74D4-47CE-B089-0B147EF3553C} -> Windows Live Messenger
{11F1920A-56A2-4642-B6E0-3B31A12C9288} -> Dell Solution Center
{151C555A-A9E7-4A2E-B6D7-165D04A3C956} -> Dell Picture Studio - Dell Image Expert
{17A7779A-D23F-11D3-8753-0050BABE1202} -> Microtek ScanWizard
{1D243F00-1389-4C63-A7E9-B17E967D1901} -> WebEx Record and Playback
{205C6BDD-7B73-42DE-8505-9A093F35A238} -> Windows Live Upload Tool
{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT
{26A24AE4-039D-4CA4-87B4-2F83216012FF} -> Java(TM) 6 Update 17
{3248F0A8-6813-11D6-A77B-00B0D0160030} -> Java(TM) 6 Update 3
{338F08AB-C262-42C7-B000-34DE1A475273} -> Ad-Aware Email Scanner for Outlook
{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{381EA1A3-3C6D-4927-B8ED-10CFD03CCE09} -> Epi Info
{39B82ED4-D8AE-11D7-A9ED-00B0D0627A8E} -> Simply Accounting 2004 Basic
{3B4E636E-9D65-4D67-BA61-189800823F52} -> Windows Live Communications Platform
{415C995A-F745-11D6-A9AD-00B0D0627A8E} -> Simply Accounting 2003 Basic
{43DCF766-6838-4F9A-8C91-D92DA586DFA7} -> Microsoft Windows Journal Viewer
{45338B07-A236-4270-9A77-EBB4115517B5} -> Windows Live Sign-in Assistant
{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3} -> Bonjour
{4ADC0BF7-B965-11D8-AA51-00B0D0627A8E} -> Simply Accounting 2005 Basic
{4DDC3BED-CC68-44AA-B435-D727B620CA5B} -> Linksys Wireless-G PCI Adapter
{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} -> Junk Mail filter update
{51A79BE3-6AF4-4405-AC9A-E5F74FE20299} -> Simply Accounting by Sage 2007
{609F7AC8-C510-11D4-A788-009027ABA5D0} -> Easy CD Creator 5 Basic
{625BD732-ACDF-4552-BF22-98EBB413B6F3} -> McAfee Shredder
{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} -> Windows Genuine Advantage v1.3.0254.0
{63C1109E-D977-49ED-BCE3-D00D0BF187D6} -> Windows Live Mail
{6774F0CF-C7DD-4CB4-BCB2-11C3E08BBA03} -> McAfee Shredder
{6811CAA0-BF12-11D4-9EA1-0050BAE317E1} -> PowerDVD
{87642C51-790C-4698-8A5F-40DA19B8738A} -> Epi Info
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} -> Choice Guard
{90110409-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Professional Edition 2003
{90120000-0020-0409-0000-0000000FF1CE} -> Compatibility Pack for the 2007 Office system
{90D55A3F-1D99-4C94-A77E-46DC14F0BF08} -> Help and Support Customization
{95120000-00B9-0409-0000-0000000FF1CE} -> Microsoft Application Error Reporting
{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} -> Segoe UI
{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} -> Microsoft .NET Framework 3.0 Service Pack 2
{AC76BA86-7AD7-1033-7B44-A71000000002} -> Adobe Reader 7.1.0
{AC76BA86-7AD7-5760-0000-705000000001} -> Adobe Reader Japanese Fonts
{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} -> Apple Software Update
{BAF78226-3200-4DB4-BE33-4D922A799840} -> Windows Presentation Foundation
{BCA47D24-273B-47B6-99CF-C4CFD1F3EFED} -> Stata 9
{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387} -> Works Synchronization
{BFD96B89-B769-4CD6-B11E-E79FFD46F067} -> QuickTime
{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} -> Microsoft .NET Framework 2.0 Service Pack 2
{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7} -> WebEx Support Manager for Internet Explorer
{C3A439E4-7303-491F-A678-CEA36A87D517} -> Microsoft Works Suite Add-in for Microsoft Word
{C6CA8874-5F22-4AF0-9BE3-016BF299C536} -> Windows Live Essentials
{C769A271-7E1C-48F9-B331-474600DD4C06} -> Microsoft Picture It! Photo 2002
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1
{CD0159C9-17FB-11D6-A76A-00B0D079AF64} -> Java 2 Runtime Environment, SE v1.4.1
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1
{D271DAE0-8D68-4C97-8356-A126D48A1D8C} -> Ulead Photo Explorer 8.0 Trial
{D6DE02C7-1F47-11D4-9515-00105AE4B89A} -> Paint Shop Pro 7
{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4} -> Apple Mobile Device Support
{DC19E750-988B-4005-A355-85EF66055EFE} -> Works Suite OS Pack
{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} -> Ad-Aware
{F003AEAB-22DD-4E69-B9F3-F7F1063D4618} -> Epi Info
{F0797160-7E41-4CF2-A47B-497F5DFFC187} -> MSN Search Toolbar
{F333A33D-125C-32A2-8DCE-5C5D14231E27} -> Visual C++ 2008 x86 Runtime - (v9.0.30729)
{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 -> Visual C++ 2008 x86 Runtime - v9.0.30729.01
{F6BD194C-4190-4D73-B1B1-C48C99921BFE} -> Windows Live Call
{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} -> HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Ad-Aware -> Ad-Aware
Adobe Acrobat 5.0 -> Adobe Acrobat 5.0
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
Amazon MP3 Downloader -> Amazon MP3 Downloader 1.0.3
BearShare -> BearShare
BitComet -> BitComet 1.19
CCleaner -> CCleaner (remove only)
DivX Codec -> DivX 5.0.3 Pro Bundle
ebateswebsavings0.xml -> Web Savings from Ebates
EPSON Printer and Utilities -> EPSON Printer Software
ES C80 Guide -> ES C80 Guide
HijackThis -> HijackThis 2.0.2
IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs
ie7 -> Windows Internet Explorer 7
Ink Monitor -> Ink Monitor
Java Web Start -> Java Web Start
LiveReg -> LiveReg (Symantec Corporation)
LiveUpdate -> LiveUpdate 1.80 (Symantec Corporation)
Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware
McAfee Uninstall Utility -> McAfee Uninstall Wizard
Microsoft .NET Framework 1.1  (1033) -> Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1
Microtek ScanWizard V2.43 -> Microtek ScanWizard V2.43
Mozilla Firefox (2.0.0.15) -> Mozilla Firefox (2.0.0.15)
MpcStar -> MpcStar 4.1
MSC -> McAfee SecurityCenter
MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP
MSN Music Assistant -> MSN Music Assistant
MUSICMATCH Jukebox -> MUSICMATCH Jukebox
NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs
Norton Speed Disk -> Norton Speed Disk 6.0 for Windows NT
Norton Utilities -> Norton Utilities 2002 for Windows
NVIDIA -> NVIDIA Windows 2000/XP Display Drivers
NVIDIA Display Driver -> NVIDIA Display Driver
PokerStars -> PokerStars
PROSet -> Intel(R) PRO Network Adapters and Drivers
RealPlayer 6.0 -> RealPlayer
Registry Mechanic_is1 -> Registry Mechanic 5.0
Shockwave -> Shockwave
Sound Blaster Live! Value -> Sound Blaster Live! Value
SpywareBlaster_is1 -> SpywareBlaster 4.3
ToolBook 8.0 Runtime -> ToolBook 8.0 Runtime
TraxTime -> TraxTime
ViewpointMediaPlayer -> Viewpoint Media Player (Remove Only)
WIC -> Windows Imaging Component
Windows Media Format Runtime -> Windows Media Format 11 runtime
Windows Media Player -> Windows Media Player 11
Windows XP Service Pack -> Windows XP Service Pack 3
WinLiveSuite_Wave3 -> Windows Live Essentials
WinRAR archiver -> WinRAR archiver
WMFDist11 -> Windows Media Format 11 runtime
wmp11 -> Windows Media Player 11
Works2002Setup -> Microsoft Works 2002 Setup Launcher
Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0
XpsEPSC -> XML Paper Specification Shared Components Pack 1.0
Yahoo! Companion -> Yahoo! Toolbar
yEnc32 -> yEnc32 (remove only)
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 4/25/2010 9:58:07 PM Computer Name = OFFICE | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 4/25/2010 9:58:07 PM Computer Name = OFFICE | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 4/25/2010 9:58:37 PM Computer Name = OFFICE | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 4/25/2010 9:58:37 PM Computer Name = OFFICE | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 4/25/2010 9:59:37 PM Computer Name = OFFICE | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 4/25/2010 9:59:37 PM Computer Name = OFFICE | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 4/25/2010 10:01:28 PM Computer Name = OFFICE | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 4/25/2010 10:01:28 PM Computer Name = OFFICE | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 4/25/2010 10:01:37 PM Computer Name = OFFICE | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
Application [ Error ] 4/25/2010 10:01:37 PM Computer Name = OFFICE | Source = crypt32 | ID = 131080 -> Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.  
System [ Error ] 4/18/2010 10:29:56 PM Computer Name = OFFICE | Source = BROWSER | ID = 8032 -> Description = The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{ECA8E80D-29C3-41B9-A9E5-2A8073B3D609}.  The backup browser is stopping.
System [ Error ] 4/19/2010 3:00:08 AM Computer Name = OFFICE | Source = Windows Update Agent | ID = 16 -> Description = Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
System [ Error ] 4/19/2010 9:13:22 PM Computer Name = OFFICE | Source = BROWSER | ID = 8032 -> Description = The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{ECA8E80D-29C3-41B9-A9E5-2A8073B3D609}.  The backup browser is stopping.
System [ Error ] 4/20/2010 6:40:33 AM Computer Name = OFFICE | Source = DCOM | ID = 10010 -> Description = The server {601AC3DC-786A-4EB0-BF40-EE3521E70BFB} did not register with DCOM within the required timeout.
System [ Error ] 4/21/2010 7:51:27 AM Computer Name = OFFICE | Source = Windows Update Agent | ID = 16 -> Description = Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
System [ Error ] 4/21/2010 8:27:00 AM Computer Name = OFFICE | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1053" attempting to start the service iPod Service with arguments ""  in order to run the server:  {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
System [ Error ] 4/23/2010 7:51:28 AM Computer Name = OFFICE | Source = Windows Update Agent | ID = 16 -> Description = Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
System [ Error ] 4/24/2010 8:21:09 AM Computer Name = OFFICE | Source = BROWSER | ID = 8032 -> Description = The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{ECA8E80D-29C3-41B9-A9E5-2A8073B3D609}.  The backup browser is stopping.
System [ Error ] 4/25/2010 7:51:29 AM Computer Name = OFFICE | Source = Windows Update Agent | ID = 16 -> Description = Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
System [ Error ] 4/25/2010 7:34:17 PM Computer Name = OFFICE | Source = BROWSER | ID = 8032 -> Description = The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{ECA8E80D-29C3-41B9-A9E5-2A8073B3D609}.  The backup browser is stopping.
 
[Files/Folders - Created Within 30 Days]
 OTS.exe -> C:\Documents and Settings\Barry\Desktop\OTS.exe -> [2010/04/25 22:28:13 | 000,639,488 | ---- | C] (OldTimer Tools)
 Adobe -> C:\Documents and Settings\LocalService\Application Data\Adobe -> [2010/04/20 22:28:54 | 000,000,000 | ---D | C]
 F003AEAB22DD4E69B9F3F7F1063D4618.TMP -> C:\WINDOWS\F003AEAB22DD4E69B9F3F7F1063D4618.TMP -> [2010/04/20 21:16:53 | 000,000,000 | ---D | C]
 mfeavfk.sys -> C:\WINDOWS\System32\drivers\mfeavfk.sys -> [2010/04/19 21:36:46 | 000,079,880 | ---- | C] (McAfee, Inc.)
 mfesmfk.sys -> C:\WINDOWS\System32\drivers\mfesmfk.sys -> [2010/04/19 21:36:46 | 000,040,552 | ---- | C] (McAfee, Inc.)
 mfebopk.sys -> C:\WINDOWS\System32\drivers\mfebopk.sys -> [2010/04/19 21:36:46 | 000,035,272 | ---- | C] (McAfee, Inc.)
 Mpfp.sys -> C:\WINDOWS\System32\drivers\Mpfp.sys -> [2010/04/19 21:36:36 | 000,120,136 | ---- | C] (McAfee, Inc.)
 McAfee -> C:\Program Files\Common Files\McAfee -> [2010/04/19 21:34:59 | 000,000,000 | ---D | C]
 mferkdk.sys -> C:\WINDOWS\System32\drivers\mferkdk.sys -> [2010/04/19 21:32:31 | 000,034,216 | ---- | C] (McAfee, Inc.)
 TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2010/04/18 23:12:39 | 000,000,000 | ---D | C]
 SpywareBlaster -> C:\Program Files\SpywareBlaster -> [2010/04/18 23:12:32 | 000,000,000 | ---D | C]
 Recent -> C:\Documents and Settings\Barry\Recent -> [2010/04/18 22:59:59 | 000,000,000 | RH-D | C]
 Lbd.sys -> C:\WINDOWS\System32\drivers\Lbd.sys -> [2010/04/17 00:03:34 | 000,064,288 | ---- | C] (Lavasoft AB)
 {74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} -> C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} -> [2010/04/16 11:22:22 | 000,000,000 | -H-D | C]
 SxsCaPendDel -> C:\WINDOWS\SxsCaPendDel -> [2010/04/15 10:53:11 | 000,000,000 | ---D | C]
 Simply -> C:\Documents and Settings\Barry\My Documents\Simply -> [2010/04/07 09:19:03 | 000,000,000 | ---D | C]
 a3d.dll -> C:\WINDOWS\System32\a3d.dll -> [2002/09/10 21:36:50 | 000,059,392 | ---- | C] ( )
 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
 1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> 
 
[Files/Folders - Modified Within 30 Days]
 User_Feed_Synchronization-{F9A76691-5EEA-444E-84AE-80568A4644A9}.job -> C:\WINDOWS\tasks\User_Feed_Synchronization-{F9A76691-5EEA-444E-84AE-80568A4644A9}.job -> [2010/04/25 22:55:00 | 000,000,422 | -H-- | M] ()
 Symantec NetDetect.job -> C:\WINDOWS\tasks\Symantec NetDetect.job -> [2010/04/25 22:53:00 | 000,000,412 | ---- | M] ()
 {66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job -> C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job -> [2010/04/25 22:39:00 | 000,000,282 | -H-- | M] ()
 OTS.exe -> C:\Documents and Settings\Barry\Desktop\OTS.exe -> [2010/04/25 22:28:31 | 000,639,488 | ---- | M] (OldTimer Tools)
 {35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job -> C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job -> [2010/04/25 22:25:00 | 000,000,246 | -H-- | M] ()
 WPA.DBL -> C:\WINDOWS\System32\WPA.DBL -> [2010/04/25 20:20:08 | 000,001,170 | ---- | M] ()
 Config.MPF -> C:\WINDOWS\System32\Config.MPF -> [2010/04/25 19:30:06 | 000,010,441 | ---- | M] ()
 Ad-Aware Update (Weekly).job -> C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job -> [2010/04/25 19:19:44 | 000,000,472 | ---- | M] ()
 SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/04/25 19:15:13 | 000,000,006 | -H-- | M] ()
 BOOTSTAT.DAT -> C:\WINDOWS\BOOTSTAT.DAT -> [2010/04/25 19:14:37 | 000,002,048 | --S- | M] ()
 hiberfil.sys -> C:\hiberfil.sys -> [2010/04/25 19:14:28 | 804,114,432 | -HS- | M] ()
 ntuser.dat -> C:\Documents and Settings\Barry\ntuser.dat -> [2010/04/25 19:12:52 | 008,912,896 | ---- | M] ()
 NTUSER.INI -> C:\Documents and Settings\Barry\NTUSER.INI -> [2010/04/25 19:12:52 | 000,000,278 | -HS- | M] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Barry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/04/25 19:01:21 | 000,154,112 | ---- | M] ()
 truro_apr22_2010.doc -> C:\Documents and Settings\Barry\My Documents\truro_apr22_2010.doc -> [2010/04/22 18:02:59 | 000,025,088 | ---- | M] ()
 Microsoft Office Word 2003.lnk -> C:\Documents and Settings\Barry\Desktop\Microsoft Office Word 2003.lnk -> [2010/04/21 10:38:21 | 000,002,497 | ---- | M] ()
 WIN.INI -> C:\WINDOWS\WIN.INI -> [2010/04/21 08:56:08 | 000,000,889 | ---- | M] ()
 AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2010/04/20 11:31:00 | 000,000,284 | ---- | M] ()
 d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2010/04/20 07:06:03 | 000,000,664 | ---- | M] ()
 McAfee Security Center.lnk -> C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk -> [2010/04/19 21:48:23 | 000,000,671 | ---- | M] ()
 McDefragTask.job -> C:\WINDOWS\tasks\McDefragTask.job -> [2010/04/19 21:35:29 | 000,000,340 | ---- | M] ()
 McQcTask.job -> C:\WINDOWS\tasks\McQcTask.job -> [2010/04/19 21:35:24 | 000,000,332 | ---- | M] ()
 SpywareBlaster.lnk -> C:\Documents and Settings\Barry\Desktop\SpywareBlaster.lnk -> [2010/04/18 23:12:34 | 000,000,690 | ---- | M] ()
 tmp.reg -> C:\WINDOWS\System32\tmp.reg -> [2010/04/18 22:31:54 | 000,003,404 | ---- | M] ()
 dads edit of Mom's_suggestions_to_Research_Paper[1].docx -> C:\Documents and Settings\Barry\My Documents\dads edit of Mom's_suggestions_to_Research_Paper[1].docx -> [2010/04/18 21:02:38 | 000,025,325 | ---- | M] ()
 Ulead32.ini -> C:\WINDOWS\Ulead32.ini -> [2010/04/18 18:44:17 | 000,000,889 | ---- | M] ()
 Shortcut to a1aplaylist.lnk -> C:\Documents and Settings\Barry\Desktop\Shortcut to a1aplaylist.lnk -> [2010/04/17 16:50:59 | 000,000,347 | ---- | M] ()
 Ad-Aware.lnk -> C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk -> [2010/04/16 11:22:14 | 000,000,867 | ---- | M] ()
 dilbert2010apr.doc -> C:\Documents and Settings\Barry\My Documents\dilbert2010apr.doc -> [2010/04/07 13:49:45 | 000,612,352 | ---- | M] ()
 ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2010/04/07 09:44:55 | 000,001,099 | ---- | M] ()
 truro_apr7_2010.doc -> C:\Documents and Settings\Barry\My Documents\truro_apr7_2010.doc -> [2010/04/07 08:34:19 | 000,025,088 | ---- | M] ()
 Bwidya.exe -> C:\WINDOWS\Bwidya.exe -> [2010/04/04 12:01:53 | 000,179,712 | ---- | M] ()
 Membership Application 2010 (1).xls -> C:\Documents and Settings\Barry\My Documents\Membership Application 2010 (1).xls -> [2010/04/02 14:42:41 | 000,034,816 | ---- | M] ()
 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
 20 C:\Documents and Settings\Barry\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Barry\Local Settings\Temp\*.tmp -> 
 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
 1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> 
 
[Files - No Company Name]
 fw20.vxd -> C:\WINDOWS\fw20.vxd -> [2066/11/26 14:12:24 | 000,079,947 | ---- | C] ()
 truro_apr22_2010.doc -> C:\Documents and Settings\Barry\My Documents\truro_apr22_2010.doc -> [2010/04/22 17:24:05 | 000,025,088 | ---- | C] ()
 Config.MPF -> C:\WINDOWS\System32\Config.MPF -> [2010/04/19 21:48:49 | 000,010,441 | ---- | C] ()
 McAfee Security Center.lnk -> C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk -> [2010/04/19 21:48:23 | 000,000,671 | ---- | C] ()
 McDefragTask.job -> C:\WINDOWS\tasks\McDefragTask.job -> [2010/04/19 21:35:25 | 000,000,340 | ---- | C] ()
 McQcTask.job -> C:\WINDOWS\tasks\McQcTask.job -> [2010/04/19 21:35:24 | 000,000,332 | ---- | C] ()
 SpywareBlaster.lnk -> C:\Documents and Settings\Barry\Desktop\SpywareBlaster.lnk -> [2010/04/18 23:12:34 | 000,000,690 | ---- | C] ()
 tmp.reg -> C:\WINDOWS\System32\tmp.reg -> [2010/04/18 22:31:53 | 000,003,404 | ---- | C] ()
 dads edit of Mom's_suggestions_to_Research_Paper[1].docx -> C:\Documents and Settings\Barry\My Documents\dads edit of Mom's_suggestions_to_Research_Paper[1].docx -> [2010/04/18 21:02:36 | 000,025,325 | ---- | C] ()
 Shortcut to a1aplaylist.lnk -> C:\Documents and Settings\Barry\Desktop\Shortcut to a1aplaylist.lnk -> [2010/04/17 16:50:59 | 000,000,347 | ---- | C] ()
 lsdelete.exe -> C:\WINDOWS\System32\lsdelete.exe -> [2010/04/17 04:43:08 | 000,015,880 | ---- | C] ()
 Ad-Aware.lnk -> C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk -> [2010/04/16 11:22:14 | 000,000,867 | ---- | C] ()
 dilbert2010apr.doc -> C:\Documents and Settings\Barry\My Documents\dilbert2010apr.doc -> [2010/04/07 13:49:44 | 000,612,352 | ---- | C] ()
 truro_apr7_2010.doc -> C:\Documents and Settings\Barry\My Documents\truro_apr7_2010.doc -> [2010/04/07 08:34:19 | 000,025,088 | ---- | C] ()
 Bwidya.exe -> C:\WINDOWS\Bwidya.exe -> [2010/04/04 12:02:21 | 000,179,712 | ---- | C] ()
 {66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job -> C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job -> [2010/04/04 12:02:16 | 000,000,282 | -H-- | C] ()
 {35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job -> C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job -> [2010/04/04 12:02:00 | 000,000,246 | -H-- | C] ()
 Membership Application 2010 (1).xls -> C:\Documents and Settings\Barry\My Documents\Membership Application 2010 (1).xls -> [2010/04/02 14:40:29 | 000,034,816 | ---- | C] ()
 wininit.ini -> C:\WINDOWS\wininit.ini -> [2008/10/10 21:46:59 | 000,000,300 | ---- | C] ()
 epp.ini -> C:\WINDOWS\epp.ini -> [2008/01/23 20:32:22 | 000,002,253 | ---- | C] ()
 GTW32N50.dll -> C:\WINDOWS\System32\GTW32N50.dll -> [2007/05/01 19:54:54 | 000,094,208 | ---- | C] ()
 WLAN.INI -> C:\WINDOWS\System32\WLAN.INI -> [2007/05/01 19:54:28 | 000,000,890 | ---- | C] ()
 openrda.ini -> C:\WINDOWS\openrda.ini -> [2006/11/30 10:14:26 | 000,000,542 | ---- | C] ()
 GlobalUserInterface.CompositeFont -> C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont -> [2006/06/29 14:58:52 | 000,030,808 | ---- | C] ()
 GlobalSansSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont -> [2006/06/29 14:53:56 | 000,026,489 | ---- | C] ()
 atnt40k.sys -> C:\WINDOWS\System32\drivers\atnt40k.sys -> [2006/05/20 13:44:46 | 000,051,392 | ---- | C] ()
 GlobalSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSerif.CompositeFont -> [2006/04/18 15:39:28 | 000,029,779 | ---- | C] ()
 GlobalMonospace.CompositeFont -> C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont -> [2006/04/18 15:39:28 | 000,026,040 | ---- | C] ()
 A5W.INI -> C:\WINDOWS\A5W.INI -> [2005/07/22 12:24:53 | 000,000,035 | ---- | C] ()
 DLXAPI32.DLL -> C:\WINDOWS\System32\DLXAPI32.DLL -> [2005/01/03 10:10:44 | 000,319,488 | ---- | C] ()
 e100bmsg.dll -> C:\WINDOWS\System32\e100bmsg.dll -> [2004/06/21 13:22:06 | 000,024,576 | ---- | C] ()
 pex.INI -> C:\WINDOWS\pex.INI -> [2004/03/31 12:02:15 | 000,000,071 | ---- | C] ()
 pixcache.ini -> C:\WINDOWS\pixcache.ini -> [2004/03/30 13:57:21 | 000,001,368 | ---- | C] ()
 Ulead32.ini -> C:\WINDOWS\Ulead32.ini -> [2004/03/30 13:10:50 | 000,000,889 | ---- | C] ()
 SWISNIFE.INI -> C:\WINDOWS\SWISNIFE.INI -> [2004/03/30 13:06:31 | 000,000,207 | ---- | C] ()
 onsio.sys -> C:\WINDOWS\System32\drivers\onsio.sys -> [2004/03/30 13:06:18 | 000,285,216 | ---- | C] ()
 fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2004/02/27 09:27:38 | 000,001,793 | ---- | C] ()
 EPSC80.ini -> C:\WINDOWS\EPSC80.ini -> [2004/02/25 12:03:11 | 000,000,023 | ---- | C] ()
 Morphexe.INI -> C:\WINDOWS\Morphexe.INI -> [2003/10/31 16:37:32 | 000,000,030 | ---- | C] ()
 nvcod.dll -> C:\WINDOWS\System32\nvcod.dll -> [2003/10/06 14:16:00 | 000,027,136 | ---- | C] ()
 msoffice.ini -> C:\WINDOWS\msoffice.ini -> [2003/06/24 13:37:15 | 000,000,002 | ---- | C] ()
 Morpheus.INI -> C:\WINDOWS\Morpheus.INI -> [2003/04/01 09:57:05 | 000,000,030 | ---- | C] ()
 states.ini -> C:\WINDOWS\states.ini -> [2003/02/05 19:54:03 | 000,000,212 | ---- | C] ()
 zip_var.ini -> C:\WINDOWS\zip_var.ini -> [2003/02/05 19:54:03 | 000,000,069 | ---- | C] ()
 phone_var.ini -> C:\WINDOWS\phone_var.ini -> [2003/02/05 19:54:03 | 000,000,034 | ---- | C] ()
 name_gender.ini -> C:\WINDOWS\name_gender.ini -> [2003/02/05 19:54:02 | 000,051,942 | ---- | C] ()
 name_var.ini -> C:\WINDOWS\name_var.ini -> [2003/02/05 19:54:02 | 000,000,037 | ---- | C] ()
 birth_var.ini -> C:\WINDOWS\birth_var.ini -> [2003/02/05 19:54:01 | 000,000,058 | ---- | C] ()
 addr_var.ini -> C:\WINDOWS\addr_var.ini -> [2003/02/05 19:54:01 | 000,000,016 | ---- | C] ()
 city_var.ini -> C:\WINDOWS\city_var.ini -> [2003/02/05 19:54:01 | 000,000,011 | ---- | C] ()
 cdplayer.ini -> C:\WINDOWS\cdplayer.ini -> [2003/01/17 14:37:15 | 000,000,963 | ---- | C] ()
 iyvu9_32.dll -> C:\WINDOWS\System32\iyvu9_32.dll -> [2003/01/16 14:15:37 | 000,056,832 | ---- | C] ()
 simply100.ini -> C:\WINDOWS\simply100.ini -> [2003/01/08 10:53:33 | 000,000,120 | ---- | C] ()
 LTFIL60N.DLL -> C:\WINDOWS\System32\LTFIL60N.DLL -> [2003/01/08 10:39:18 | 000,043,008 | ---- | C] ()
 Implode.dll -> C:\WINDOWS\System32\Implode.dll -> [2003/01/08 10:39:18 | 000,017,920 | ---- | C] ()
 OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 15:05:08 | 000,002,695 | ---- | C] ()
 MusicCitydll2.dll -> C:\WINDOWS\System32\MusicCitydll2.dll -> [2002/11/26 18:43:25 | 000,479,232 | ---- | C] ()
 UNWISE.INI -> C:\WINDOWS\System32\UNWISE.INI -> [2002/11/26 18:39:42 | 000,005,834 | ---- | C] ()
 smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2002/09/10 21:46:16 | 000,000,061 | ---- | C] ()
 ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2002/09/10 21:39:17 | 000,001,099 | ---- | C] ()
 ac3api.ini -> C:\WINDOWS\ac3api.ini -> [2002/09/10 21:36:29 | 000,000,231 | ---- | C] ()
 SBWIN.INI -> C:\WINDOWS\SBWIN.INI -> [2002/09/10 21:35:59 | 000,000,184 | ---- | C] ()
 orun32.ini -> C:\WINDOWS\orun32.ini -> [2002/09/10 21:32:07 | 000,000,780 | ---- | C] ()
 OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2002/09/10 21:08:56 | 000,000,550 | ---- | C] ()
 NMSInst.dll -> C:\WINDOWS\System32\NMSInst.dll -> [2002/02/06 09:04:14 | 000,065,536 | ---- | C] ()
 PROInst.dll -> C:\WINDOWS\System32\PROInst.dll -> [2002/01/21 16:17:18 | 000,065,536 | ---- | C] ()
 assjwug.dll -> C:\WINDOWS\System32\assjwug.dll -> [2001/12/31 20:00:00 | 000,131,072 | ---- | C] ()
 msnwinnet.dll -> C:\WINDOWS\System32\msnwinnet.dll -> [2001/08/18 08:00:00 | 000,794,624 | ---- | C] ()
 abfrnex.dll -> C:\WINDOWS\System32\abfrnex.dll -> [2001/08/18 08:00:00 | 000,106,496 | ---- | C] ()
 tudmdxiufrm.drv -> C:\WINDOWS\System32\tudmdxiufrm.drv -> [2001/08/18 08:00:00 | 000,041,149 | ---- | C] ()
 Ter32.DLL -> C:\WINDOWS\System32\Ter32.DLL -> [1997/07/17 11:53:08 | 000,804,864 | ---- | C] ()
 Declw.dll -> C:\WINDOWS\System32\Declw.dll -> [1996/02/23 16:34:48 | 000,014,629 | ---- | C] ()
 Decln.dll -> C:\WINDOWS\System32\Decln.dll -> [1996/02/22 14:09:20 | 000,032,256 | ---- | C] ()
 
[File - Lop Check]
 1A0 -> C:\Documents and Settings\All Users\Application Data\1A0 -> [2009/02/05 09:49:26 | 000,000,000 | ---D | M]
 1F128 -> C:\Documents and Settings\All Users\Application Data\1F128 -> [2009/01/27 13:41:31 | 000,000,000 | ---D | M]
 20290 -> C:\Documents and Settings\All Users\Application Data\20290 -> [2009/01/29 08:41:32 | 000,000,000 | ---D | M]
 236D -> C:\Documents and Settings\All Users\Application Data\236D -> [2008/11/20 09:51:35 | 000,000,000 | ---D | M]
 24203 -> C:\Documents and Settings\All Users\Application Data\24203 -> [2009/09/07 13:25:36 | 000,000,000 | ---D | M]
 26138 -> C:\Documents and Settings\All Users\Application Data\26138 -> [2008/12/16 23:46:38 | 000,000,000 | ---D | M]
 272BF -> C:\Documents and Settings\All Users\Application Data\272BF -> [2008/11/22 13:10:39 | 000,000,000 | ---D | M]
 282FD -> C:\Documents and Settings\All Users\Application Data\282FD -> [2009/10/05 11:29:40 | 000,000,000 | ---D | M]
 297D -> C:\Documents and Settings\All Users\Application Data\297D -> [2009/02/13 08:29:41 | 000,000,000 | ---D | M]
 2C6D -> C:\Documents and Settings\All Users\Application Data\2C6D -> [2009/02/04 15:05:44 | 000,000,000 | ---D | M]
 392CE -> C:\Documents and Settings\All Users\Application Data\392CE -> [2009/02/05 08:39:57 | 000,000,000 | ---D | M]
 91E4 -> C:\Documents and Settings\All Users\Application Data\91E4 -> [2009/06/11 16:29:09 | 000,000,000 | ---D | M]
 Linksys -> C:\Documents and Settings\All Users\Application Data\Linksys -> [2009/05/18 16:58:12 | 000,000,000 | ---D | M]
 MCA57.tmp -> C:\Documents and Settings\All Users\Application Data\MCA57.tmp -> [2006/06/24 18:27:54 | 000,000,000 | ---D | M]
 MSN Search Toolbar -> C:\Documents and Settings\All Users\Application Data\MSN Search Toolbar -> [2005/09/13 14:50:44 | 000,000,000 | ---D | M]
 Sage Software -> C:\Documents and Settings\All Users\Application Data\Sage Software -> [2007/02/01 13:11:37 | 000,000,000 | ---D | M]
 TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2010/04/19 20:32:12 | 000,000,000 | ---D | M]
 Ulead Systems -> C:\Documents and Settings\All Users\Application Data\Ulead Systems -> [2004/05/04 10:47:42 | 000,000,000 | ---D | M]
 {74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} -> C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} -> [2010/04/16 11:22:44 | 000,000,000 | -H-D | M]
 Amazon -> C:\Documents and Settings\Barry\Application Data\Amazon -> [2008/10/30 10:34:28 | 000,000,000 | ---D | M]
 InterTrust -> C:\Documents and Settings\Barry\Application Data\InterTrust -> [2002/10/31 10:16:40 | 000,000,000 | ---D | M]
 LimeWire -> C:\Documents and Settings\Barry\Application Data\LimeWire -> [2008/10/30 10:11:11 | 000,000,000 | ---D | M]
 MSN Search Toolbar -> C:\Documents and Settings\Barry\Application Data\MSN Search Toolbar -> [2005/09/13 15:18:23 | 000,000,000 | ---D | M]
 MSNInstaller -> C:\Documents and Settings\Barry\Application Data\MSNInstaller -> [2006/03/21 16:30:36 | 000,000,000 | ---D | M]
 PGP -> C:\Documents and Settings\Barry\Application Data\PGP -> [2003/01/11 16:30:33 | 000,000,000 | ---D | M]
 TigerPlayer -> C:\Documents and Settings\Barry\Application Data\TigerPlayer -> [2009/11/02 13:48:35 | 000,000,000 | ---D | M]
 Ulead Systems -> C:\Documents and Settings\Barry\Application Data\Ulead Systems -> [2004/03/31 10:53:10 | 000,000,000 | ---D | M]
 PGP -> C:\Documents and Settings\LocalService\Application Data\PGP -> [2003/05/28 13:20:26 | 000,000,000 | ---D | M]
 SACore -> C:\Documents and Settings\LocalService\Application Data\SACore -> [2010/04/21 07:39:12 | 000,000,000 | ---D | M]
 Ad-Aware Update (Weekly).job -> C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job -> [2010/04/25 19:19:44 | 000,000,472 | ---- | M] ()
 ISP signup reminder 3.job -> C:\WINDOWS\Tasks\ISP signup reminder 3.job -> [2002/09/19 18:45:01 | 000,000,258 | ---- | M] ()
 McDefragTask.job -> C:\WINDOWS\Tasks\McDefragTask.job -> [2010/04/19 21:35:29 | 000,000,340 | ---- | M] ()
 McQcTask.job -> C:\WINDOWS\Tasks\McQcTask.job -> [2010/04/19 21:35:24 | 000,000,332 | ---- | M] ()
 User_Feed_Synchronization-{F9A76691-5EEA-444E-84AE-80568A4644A9}.job -> C:\WINDOWS\Tasks\User_Feed_Synchronization-{F9A76691-5EEA-444E-84AE-80568A4644A9}.job -> [2010/04/25 22:55:00 | 000,000,422 | -H-- | M] ()
 {35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job -> C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job -> [2010/04/25 22:25:00 | 000,000,246 | -H-- | M] ()
 {66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job -> C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job -> [2010/04/25 22:39:00 | 000,000,282 | -H-- | M] ()
 
[File - Purity Scan]
 
[Custom Scans]
< %SYSTEMDRIVE%\*.exe >
< MD5 Scans Start>
< %systemdrive%\AGP440.SYS  /md5 /s >
 AGP440.sys : .cab file  -> C:\WINDOWS\Driver Cache\I386\sp2.cab:AGP440.sys -> [2004/09/20 13:21:18 | 022,245,337 | ---- | M] ()
 AGP440.sys : .cab file  -> C:\WINDOWS\Driver Cache\I386\sp3.cab:AGP440.sys -> [2008/09/04 10:28:59 | 023,852,652 | ---- | M] ()
 AGP440.sys : .cab file  -> C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys -> [2004/09/20 13:21:18 | 022,245,337 | ---- | M] ()
 AGP440.sys : .cab file  -> C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys -> [2008/09/04 10:28:59 | 023,852,652 | ---- | M] ()
 agp440.sys : MD5=08FD04AA961BDC77FB983F328334E3D7 -> C:\WINDOWS\ServicePackFiles\i386\agp440.sys -> [2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation)
 agp440.sys : MD5=08FD04AA961BDC77FB983F328334E3D7 -> C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys -> [2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation)
 agp440.sys : MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -> C:\WINDOWS\$NtServicePackUninstall$\agp440.sys -> [2004/08/04 02:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation)
 AGP440.SYS : MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -> C:\WINDOWS\SYSTEM32\ReinstallBackups\0014\DriverFiles\i386\AGP440.SYS -> [2004/08/04 02:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation)
 AGP440.SYS : MD5=65880045C51AA36184841CEE915A61DF -> C:\I386\AGP440.SYS -> [2001/08/17 14:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation)
 AGP440.SYS : MD5=65880045C51AA36184841CEE915A61DF -> C:\WINDOWS\SYSTEM32\ReinstallBackups\0001\DriverFiles\i386\AGP440.SYS -> [2001/08/17 14:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation)
< %systemdrive%\ATAPI.SYS  /md5 /s >
 atapi.sys : .cab file  -> C:\WINDOWS\Driver Cache\I386\sp1.cab:atapi.sys -> [2002/10/29 16:12:41 | 012,091,533 | ---- | M] ()
 atapi.sys : .cab file  -> C:\WINDOWS\Driver Cache\I386\sp2.cab:atapi.sys -> [2004/09/20 13:21:18 | 022,245,337 | ---- | M] ()
 atapi.sys : .cab file  -> C:\WINDOWS\Driver Cache\I386\sp3.cab:atapi.sys -> [2008/09/04 10:28:59 | 023,852,652 | ---- | M] ()
 atapi.sys : .cab file  -> C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys -> [2002/10/29 16:12:41 | 012,091,533 | ---- | M] ()
 atapi.sys : .cab file  -> C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys -> [2004/09/20 13:21:18 | 022,245,337 | ---- | M] ()
 atapi.sys : .cab file  -> C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys -> [2008/09/04 10:28:59 | 023,852,652 | ---- | M] ()
 atapi.sys : MD5=48BC2767CEEC6E8B0E15B0289F18232E -> C:\I386\atapi.sys -> [2002/01/30 15:49:08 | 000,086,912 | ---- | M] (Microsoft Corporation)
 atapi.sys : MD5=9F3A2F5AA6875C72BF062C712CFA2674 -> C:\WINDOWS\ServicePackFiles\i386\atapi.sys -> [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation)
 atapi.sys : MD5=A64013E98426E1877CB653685C5C0009 -> C:\WINDOWS\SYSTEM32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys -> [2001/08/17 14:51:56 | 000,086,656 | ---- | M] (Microsoft Corporation)
 atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\$NtServicePackUninstall$\atapi.sys -> [2004/08/04 01:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation)
 atapi.sys : Unable to obtain MD5  -> C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys -> [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation)
< %systemdrive%\EVENTLOG.DLL  /md5 /s >
 eventlog.dll : MD5=6D4FEB43EE538FC5428CC7F0565AA656 -> C:\WINDOWS\ServicePackFiles\i386\eventlog.dll -> [2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation)
 eventlog.dll : MD5=6D4FEB43EE538FC5428CC7F0565AA656 -> C:\WINDOWS\SYSTEM32\eventlog.dll -> [2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation)
 eventlog.dll : MD5=82B24CB70E5944E6E34662205A2A5B78 -> C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll -> [2004/08/04 03:56:42 | 000,055,808 | ---- | M] (Microsoft Corporation)
 EVENTLOG.DLL : MD5=A510B91253544D56B5712D66BE8371E9 -> C:\I386\EVENTLOG.DLL -> [2001/08/18 08:00:00 | 000,047,616 | ---- | M] (Microsoft Corporation)
< %systemdrive%\NETLOGON.DLL  /md5 /s >
 netlogon.dll : MD5=1B7F071C51B77C272875C3A23E1E4550 -> C:\WINDOWS\ServicePackFiles\i386\netlogon.dll -> [2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation)
 netlogon.dll : MD5=1B7F071C51B77C272875C3A23E1E4550 -> C:\WINDOWS\SYSTEM32\netlogon.dll -> [2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation)
 netlogon.dll : MD5=96353FCECBA774BB8DA74A1C6507015A -> C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll -> [2004/08/04 03:56:44 | 000,407,040 | ---- | M] (Microsoft Corporation)
 NETLOGON.DLL : MD5=F41C1602DC79AB72035F2388FCA0255F -> C:\I386\NETLOGON.DLL -> [2001/08/18 08:00:00 | 000,397,824 | ---- | M] (Microsoft Corporation)
< %systemdrive%\SCECLI.DLL  /md5 /s >
 scecli.dll : MD5=0F78E27F563F2AAF74B91A49E2ABF19A -> C:\WINDOWS\$NtServicePackUninstall$\scecli.dll -> [2004/08/04 03:56:44 | 000,180,224 | ---- | M] (Microsoft Corporation)
 SCECLI.DLL : MD5=73968C834C316ADC7A2F07DC4B5F3665 -> C:\I386\SCECLI.DLL -> [2001/08/18 08:00:00 | 000,174,080 | ---- | M] (Microsoft Corporation)
 scecli.dll : MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -> C:\WINDOWS\ServicePackFiles\i386\scecli.dll -> [2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation)
 scecli.dll : MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -> C:\WINDOWS\SYSTEM32\scecli.dll -> [2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation)
< MD5 Scans End>
< %systemroot%\*. /mp /s >
Restore point Set: OTS Restore Point (0)
< %systemroot%\system32\*.dll /lockedfiles >
 1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> 
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
 DEFAULT.SAV -> C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.SAV -> [2001/08/31 11:38:54 | 000,090,112 | ---- | M] ()
 SOFTWARE.SAV -> C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.SAV -> [2001/08/31 11:38:54 | 000,606,208 | ---- | M] ()
 SYSTEM.SAV -> C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.SAV -> [2001/08/31 11:38:54 | 000,380,928 | ---- | M] ()
 
[Alternate Data Streams]
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >

[Unregister Dlls]
[Processes - Safe List]
YY -> bfr.exe -> C:\Documents and Settings\Barry\Local Settings\Temp\Bfr.exe
[Registry - All]
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YY -> {EF3FA1F1-05F2-4639-92A2-2351228BFB1B} [HKLM] -> C:\WINDOWS\SYSTEM32\assjwug.dll [TChkBHO Class]
< Run [HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\] > -> HKEY_USERS\S-1-5-21-3646499915-2801439982-1300003180-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> "YVIBBBHA8C" -> C:\Documents and Settings\Barry\Local Settings\Temp\Bfr.exe [C:\DOCUME~1\Barry\LOCALS~1\Temp\Bfr.exe]
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\
YN -> NameServer -> 93.188.164.100,93.188.161.155
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
YN -> {ECA8E80D-29C3-41B9-A9E5-2A8073B3D609}\\NameServer -> 93.188.164.100,93.188.161.155   (Linksys Wireless-G PCI Adapter)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2
YN -> \{3d60b472-7e58-11db-b929-0007e90755ca} -> 
YN -> \{638ef06e-a019-11db-b937-0007e90755ca} -> 
YN -> \{638ef070-a019-11db-b937-0007e90755ca} -> 
[Files/Folders - Modified Within 30 Days]
NY ->  Bwidya.exe -> C:\WINDOWS\Bwidya.exe
NY ->  5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp
NY ->  19 C:\Documents and Settings\Barry\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Barry\Local Settings\Temp\*.tmp
NY ->  1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
NY ->  1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp
[File - Lop Check]
NY ->  1A0 -> C:\Documents and Settings\All Users\Application Data\1A0
NY ->  1F128 -> C:\Documents and Settings\All Users\Application Data\1F128
NY ->  20290 -> C:\Documents and Settings\All Users\Application Data\20290
NY ->  236D -> C:\Documents and Settings\All Users\Application Data\236D
NY ->  24203 -> C:\Documents and Settings\All Users\Application Data\24203
NY ->  26138 -> C:\Documents and Settings\All Users\Application Data\26138
NY ->  272BF -> C:\Documents and Settings\All Users\Application Data\272BF
NY ->  282FD -> C:\Documents and Settings\All Users\Application Data\282FD
NY ->  297D -> C:\Documents and Settings\All Users\Application Data\297D
NY ->  2C6D -> C:\Documents and Settings\All Users\Application Data\2C6D
NY ->  392CE -> C:\Documents and Settings\All Users\Application Data\392CE
NY ->  91E4 -> C:\Documents and Settings\All Users\Application Data\91E4
[Empty Temp Folders]
[EmptyFlash]
[ClearAllRestorePoints]
[Reboot]