Here is the log, and thanks for the help.
ComboFix 09-05-11.08 - Sa 05/12/2009 11:22.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.635 [GMT -7:00]
Running from: c:\documents and settings\Sa\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning enabled* (Updated)
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated)
FW: McAfee Personal Firewall *disabled*
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\db32.txt
c:\windows\IE4 Error Log.txt
c:\windows\nbll.qmt
c:\windows\system32\ksvcl.dll

.
((((((((((((((((((((((((( Files Created from 2009-04-12 to 2009-05-12 )))))))))))))))))))))))))))))))
.

2009-05-11 22:40 . 2009-03-31 18:23 12576 ----a-w c:\windows\system32\drivers\TfKbMon.sys
2009-05-11 22:40 . 2009-03-31 18:23 33056 ----a-w c:\windows\system32\drivers\TfNetMon.sys
2009-05-11 22:40 . 2009-03-31 18:23 39200 ----a-w c:\windows\system32\drivers\TfSysMon.sys
2009-05-11 22:40 . 2009-03-31 18:23 51488 ----a-w c:\windows\system32\drivers\TfFsMon.sys
2009-05-11 22:36 . 2008-12-11 15:38 159600 ----a-w c:\windows\system32\drivers\pctgntdi.sys
2009-05-11 22:36 . 2009-04-03 18:18 130936 ----a-w c:\windows\system32\drivers\PCTCore.sys
2009-05-11 22:36 . 2008-12-18 19:16 73840 ----a-w c:\windows\system32\drivers\PCTAppEvent.sys
2009-05-11 22:36 . 2009-05-11 22:40 -------- d-----w c:\program files\Common Files\PC Tools
2009-05-11 22:36 . 2008-12-10 18:36 64392 ----a-w c:\windows\system32\drivers\pctplsg.sys
2009-05-11 22:36 . 2009-05-11 22:40 -------- d-----w c:\documents and settings\All Users\Application Data\PC Tools
2009-05-11 21:24 . 2005-09-19 16:13 288320 ----a-r c:\windows\system32\mcgdmgr.dll
2009-05-11 21:24 . 2005-09-19 16:13 349760 ----a-r c:\windows\system32\mcinsctl.dll
2009-05-11 21:24 . 2009-05-11 21:24 -------- d-----w c:\program files\McAfee.com
2009-05-11 20:54 . 2009-05-11 20:54 -------- d-----w c:\documents and settings\All Users\Application Data\McAfee
2009-05-10 20:05 . 2009-05-10 20:07 -------- d-----w c:\documents and settings\Sa\Application Data\vlc
2009-05-10 19:54 . 2009-05-10 19:54 -------- d-----w c:\program files\VideoLAN
2009-04-26 02:55 . 2009-04-26 02:55 -------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet
2009-04-26 02:54 . 2009-04-26 02:54 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-04-26 02:51 . 2009-04-26 02:51 -------- d-----w c:\program files\Common Files\Macrovision Shared
2009-04-23 16:44 . 2009-04-23 16:44 -------- d-----w c:\program files\MSECache
2009-04-23 15:50 . 2009-04-23 16:49 -------- d-----w C:\paulspptpresentation
2009-04-23 15:47 . 2009-04-23 15:47 -------- d-----w c:\documents and settings\Sa\Local Settings\Application Data\WinZip
2009-04-21 20:23 . 2009-04-21 20:23 -------- d-----w c:\windows\system32\scripting
2009-04-21 20:23 . 2009-04-21 20:23 -------- d-----w c:\windows\l2schemas
2009-04-21 20:23 . 2009-04-21 20:23 -------- d-----w c:\windows\system32\en
2009-04-21 20:23 . 2009-04-21 20:23 -------- d-----w c:\windows\system32\bits
2009-04-21 20:15 . 2009-04-21 20:24 -------- d-----w c:\windows\ServicePackFiles
2009-04-16 03:42 . 2009-03-06 14:22 284160 ------w c:\windows\system32\dllcache\pdh.dll
2009-04-16 03:42 . 2009-02-06 10:39 35328 ------w c:\windows\system32\dllcache\sc.exe
2009-04-16 03:42 . 2009-02-09 12:10 401408 ------w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 03:42 . 2009-02-06 11:11 110592 ------w c:\windows\system32\dllcache\services.exe
2009-04-16 03:42 . 2009-02-09 12:10 473600 ------w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 03:42 . 2009-02-06 10:10 227840 ------w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 03:42 . 2009-02-09 12:10 453120 ------w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 03:42 . 2009-02-09 12:10 729088 ------w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 03:42 . 2009-02-09 12:10 617472 ------w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 03:42 . 2009-02-09 12:10 714752 ------w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 03:41 . 2009-02-06 11:06 2145280 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
2009-04-16 03:41 . 2009-02-06 11:08 2189056 ------w c:\windows\system32\dllcache\ntoskrnl.exe
2009-04-16 03:41 . 2009-02-06 10:32 2023936 ------w c:\windows\system32\dllcache\ntkrpamp.exe
2009-04-16 03:39 . 2008-05-03 11:55 2560 ------w c:\windows\system32\xpsp4res.dll
2009-04-16 03:39 . 2008-04-21 12:08 215552 ------w c:\windows\system32\dllcache\wordpad.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-12 17:27 . 2009-01-19 19:41 -------- d-----w c:\program files\Spyware Doctor
2009-05-10 19:51 . 2009-05-10 19:51 16742799 ----a-w c:\windows\Media\vlc-0.9.9-win32.exe
2009-05-09 17:50 . 2006-03-09 22:55 87912 ----a-w c:\documents and settings\Sa\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-09 17:44 . 2009-05-09 17:44 533768 ----a-w c:\windows\Media\MP10_EnergyBlissViz.exe
2009-05-02 23:28 . 2009-04-07 04:29 -------- d-----w c:\program files\CFE
2009-04-30 19:05 . 2008-05-19 04:00 61224 ----a-w c:\documents and settings\Sa\GoToAssistDownloadHelper.exe
2009-04-26 02:51 . 2006-02-18 19:25 -------- d-----w c:\program files\Common Files\Adobe
2009-04-26 02:45 . 2009-04-26 02:45 -------- d-----w c:\windows\Fonts\Fonts
2009-04-26 02:43 . 2006-01-29 22:48 116472 ------w c:\windows\system32\pxcpyi64.exe
2009-04-26 02:43 . 2006-01-29 22:48 118520 ------w c:\windows\system32\pxinsi64.exe
2009-04-21 20:28 . 2005-08-16 10:41 88859 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-03-06 14:22 . 2005-08-16 10:18 284160 ----a-w c:\windows\system32\pdh.dll
2009-02-20 08:10 . 2005-08-16 10:18 666112 ----a-w c:\windows\system32\wininet.dll
2009-02-20 08:10 . 2005-08-16 10:18 81920 ----a-w c:\windows\system32\ieencode.dll
2006-04-29 05:13 . 2006-04-29 05:13 251 ----a-w c:\program files\wt3d.ini
2002-07-27 00:02 . 2008-05-20 02:56 153088 ----a-w c:\program files\UNWISE.EXE
2006-08-27 21:06 . 2006-03-21 22:39 104 --sh--r c:\windows\system32\98549BEE3F.sys
2006-08-27 21:06 . 2006-03-21 22:39 6632 --sha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2004-09-13 155648]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 385024]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-01-29 98304]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 57344]
"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe" [2005-09-09 8192]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-12 49152]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2004-04-07 61440]
"USBToolTip"="c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [2004-04-23 192512]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2007-8-26 25214]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-1-29 24576]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
Monitor.lnk - c:\program files\SanDisk\SanDisk TransferMate\SD Monitor.exe [2006-8-27 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-09-07 22:08 110592 ----a-w c:\program files\Intel\Wireless\Bin\LgNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Rosetta Stone\\RS2.1.5.1A\\Rosetta Stone.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Adobe\\Photoshop Elements 7.0\\AdobePhotoshopElementsMediaServer.exe"=
"c:\\Program Files\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [5/11/2009 3:36 PM 130936]
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [5/11/2009 3:40 PM 51488]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [5/11/2009 3:40 PM 39200]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [5/11/2009 3:36 PM 159600]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [9/16/2008 12:03 PM 169312]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\McAfee\SiteAdvisor\McSACore.exe" --> c:\program files\McAfee\SiteAdvisor\McSACore.exe [?]
S3 JL2005;JL2005A Toy Camera;c:\windows\system32\drivers\toywdm.sys [6/4/2004 1:21 PM 70888]
S3 mam4410c;mam4410c;c:\windows\system32\drivers\mam4410c.sys [4/17/2007 11:49 AM 24784]
S3 mam4410m;mam4410m;c:\windows\system32\drivers\mam4410m.sys [4/17/2007 11:49 AM 25044]
S3 mam4410u;mam4410u;c:\windows\system32\drivers\mam4410u.sys [4/17/2007 11:48 AM 55936]
S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [5/11/2009 3:36 PM 64392]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [1/19/2009 12:41 PM 348752]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [5/11/2009 3:40 PM 33056]
S3 ThreatFire;ThreatFire;c:\program files\Spyware Doctor\TFEngine\TFService.exe service --> c:\program files\Spyware Doctor\TFEngine\TFService.exe service [?]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c3b73fd-8e56-11dc-b78e-001422ed9cdb}]
\Shell\AutoRun\command - g:\system\viewer\Viewer.exe
\Shell\View your videos\command - g:\system\viewer\Viewer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aad4e36c-0294-11de-b88d-001422ed9cdb}]
\Shell\AutoRun\command - E:\StarterOfficeGuardian.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab389ef4-bab5-11da-ab85-001422ed9cdb}]
\Shell\AutoRun\command - e:\jdsecure\Windows\JDSecure31.exe
.
Contents of the 'Scheduled Tasks' folder

2009-05-12 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-05-15 02:25]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: musicmatch.com\online
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-12 11:25
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,86,3d,2b,af,fd,
2a,9d,aa,e2,63,26,f1,3f,c8,ff,68,56,2a,6b,61,e1,cd,04,33,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,0f,e0,d4,d1,69,
2f,12,98,6a,9c,d6,61,af,45,84,18,c8,5f,9b,5b,67,e1,64,1a,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,c4,64,98,26,5b,
ee,a9,bc,ff,7c,85,e0,43,d4,0e,fe,5a,82,60,1c,f5,ae,6e,54,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,c2,a2,bf,d6,83,
8c,ce,04,86,8c,21,01,be,91,eb,e7,bc,ff,32,e3,b1,e1,01,68,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,fa,06,9f,a4,47,
46,1c,ab,f5,1d,4d,73,a8,13,5c,05,c0,0f,40,99,13,79,8e,c9,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,4e,ea,70,a5,fc,
ae,84,4b,df,20,58,62,78,6b,cf,c8,fc,76,2c,d0,78,23,dd,35,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,fb,b1,4b,6f,ef,
01,77,06,fb,a7,78,e6,12,2f,9a,ea,d9,b1,87,03,3e,4f,c5,b0,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,ec,e1,95,7a,49,
ad,1c,ff,01,3a,48,fc,e8,04,4a,f1,cd,79,a5,98,ac,8d,b4,43,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,b5,dd,a2,19,cb,
bd,f2,75,f6,0f,4e,58,98,5b,89,c9,db,24,62,a4,b3,a2,65,ad,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,e2,1b,ce,87,c8,
66,89,d3,3d,ce,ea,26,2d,45,aa,78,72,09,7f,67,ba,1f,c4,2f,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,67,ab,c4,af,1c,
ea,d3,45,2a,b7,cc,b5,b9,7f,41,e7,27,c3,23,a5,13,43,bb,85,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,8f,03,6b,62,24,
4b,7e,9e,6c,43,2d,1e,aa,22,2f,9c,ec,2e,b2,82,d9,e2,b9,e8,6c,43,2d,1e,aa,22,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(876)
c:\windows\system32\Ati2evxx.dll
c:\program files\Intel\Wireless\Bin\LgNotify.dll

- - - - - - - > 'lsass.exe'(932)
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
Completion time: 2009-05-12 11:27
ComboFix-quarantined-files.txt 2009-05-12 18:26

Pre-Run: 65,468,338,176 bytes free
Post-Run: 65,452,421,120 bytes free

282 --- E O F --- 2009-05-11 21:45

What problem prompted you to run Combofix? (not a generally brilliant idea)

You post title indicates a problem with McAfee. If that is the only problem, have you checked the McAfee support forums?

Your Combofix log does not offer any revealing information and I can't see that there is anything more I can do without more information.

This was prompted by seeing an error message that another person described in this forum. I deleted McAfee and was going to download the software again for a reinstall. Initially, I couldn't bring up any of the McAfee web pages on my laptop. When I would attempt to go to one of the webpages, I would get a page saying the page no longer existed. That's when I started looking for some help. On one forum, an individual reported that McAfee had been hacked this past weekend, and the website was undergoing maintenance. I attempted to contact McAfee via landline and when I first tried to find out if there was such a problem with McAfee's website, I wasn't given an answer by the individual I was speaking with (outsourced to another country, based on his accent), and gave up when giving my email address (which is my first and last name divided by an underscore) when he asked me how to spell "underscore". That aside, when I was able to find McAfee's website using my wife's Mac and my cellphone browser, that's when I began thinking maybe I was being hit by some type of malware.

I found Gladiator entirely by accident (I'd have to go back to the History to find out what I input into my browser to cause it to come up). When I saw someone had a similar problem, I joined posted my issue, and received some guidance from Chachazz. I saw what another user had done, so I got it into my pointed little head to download Combofix (Chachazz did not tell me to download the software). Apparently, that took care of the problem, and I was able to access McAfee again. Another bothersome issue: Combofix said it detected that McAfee Virus Scan was still active, even though I believe I had deleted it from my system. As you can see, Combofix did work. I haven't contacted McAfee yet since this issue, and will look for forums to see what might have happened. If you didn't see anything indicative of malware, your best guess (corrupted program, maybe?) Thanks for your assistance.

Many of the new suites leave portions behind. McAfee has a removal tool that you should run to make sure it was all removed. Here is the link: http://service.mcafee.com/FAQDocument.aspx?id=TS100507

Also, while you are here, do the following and I'll check your system to be safe.


Please download OTListIt by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTListIt2.exe

• Close all open windows on the Task Bar. Click the icon (for Vista, right click the icon and Run as Administrator) to start the program.
• In the lower right corner of the Top Panel, checkmark 'LOP Check'; and checkmark 'Purity Check'.
• Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.
• It will produce two logs for you, one will pop up called OTListIt.txt, the other will be saved on your desktop and called Extras.txt.
• Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!
• Exit OTListIt2 by clicking the X at top right.

Copy/paste the following into your post (in order):
the contents of OTListIt.txt
the contents of Extras.txt

OTListit.txt
OTListIt logfile created on: 5/14/2009 7:28:00 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.7 Folder = C:\Documents and Settings\Sa\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.40 Mb Total Physical Memory | 586.78 Mb Available Physical Memory | 57.34% Memory free
2.40 Gb Paging File | 1.62 Gb Available in Paging File | 67.29% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 88.19 Gb Total Space | 60.48 Gb Free Space | 68.57% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SALSLAPTOP
Current User Name: Sa
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2005/08/04 03:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
PRC - [2004/09/07 15:02:40 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2004/09/07 15:05:10 | 00,360,521 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2004/09/07 15:08:02 | 00,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
PRC - [2005/08/04 03:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe
PRC - [2004/09/07 15:12:32 | 00,225,353 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
PRC - [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2004/09/07 15:03:40 | 00,245,760 | ---- | M] (Intel) -- C:\Program Files\Intel\Wireless\Bin\1XConfig.exe
PRC - [2005/09/09 03:24:30 | 00,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
PRC - [2008/09/16 12:03:18 | 00,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2005/10/11 07:40:32 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe
PRC - [2005/08/05 12:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe
PRC - [2009/02/11 11:06:36 | 00,210,216 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/03/25 17:25:20 | 00,797,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/01/09 11:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/01/09 08:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/03/25 11:05:48 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2009/03/19 11:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe
PRC - [2009/01/09 09:22:10 | 00,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\MskSrver.exe
PRC - [2003/05/31 17:02:32 | 07,544,916 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
PRC - [2005/06/09 07:53:18 | 00,356,352 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
PRC - [2004/09/07 15:02:04 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/01/21 13:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/03/25 17:25:20 | 00,645,328 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2008/12/08 13:33:48 | 01,173,384 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2005/08/03 18:05:55 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2005/08/05 12:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2009/03/31 11:23:06 | 00,070,944 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
PRC - [2009/02/06 03:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2005/09/29 13:01:14 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
PRC - [2009/03/24 00:03:18 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2005/08/05 12:56:28 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehmsas.exe
PRC - [2004/09/13 15:33:20 | 00,155,648 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2004/10/30 13:59:54 | 00,385,024 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
PRC - [2005/08/05 20:05:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2005/02/23 15:19:56 | 00,053,248 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
PRC - [2004/12/06 00:05:00 | 00,127,035 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfswctrl.exe
PRC - [2004/08/19 13:40:08 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apntex.exe
PRC - [2008/04/23 02:08:13 | 00,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
PRC - [2005/09/09 01:18:10 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
PRC - [2005/05/11 23:12:54 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2004/04/23 11:00:36 | 00,192,512 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
PRC - [2005/09/08 18:20:46 | 00,102,400 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
PRC - [2003/10/29 02:06:00 | 00,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2005/09/08 18:20:46 | 00,464,384 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
PRC - [2005/05/11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2005/06/13 11:40:18 | 00,110,592 | ---- | M] (SanDisk) -- C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
PRC - [2005/05/12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2005/05/11 23:16:22 | 00,077,824 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
PRC - [2009/05/14 19:22:57 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sa\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2007/08/26 18:28:05 | 00,069,632 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2005/09/09 03:24:30 | 00,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor4.0 [Auto | Running])
SRV - [2008/09/16 12:03:18 | 00,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0 [Auto | Running])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2005/08/04 03:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007/03/07 15:47:46 | 00,076,848 | ---- | M] () -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService [On_Demand | Stopped])
SRV - [2005/10/11 07:40:32 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe -- (ehRecvr [Auto | Running])
SRV - [2005/08/05 12:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe -- (ehSched [Auto | Running])
SRV - [2004/09/07 15:02:40 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
SRV - [2009/04/25 19:51:32 | 00,651,720 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2009/03/28 19:25:23 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/02/11 11:06:36 | 00,210,216 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service [Auto | Running])
SRV - [2009/03/25 17:25:20 | 00,797,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
SRV - [2009/01/09 11:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
SRV - [2009/04/01 14:21:30 | 00,365,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [On_Demand | Stopped])
SRV - [2009/01/09 08:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
SRV - [2005/08/05 12:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
SRV - [2009/03/25 11:05:48 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
SRV - [2009/03/24 00:03:18 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
SRV - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
SRV - [2004/08/10 03:11:50 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mhn.dll -- (MHN [On_Demand | Stopped])
SRV - [2009/03/19 11:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService [Auto | Running])
SRV - [2009/01/09 09:22:10 | 00,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service [Auto | Running])
SRV - [2003/05/31 17:02:32 | 07,544,916 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe -- (MSSQL$MICROSOFTBCM [Auto | Running])
SRV - [2002/12/17 18:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
SRV - [2005/06/09 07:53:18 | 00,356,352 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe -- (NICCONFIGSVC [Auto | Running])
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2004/09/29 12:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Stopped])
SRV - [2004/09/07 15:02:04 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
SRV - [2004/09/07 15:05:10 | 00,360,521 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])
SRV - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])
SRV - [2009/01/21 13:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [Auto | Running])
SRV - [2002/12/17 18:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTBCM [On_Demand | Stopped])
SRV - [2009/03/31 11:23:06 | 00,070,944 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe -- (ThreatFire [On_Demand | Running])
SRV - [2005/08/03 18:05:55 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])
SRV - [2004/09/07 15:12:32 | 00,225,353 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- (WLANKEEPER [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2006/01/29 15:29:05 | 00,017,056 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])
DRV - [2001/08/17 12:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Disabled | Stopped])
DRV - [2008/04/13 11:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Disabled | Stopped])
DRV - [2004/11/16 15:03:52 | 00,108,791 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\system32\DRIVERS\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])
DRV - [2005/08/03 09:44:16 | 00,016,128 | ---- | M] (Dell Inc) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV [System | Running])
DRV - [2004/03/10 15:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\ASAPIW2k.sys -- (ASAPIW2k [On_Demand | Running])
DRV - [2001/08/17 12:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Disabled | Stopped])
DRV - [2001/08/17 12:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Disabled | Stopped])
DRV - [2006/01/29 15:43:52 | 00,008,552 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM [Auto | Running])
DRV - [2005/08/04 03:10:18 | 01,273,344 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2004/05/26 19:18:18 | 00,044,928 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running])
DRV - [2001/08/17 12:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Disabled | Stopped])
DRV - [2001/08/17 12:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Disabled | Stopped])
DRV - [2004/04/06 14:08:06 | 00,100,957 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\emDevice.sys -- (DCamUSBEMPIA [On_Demand | Stopped])
DRV - [2004/12/01 02:22:00 | 00,087,488 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb [Boot | Running])
DRV - [2004/11/23 01:56:00 | 00,040,480 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm [Auto | Running])
DRV - [2006/10/05 16:07:28 | 00,004,736 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct [On_Demand | Stopped])
DRV - [2007/02/25 12:10:48 | 00,005,376 | --S- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\DRIVERS\dsunidrv.sys -- (dsunidrv [Auto | Running])
DRV - [2001/08/17 11:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2004/05/05 13:40:38 | 00,019,584 | ---- | M] (Pinnacle Systems, Inc.) -- C:\WINDOWS\system32\drivers\emAudio.sys -- (emAudio [On_Demand | Stopped])
DRV - [2004/04/06 14:07:58 | 00,005,245 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\emFilter.sys -- (FiltUSBEMPIA [On_Demand | Stopped])
DRV - [2005/03/07 21:43:25 | 00,051,120 | ---- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2005/03/07 21:43:26 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2005/03/07 21:43:27 | 00,021,744 | ---- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2004/06/17 19:57:02 | 00,200,064 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys -- (HSFHWICH [On_Demand | Running])
DRV - [2004/06/17 19:55:04 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys -- (HSF_DP [On_Demand | Running])
DRV - [2004/08/12 07:44:04 | 00,234,496 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\iwca.sys -- (IWCA [On_Demand | Stopped])
DRV - [2004/06/04 13:21:12 | 00,070,888 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\Drivers\toywdm.sys -- (JL2005 [On_Demand | Stopped])
DRV - [2006/07/19 00:33:30 | 00,024,784 | R--- | M] (Mobile Action Technology Inc.) -- C:\WINDOWS\System32\Drivers\mam4410c.sys -- (mam4410c [On_Demand | Stopped])
DRV - [2006/07/19 00:33:32 | 00,025,044 | R--- | M] (Mobile Action Technology Inc.) -- C:\WINDOWS\System32\Drivers\mam4410m.sys -- (mam4410m [On_Demand | Stopped])
DRV - [2006/07/19 00:33:34 | 00,055,936 | R--- | M] (Mobile Action Technology Inc.) -- C:\WINDOWS\System32\Drivers\mam4410u.sys -- (mam4410u [On_Demand | Stopped])
DRV - [2005/08/17 20:44:50 | 00,049,867 | R--- | M] (Mobile Action Technology Inc.) -- C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys -- (MaRdPnp [On_Demand | Stopped])
DRV - [2005/08/17 20:44:44 | 00,011,473 | R--- | M] (Mobile Action Technology Inc.) -- C:\WINDOWS\system32\DRIVERS\MaVc2K.sys -- (MaVctrl [Auto | Running])
DRV - [2004/03/17 17:04:14 | 00,013,059 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2009/03/25 11:06:28 | 00,079,880 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
DRV - [2009/03/25 11:06:28 | 00,035,272 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk [On_Demand | Running])
DRV - [2009/03/25 11:06:28 | 00,214,024 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk [System | Running])
DRV - [2009/03/25 11:05:54 | 00,034,216 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk [On_Demand | Stopped])
DRV - [2009/03/25 11:06:30 | 00,040,552 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk [On_Demand | Running])
DRV - [2008/10/23 13:08:54 | 00,120,136 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\Drivers\Mpfp.sys -- (MPFP [System | Running])
DRV - [2001/08/17 12:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Disabled | Stopped])
DRV - [2004/08/03 21:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Stopped])
DRV - [2004/02/13 15:46:00 | 00,017,153 | ---- | M] (Dell Inc) -- C:\WINDOWS\system32\DRIVERS\omci.sys -- (omci [System | Running])
DRV - [2004/07/16 16:47:14 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\pclepci.sys -- (PCLEPCI [System | Running])
DRV - [2009/04/03 11:18:26 | 00,130,936 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore [Boot | Running])
DRV - [2008/12/11 08:38:22 | 00,159,600 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi [System | Running])
DRV - [2008/12/10 11:36:04 | 00,064,392 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\pctplsg.sys -- (pctplsg [On_Demand | Running])
DRV - [2004/08/10 04:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007/03/07 16:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2001/08/17 12:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Disabled | Stopped])
DRV - [2001/08/17 12:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Disabled | Stopped])
DRV - [2001/08/17 12:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Disabled | Stopped])
DRV - [2004/08/31 07:53:04 | 00,011,354 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys -- (s24trans [Auto | Running])
DRV - [2004/04/06 14:07:54 | 00,004,493 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\emScan.sys -- (ScanUSBEMPIA [On_Demand | Stopped])
DRV - [2007/11/13 03:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2008/04/13 11:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Disabled | Stopped])
DRV - [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
DRV - [2001/08/17 13:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Disabled | Stopped])
DRV - [2004/07/14 10:29:04 | 00,005,627 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5 [System | Running])
DRV - [2004/07/14 10:28:50 | 00,023,545 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln [System | Running])
DRV - [2005/03/10 21:56:06 | 00,273,168 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97 [On_Demand | Running])
DRV - [2001/08/17 13:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Disabled | Stopped])
DRV - [2001/08/17 13:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Disabled | Stopped])
DRV - [2001/08/17 13:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Disabled | Stopped])
DRV - [2001/08/17 13:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Disabled | Stopped])
DRV - [2009/03/31 11:23:20 | 00,051,488 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon [Boot | Running])
DRV - [2009/03/31 11:23:24 | 00,033,056 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon [On_Demand | Running])
DRV - [2004/12/06 00:05:00 | 00,025,883 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,034,843 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,004,123 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,002,239 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,086,586 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,015,227 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,006,363 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,098,714 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf [Auto | Running])
DRV - [2004/12/06 00:05:00 | 00,100,603 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa [Auto | Running])
DRV - [2009/03/31 11:23:26 | 00,039,200 | ---- | M] (PC Tools) -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon [Boot | Running])
DRV - [2001/08/17 12:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Disabled | Stopped])
DRV - [2008/04/13 11:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2004/10/21 19:56:04 | 03,210,496 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\DRIVERS\w29n51.sys -- (w29n51 [On_Demand | Running])
DRV - [2004/06/17 19:55:38 | 00,685,056 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\PROGRAM FILES\MCAFEE\SITEADVISOR [2009/05/14 07:20:20 | 00,000,000 | ---D | M]


O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" (ATI Technologies, Inc.)
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless (Intel Corporation)
O4 - HKLM..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" (PC Tools)
O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
O4 - HKLM..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey (McAfee, Inc.)
O4 - HKLM..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc.)
O4 - HKLM..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController (Pinnacle Systems)
O4 - HKLM..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" (Pinnacle Systems)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe (SanDisk)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html (Google Inc.)
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html (Google Inc.)
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html (Google Inc.)
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html (Google Inc.)
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html (Google Inc.)
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 03:43:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{7c3b73fd-8e56-11dc-b78e-001422ed9cdb}\Shell\AutoRun\command - "" = G:\system\viewer\Viewer.exe -- File not found
O33 - MountPoints2\{7c3b73fd-8e56-11dc-b78e-001422ed9cdb}\Shell\View your videos\command - "" = G:\system\viewer\Viewer.exe -- File not found
O33 - MountPoints2\{aad4e36c-0294-11de-b88d-001422ed9cdb}\Shell - "" = AutoRun
O33 - MountPoints2\{aad4e36c-0294-11de-b88d-001422ed9cdb}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{aad4e36c-0294-11de-b88d-001422ed9cdb}\Shell\AutoRun\command - "" = E:\StarterOfficeGuardian.exe -- File not found
O33 - MountPoints2\{ab389ef4-bab5-11da-ab85-001422ed9cdb}\Shell\AutoRun\command - "" = E:\JDSecure\Windows\JDSecure31.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/14 19:22:53 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sa\Desktop\OTListIt2.exe
[2009/05/14 16:02:35 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp5BF9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpF1E9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpC8E9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpBBE9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp98C9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp83F9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp7CC9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp6FC9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp53D9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp37D9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp2AD9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp0FD9E.FOT
[2009/05/14 07:57:04 | 00,271,872 | ---- | C] () -- C:\Documents and Settings\Sa\My Documents\geezerhumor.doc
[2009/05/13 13:39:00 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/05/12 11:57:32 | 00,007,389 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF
[2009/05/12 11:56:24 | 00,000,671 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2009/05/12 11:56:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2009/05/12 11:52:19 | 00,040,552 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys
[2009/05/12 11:52:18 | 00,079,880 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2009/05/12 11:52:18 | 00,035,272 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2009/05/12 11:52:08 | 00,120,136 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys
[2009/05/12 11:51:28 | 00,000,334 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/05/12 11:51:26 | 00,000,326 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/05/12 11:50:57 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2009/05/12 11:50:36 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee
[2009/05/12 11:45:07 | 00,034,216 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2009/05/12 11:38:06 | 01,222,128 | ---- | C] (McAfee, Inc.) -- C:\Documents and Settings\Sa\Desktop\DMSetup.exe
[2009/05/12 10:31:45 | 00,000,209 | ---- | C] () -- C:\Boot.bak
[2009/05/12 10:31:41 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/05/12 10:31:34 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/05/12 10:29:07 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/05/12 10:29:07 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/05/12 10:29:07 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/05/12 10:29:07 | 00,117,248 | ---- | C] () -- C:\WINDOWS\vFind.exe
[2009/05/12 10:29:07 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/05/12 10:29:07 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/05/12 10:29:07 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/05/12 10:29:07 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/05/12 10:28:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/12 10:28:24 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/05/12 07:15:04 | 10,731,80672 | -HS- | C] () -- C:\hiberfil.sys
[2009/05/11 15:40:19 | 00,051,488 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfFsMon.sys
[2009/05/11 15:40:19 | 00,039,200 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfSysMon.sys
[2009/05/11 15:40:19 | 00,033,056 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfNetMon.sys
[2009/05/11 15:40:19 | 00,012,576 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfKbMon.sys
[2009/05/11 15:36:43 | 00,159,600 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2009/05/11 15:36:36 | 00,130,936 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009/05/11 15:36:36 | 00,073,840 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2009/05/11 15:36:31 | 00,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/05/11 15:36:24 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009/05/11 15:36:24 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/05/11 15:36:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/05/11 15:34:23 | 23,976,504 | ---- | C] (PC Tools ) -- C:\Documents and Settings\Sa\Desktop\sdasetup.exe
[2009/05/11 14:24:06 | 00,288,320 | R--- | C] (McAfee, Inc) -- C:\WINDOWS\System32\mcgdmgr.dll
[2009/05/11 14:24:05 | 00,349,760 | R--- | C] (McAfee, Inc) -- C:\WINDOWS\System32\mcinsctl.dll
[2009/05/11 14:24:05 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2009/05/11 13:54:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/05/10 13:05:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sa\Application Data\vlc
[2009/05/10 12:54:04 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/05/09 11:18:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sa\Desktop\How long is long enough Bulb Setting - PentaxForums_com_files
[2009/05/09 11:18:40 | 00,114,447 | ---- | C] () -- C:\Documents and Settings\Sa\Desktop\How long is long enough Bulb Setting - PentaxForums_com.htm
[2009/05/08 13:47:56 | 00,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/04/30 12:31:44 | 00,169,547 | ---- | C] () -- C:\Documents and Settings\Sa\My Documents\TheTippitGroupBrochure.pdf
[2009/04/30 11:58:53 | 00,001,336 | ---- | C] () -- C:\Documents and Settings\Sa\Desktop\McAfee Virtual Technician.lnk
[2009/04/25 19:55:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/04/25 19:54:08 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/04/25 19:51:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2009/04/25 19:51:06 | 00,000,938 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Photoshop Elements 7.0.lnk
[2009/04/23 20:19:43 | 00,009,518 | ---- | C] () -- C:\Documents and Settings\Sa\My Documents\Bilingual Case Specialist, Criminal Justice.htm
[2009/04/23 20:19:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Sa\My Documents\Bilingual Case Specialist, Criminal Justice_files
[2009/04/23 17:53:48 | 00,352,256 | ---- | C] () -- C:\Documents and Settings\Sa\My Documents\Unemployment Log.mdb
[2009/04/23 09:56:19 | 01,917,483 | ---- | C] () -- C:\Documents and Settings\Sa\Desktop\fraud-vworlds.pptx
[2009/04/23 09:44:23 | 00,000,000 | ---D | C] -- C:\Program Files\MSECache
[2009/04/23 08:58:49 | 27,024,112 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Sa\Desktop\PowerPointViewer.exe
[2009/04/23 08:50:30 | 00,000,000 | ---D | C] -- C:\paulspptpresentation
[2009/04/23 08:33:34 | 13,194,592 | ---- | C] () -- C:\Documents and Settings\Sa\Desktop\winzip120.exe
[2009/04/21 13:42:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/04/21 13:23:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2009/04/21 13:23:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/04/21 13:23:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/04/21 13:23:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/04/21 13:23:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/04/21 13:15:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/04/21 13:09:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/04/21 12:55:32 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/04/15 20:42:16 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/15 20:42:15 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/04/15 20:42:14 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/15 20:42:13 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/15 20:42:12 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/15 20:42:09 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/15 20:42:07 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/15 20:42:04 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/15 20:42:03 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/15 20:42:01 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/15 20:41:58 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/04/15 20:41:56 | 02,189,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/04/15 20:41:51 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/04/15 20:39:46 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/15 20:39:41 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/15 20:39:36 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2008/07/15 17:44:30 | 00,000,191 | ---- | C] () -- C:\WINDOWS\sc.INI
[2008/05/19 19:58:02 | 00,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2008/05/18 21:08:18 | 00,027,310 | ---- | C] () -- C:\WINDOWS\System32\kcopt.dll
[2008/05/12 14:58:07 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2007/04/17 12:05:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\EngineExe.INI
[2007/04/17 11:58:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\FileMgrExe.INI
[2007/04/13 21:06:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\AlbumExe.INI
[2007/04/13 19:18:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PanelExe.INI
[2006/03/21 15:39:11 | 00,000,104 | RHS- | C] () -- C:\WINDOWS\System32\98549BEE3F.sys
[2006/03/21 15:39:01 | 00,006,632 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/02/25 17:28:54 | 00,000,045 | ---- | C] () -- C:\WINDOWS\EPSC62.ini
[2006/02/12 19:40:34 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/01/29 16:01:28 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/01/29 15:46:04 | 00,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/01/29 15:34:16 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/01/29 15:05:34 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll
[2006/01/29 15:04:52 | 00,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 03:37:24 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 03:18:43 | 00,000,713 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/16 03:18:41 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/05 13:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 16:04:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/12 07:44:10 | 00,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004/03/18 07:44:29 | 01,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2004/01/27 05:13:02 | 00,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib_dec.dll
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 15:30:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/05/14 19:22:57 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sa\Desktop\OTListIt2.exe
[2009/05/14 19:03:59 | 00,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/05/14 19:03:30 | 00,007,389 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/05/14 19:02:48 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/14 19:00:45 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/14 19:00:29 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/14 19:00:27 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Sa\Local Settings\desktop.ini
[2009/05/14 19:00:24 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/14 19:00:21 | 10,731,80672 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/14 16:02:35 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp5BF9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpF1E9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpC8E9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpBBE9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp98C9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp83F9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp7CC9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp6FC9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp53D9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp37D9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp2AD9E.FOT
[2009/05/14 16:02:34 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp0FD9E.FOT
[2009/05/14 08:04:44 | 00,271,872 | ---- | M] () -- C:\Documents and Settings\Sa\My Documents\geezerhumor.doc
[2009/05/12 22:31:29 | 00,000,191 | ---- | M] () -- C:\WINDOWS\sc.INI
[2009/05/12 11:56:24 | 00,000,671 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2009/05/12 11:51:28 | 00,000,334 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/05/12 11:51:27 | 00,000,326 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/05/12 11:38:13 | 01,222,128 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\Sa\Desktop\DMSetup.exe
[2009/05/12 11:25:13 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/12 10:31:45 | 00,000,279 | RHS- | M] () -- C:\boot.ini
[2009/05/11 15:36:31 | 00,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/05/11 15:34:24 | 23,976,504 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Sa\Desktop\sdasetup.exe
[2009/05/11 15:00:53 | 00,001,336 | ---- | M] () -- C:\Documents and Settings\Sa\Desktop\McAfee Virtual Technician.lnk
[2009/05/09 11:18:46 | 00,114,447 | ---- | M] () -- C:\Documents and Settings\Sa\Desktop\How long is long enough Bulb Setting - PentaxForums_com.htm
[2009/05/09 10:45:57 | 00,006,656 | -HS- | M] () -- C:\WINDOWS\System32\Thumbs.db
[2009/05/09 09:03:48 | 00,352,256 | ---- | M] () -- C:\Documents and Settings\Sa\My Documents\Unemployment Log.mdb
[2009/05/07 00:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/03 11:45:18 | 00,000,713 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/01 15:36:46 | 00,117,248 | ---- | M] () -- C:\WINDOWS\vFind.exe
[2009/04/30 12:31:44 | 00,169,547 | ---- | M] () -- C:\Documents and Settings\Sa\My Documents\TheTippitGroupBrochure.pdf
[2009/04/28 13:21:29 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/04/28 13:21:29 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/04/28 13:21:29 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/04/28 13:21:29 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/04/28 13:21:29 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/04/28 13:21:29 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/04/26 19:28:31 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/26 07:20:38 | 00,330,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/25 19:51:07 | 00,000,938 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Photoshop Elements 7.0.lnk
[2009/04/23 20:19:44 | 00,009,518 | ---- | M] () -- C:\Documents and Settings\Sa\My Documents\Bilingual Case Specialist, Criminal Justice.htm
[2009/04/23 09:56:31 | 01,917,483 | ---- | M] () -- C:\Documents and Settings\Sa\Desktop\fraud-vworlds.pptx
[2009/04/23 08:58:51 | 27,024,112 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Sa\Desktop\PowerPointViewer.exe
[2009/04/23 08:45:00 | 00,001,732 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2009/04/23 08:33:34 | 13,194,592 | ---- | M] () -- C:\Documents and Settings\Sa\Desktop\winzip120.exe
[2009/04/21 13:48:58 | 00,428,972 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/21 13:48:57 | 00,073,096 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/21 13:48:56 | 00,510,162 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/21 13:48:48 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/04/21 13:46:37 | 00,000,073 | -HS- | M] () -- C:\Documents and Settings\Sa\My Documents\desktop.ini
[2009/04/21 13:06:51 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/04/20 12:56:28 | 00,031,232 | ---- | M] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

========== LOP Check ==========

[2009/05/12 11:56:24 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/04/25 19:56:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2007/08/26 18:28:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2006/02/12 19:41:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2007/10/25 19:03:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2006/08/27 19:16:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2009/04/25 19:55:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/05/14 07:21:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2006/01/29 15:47:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GTek
[2008/03/23 19:13:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2006/01/29 15:46:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2006/01/29 15:28:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intel
[2006/01/29 15:44:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2009/05/12 11:57:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2006/05/04 14:39:24 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/05/14 09:36:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/05/11 15:40:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2008/05/19 19:58:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2006/03/09 14:50:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2009/05/12 11:56:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2008/05/19 18:28:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2009/05/14 19:16:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/01/29 15:44:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/04/25 13:37:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/04/23 08:47:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2007/12/22 10:27:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/05/10 13:05:39 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Sa\Application Data
[2009/04/25 20:08:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Adobe
[2008/05/18 19:29:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\AdobeUM
[2008/05/26 09:43:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\ArcSoft
[2006/01/29 15:51:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Corel
[2006/04/25 16:09:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Corel Photo Album
[2008/07/30 09:24:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Costco Photo Viewer US
[2008/04/02 11:10:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\ESRI
[2006/07/11 20:26:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Google
[2007/05/01 13:50:49 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Sa\Application Data\Gtek
[2006/03/09 14:53:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Help
[2008/03/23 18:59:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\HP
[2005/08/16 03:50:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Identities
[2008/03/23 19:23:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Image Zone Express
[2006/01/29 15:29:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Intel
[2006/02/12 21:03:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Leadertech
[2006/02/12 20:57:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Macromedia
[2009/04/06 21:30:02 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Sa\Application Data\Microsoft
[2008/07/24 08:53:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Move Networks
[2007/06/19 13:00:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\MP3Rocket
[2008/05/16 14:06:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\NCH Swift Sound
[2009/04/11 11:36:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\OfficeGuardian
[2006/08/27 19:39:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Opera
[2009/01/19 12:41:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\PC Tools
[2008/05/14 09:36:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Recordpad
[2007/08/05 13:11:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Snapfish
[2006/02/12 21:03:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Sonic
[2008/10/13 19:59:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\SoundSpectrum
[2006/01/29 15:25:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Sun
[2008/07/18 15:02:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\Viewpoint
[2009/05/10 13:07:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Sa\Application Data\vlc
[2004/08/10 04:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/05/14 19:00:45 | 00,000,868 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job
[2009/05/12 11:51:28 | 00,000,334 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2009/05/12 11:51:27 | 00,000,326 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
[2009/05/14 19:00:29 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========


========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Sa\Desktop\Shortcut to Microsoft QuickBASIC.pif:SummaryInformation
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DADC1FF8
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
< End of report >


Extras.txt
OTListIt Extras logfile created on: 5/14/2009 7:28:00 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.7 Folder = C:\Documents and Settings\Sa\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.40 Mb Total Physical Memory | 586.78 Mb Available Physical Memory | 57.34% Memory free
2.40 Gb Paging File | 1.62 Gb Available in Paging File | 67.29% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 88.19 Gb Total Space | 60.48 Gb Free Space | 68.57% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SALSLAPTOP
Current User Name: Sa
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
File not found -- C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
File not found -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
File not found -- C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0
[2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2006/11/10 08:53:57 | 03,716,614 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Rosetta Stone\RS2.1.5.1A\Rosetta Stone.exe:*:Disabled:Rosetta Stone 2.1.5.1A
[2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger
[2005/05/11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
[2005/05/12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
[2005/05/24 02:17:46 | 00,225,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
[2005/05/24 02:18:00 | 00,040,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
[2005/05/24 02:13:32 | 00,081,920 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
[2005/05/12 10:06:08 | 00,200,704 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
[2005/05/12 07:28:02 | 01,081,344 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
[2005/05/24 02:42:00 | 00,172,032 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe
[2005/05/12 08:34:58 | 00,151,635 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe
[2005/05/24 02:18:52 | 00,458,752 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
[2005/03/15 15:12:10 | 00,417,792 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
[2005/03/15 15:17:50 | 00,704,512 | ---- | M] ( ) -- C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe
[2005/05/24 02:34:36 | 00,057,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
[2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/09/16 12:03:34 | 02,954,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server
[2005/09/09 04:51:30 | 04,296,704 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server
[2009/01/09 11:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0CC717F3-1B28-45D8-B28C-FEB6BB8761DF}" = 2009 ACFE Exam Prep
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F528948-0E80-4C96-B455-DE4167CB1DF7}" = Internal Network Card Power Management
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2466E904-7E48-4597-9321-722CF02930EB}" = 5600
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}" = Next Generation Visualisations
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{601C6E14-DF1E-4113-A8C8-F9DB90CB0D88}" = SanDisk TransferMate
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Management Programs 2
"{66563AD8-637B-407F-BCA7-0233A16891AB}" = Business Contact Manager for Outlook 2003
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{8685BFA3-470B-4E20-A41F-A60BBD40E6E2}" = LexarMedia ImageRescue Software
"{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A918DE8A-98C8-0920-0001-000000000000}" = Multimedia Samples
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional
"{AFBBF30D-ADA9-4313-464E-14458B6BE034}" = PhotoshopdotcomInspirationBrowser
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B67624DE-75CE-4FAD-9F29-5C115773CE61}" = Studio 9 Content CD/DVD
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BFD5AC8A-5884-4da8-9873-3DF8E3DCCE18}" = 5600Trb
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}" = mToolkit
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CC7984C5-020D-4944-85A0-58D09D4A8BFB}" = 5600_Help
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D76D1828-BBA0-4BD9-8181-5ACC617DC5F2}" = Virtual Earth 3D (Beta)
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}" = Adobe Photoshop Elements 4.0
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"3ivx D4 4.5.1 Decoder" = 3ivx D4 4.5.1 Decoder (remove only)
"Abacast Client" = Abacast Client
"Adobe Acrobat 7.0 Professional" = Adobe Acrobat 7.1.0 Professional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Photoshop Elements 4" = Adobe Photoshop Elements 4.0
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"ApecSoft 3GP Flash Video Converter_is1" = 3GP Flash Video Converter V1.33
"ATI Display Driver" = ATI Display Driver
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.9x Modem
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"EPSON Printer and Utilities" = EPSON Printer Software
"Focus Magic_is1" = Focus Magic 3.02
"Google Updater" = Google Updater
"GoogleVideoPlayer" = Google Video Player
"Hollywood FX 5.5 Additional Effects" = Hollywood FX 5.5 Additional Effects
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Management Programs 2
"JL2005A Toy Camera_is1" = Uninstall JL2005A Toy Camera
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MP3 Rocket" = MP3 Rocket
"MSC" = McAfee SecurityCenter
"New Yorker Viewer1.0" = New Yorker Viewer
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"proDAD-Heroglyph-1.0" = proDAD Heroglyph 1.0
"proDAD-Heroglyph-2.0" = proDAD Heroglyph 2.0
"ProInst" = Intel® PROSet/Wireless Software
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer Basic
"Recover My Files_is1" = Recover My Files
"Rosetta Stone 2.1.5.1A" = Rosetta Stone 2.1.5.1A
"Smart WAV Converter Pro_is1" = Smart WAV Converter Pro
"SoundCapture" = SoundCapture
"Spyware Doctor" = Spyware Doctor 6.0
"ST6UNST #1" = DataLifter - Digital Companion
"StreetPlugin" = Learn2 Player (Uninstall Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 0.9.9
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"WhiteCap" = WhiteCap
"WIC" = Windows Imaging Component
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinHex" = WinHex

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/7/2009 1:12:25 AM | Computer Name = SALSLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x03073710.

Error - 5/10/2009 11:00:41 PM | Computer Name = SALSLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application vlc.exe, version 0.9.9.0, faulting module libvout_directx_plugin.dll,
version 0.0.0.0, fault address 0x00005cbc.

Error - 5/10/2009 11:36:37 PM | Computer Name = SALSLAPTOP | Source = Application Hang | ID = 1002
Description = Hanging application taskmgr.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/11/2009 1:08:06 AM | Computer Name = SALSLAPTOP | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/11/2009 1:13:39 AM | Computer Name = SALSLAPTOP | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/11/2009 10:24:35 PM | Computer Name = SALSLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x10051e85.

Error - 5/11/2009 10:25:17 PM | Computer Name = SALSLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x10051e85.

Error - 5/14/2009 7:02:10 PM | Computer Name = SALSLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application rosetta stone.exe, version 9.0.0.383, faulting
module ~df394b.tmp, version 0.0.0.0, fault address 0x00083c9c.

Error - 5/14/2009 9:53:47 PM | Computer Name = SALSLAPTOP | Source = Application Hang | ID = 1002
Description = Hanging application Rosetta Stone.exe, version 9.0.0.383, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/14/2009 9:54:17 PM | Computer Name = SALSLAPTOP | Source = Application Hang | ID = 1002
Description = Hanging application Rosetta Stone.exe, version 9.0.0.383, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 5/12/2009 11:06:07 PM | Computer Name = SALSLAPTOP | Source = PSched | ID = 14103
Description = QoS [Adapter {DFE9AB68-AE4D-4545-9227-FFF31230F546}]: The netcard driver
failed the query for OID_GEN_LINK_SPEED.

Error - 5/12/2009 11:10:33 PM | Computer Name = SALSLAPTOP | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.254.1 for the Network Card with network
address 0013CED6A672 has been denied by the DHCP server 192.168.254.254 (The DHCP
Server sent a DHCPNACK message).

Error - 5/13/2009 1:33:13 AM | Computer Name = SALSLAPTOP | Source = DCOM | ID = 10010
Description = The server {4BEE36D7-DF28-49C1-8B85-1F3AED830E66} did not register
with DCOM within the required timeout.

Error - 5/13/2009 10:19:04 AM | Computer Name = SALSLAPTOP | Source = DCOM | ID = 10010
Description = The server {0228576F-6E6C-4E1A-B175-0E46A316AFE2} did not register
with DCOM within the required timeout.

Error - 5/13/2009 2:37:54 PM | Computer Name = SALSLAPTOP | Source = PSched | ID = 14103
Description = QoS [Adapter {DFE9AB68-AE4D-4545-9227-FFF31230F546}]: The netcard driver
failed the query for OID_GEN_LINK_SPEED.

Error - 5/13/2009 6:41:36 PM | Computer Name = SALSLAPTOP | Source = PSched | ID = 14103
Description = QoS [Adapter {DFE9AB68-AE4D-4545-9227-FFF31230F546}]: The netcard driver
failed the query for OID_GEN_LINK_SPEED.

Error - 5/14/2009 12:57:02 PM | Computer Name = SALSLAPTOP | Source = PSched | ID = 14103
Description = QoS [Adapter {DFE9AB68-AE4D-4545-9227-FFF31230F546}]: The netcard driver
failed the query for OID_GEN_LINK_SPEED.

Error - 5/14/2009 2:58:52 PM | Computer Name = SALSLAPTOP | Source = PSched | ID = 14103
Description = QoS [Adapter {DFE9AB68-AE4D-4545-9227-FFF31230F546}]: The netcard driver
failed the query for OID_GEN_LINK_SPEED.

Error - 5/14/2009 9:40:45 PM | Computer Name = SALSLAPTOP | Source = PSched | ID = 14103
Description = QoS [Adapter {DFE9AB68-AE4D-4545-9227-FFF31230F546}]: The netcard driver
failed the query for OID_GEN_LINK_SPEED.

Error - 5/14/2009 9:58:40 PM | Computer Name = SALSLAPTOP | Source = DCOM | ID = 10010
Description = The server {4BEE36D7-DF28-49C1-8B85-1F3AED830E66} did not register
with DCOM within the required timeout.


< End of report >

My Spyware Doctor caught Trojan-Dropper.Agent.AIUB last night and this morning

http://www.threatexpert.com/report.aspx?md...fb5f389054db345

I've got McAfee performing a full scan right now; any thoughts?

Your system shows clean.

What was the file name the Spyware Doctor detected?