How do I fix damaged svchost.exe

Svchost.exe is using 100% of my computer and i have tried everything to fix it. My computer is running really slow and internet is slow. The only thing i can think of is that svchost.exe is damaged. Just need to know how to fix it so it will stop using 100% of my computer. thanks

Download OTL by OldTimer to your Desktop.

• Close all windows and double click OTL.exe
  
• Click Run Scan and let the program run uninterrupted
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.
  

OTL logfile created on: 03/22/2010 11:30:26 PM - Run 4
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Jonathan Murray\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy

479.00 Mb Total Physical Memory | 182.00 Mb Available Physical Memory | 38.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 14.36 Gb Free Space | 19.27% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JONATHAN
Current User Name: Jonathan Murray
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/22 23:29:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jonathan Murray\Desktop\OTL.exe
PRC - [2010/01/15 23:09:37 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/02/10 08:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2006/01/26 17:55:04 | 001,486,848 | ---- | M] () -- C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe


========== Modules (SafeList) ==========

MOD - [2010/03/22 23:29:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jonathan Murray\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Roxio UPnP Renderer 11)
SRV - File not found [Disabled | Stopped] -- -- (msCMTSrvc)
SRV - [2010/01/21 19:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Disabled | Stopped] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/11/06 15:29:22 | 001,141,712 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/10/30 12:18:16 | 000,359,624 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2007/09/05 16:43:24 | 000,389,448 | ---- | M] (Webroot Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Webroot\Washer\WasherSvc.exe -- (wwEngineSvc)
SRV - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Disabled | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006/03/03 22:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/05/12 19:32:38 | 000,045,056 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2002/03/25 14:34:08 | 000,258,048 | ---- | M] (NeoPlanet) [Disabled | Stopped] -- C:\Program Files\COMPAQ\Compaq Advisor\bin\compaq-rba.exe -- (Compaq_RBA)


========== Driver Services (SafeList) ==========

DRV - [2009/12/16 17:27:00 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/12/16 17:26:58 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/16 17:26:56 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/11/09 12:20:12 | 000,207,792 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2008/05/09 09:41:00 | 000,716,272 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008/04/13 14:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 14:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 14:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/06 13:30:03 | 000,018,816 | ---- | M] (RIF) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dvd43llh.sys -- (dvd43llh)
DRV - [2008/03/12 04:00:00 | 000,009,200 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2008/03/12 04:00:00 | 000,009,072 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2007/06/15 16:35:30 | 000,082,432 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swnc8u12.sys -- (SWNC8U12) Sierra Wireless MUX NDIS Driver (UMTS12)
DRV - [2007/06/15 16:35:30 | 000,066,304 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swumx12.sys -- (swumx12) Sierra Wireless USB MUX Driver (UMTS12)
DRV - [2007/06/14 14:59:26 | 000,032,160 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2007/05/23 17:26:34 | 000,049,904 | ---- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2005/10/06 15:17:34 | 000,280,576 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WG311v3XP.sys -- (W8335XP) NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335)
DRV - [2005/06/28 12:32:14 | 000,113,664 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mr7910.sys -- (mr7910)
DRV - [2004/09/25 01:39:08 | 000,289,792 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2004/09/25 01:38:32 | 000,023,936 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2004/09/25 01:29:50 | 000,141,184 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2004/09/25 01:26:40 | 000,200,832 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\Udfreadr.sys -- (UDFReadr)
DRV - [2004/09/25 01:26:28 | 000,023,808 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2004/09/25 01:23:16 | 000,117,632 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pwd_2k.sys -- (pwd_2K)
DRV - [2004/08/03 22:41:40 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2004/08/03 22:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/03 22:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/03 22:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/03 22:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/03 22:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/03 22:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/03 22:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 22:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/03 22:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/03 22:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv05nt.sys -- (iAimFP2)
DRV - [2004/05/12 18:41:32 | 000,652,360 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2004/05/12 18:38:02 | 000,014,408 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2004/05/12 18:35:08 | 000,231,224 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2004/05/12 18:29:50 | 000,100,384 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2004/05/12 18:28:06 | 001,395,296 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2004/05/12 18:21:18 | 000,013,232 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2004/01/06 15:57:24 | 000,887,431 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winachcf.sys -- (Winachcf)
DRV - [2003/11/08 08:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2003/11/08 08:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2003/11/08 08:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/25 17:59:36 | 000,642,958 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51) Intel(R)
DRV - [2002/03/26 15:20:22 | 000,013,780 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/03/19 14:08:00 | 000,096,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002/03/09 14:53:00 | 000,909,501 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2001/12/07 19:26:00 | 000,013,502 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2001/09/25 14:02:18 | 000,027,519 | ---- | M] (SMC2208USB/ETH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SMC2208.SYS -- (USB-100)
DRV - [2001/08/23 15:00:00 | 000,022,400 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbcpHid.sys -- (SbcpHid)
DRV - [2001/08/17 13:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/09 22:26:02 | 000,022,608 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wandrv.sys -- (wandrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://rd.yahoo.com/customize/yessentials_cq/defaults/cs/*http://www.yahoo.com/search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,searched = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 26 E1 47 01 6E 3F 1E 4B A3 1B 45 C6 A1 C5 E3 BA [binary data]
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\CNNSI, = search.sportsillustrated.cnn.com/pages/search.jsp?query=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Dictionary, = dictionary.reference.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Google, = google.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleGroups, = groups-beta.google.com/groups?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleImages, = images.google.com/images?hl=en&lr=&q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleNews, = news.google.com/news?tab=gn&hl=en&ie=UTF-8&q=%s&btnG=Search+News
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\KB, = support.microsoft.com/search/default.aspx?query=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\KBDLL, = support.microsoft.com/dllhelp/default.aspx?dlltype=file&l=55&alpha=%s&S=1
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Movies, = fandango.com/my_box_office.asp?searchby=2&txtCityZip=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, = search.msn.com/results.asp?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Thesaurus, = thesaurus.reference.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Weather, = weather.com/weather/local/%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Yahoo, = search.yahoo.com/search?p=%s
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/19 01:42:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/18 22:15:15 | 000,000,000 | ---D | M]

[2009/06/01 19:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Extensions
[2010/02/18 22:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\extensions
[2009/09/02 15:39:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/18 22:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\extensions\personas@christopher.beard
[2009/10/12 15:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\extensions\smarterwiki@wikiatic.com
[2009/12/04 02:42:50 | 000,002,424 | ---- | M] () -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\searchplugins\askcom.xml
[2009/09/14 15:16:46 | 000,009,941 | ---- | M] () -- C:\Documents and Settings\Jonathan Murray\Application Data\Mozilla\Firefox\Profiles\2tis2day.default\searchplugins\mywebsearch.xml
[2010/02/09 15:04:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/03/05 01:48:55 | 003,896,850 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost #IPv4
O1 - Hosts: ::1 localhost # IPv6
O1 - Hosts: 127.0.0.1 0.gvt0.com
O1 - Hosts: 127.0.0.1 00.eatgoogle.345.pl
O1 - Hosts: 127.0.0.1 00.eatgoogle.bee.pl
O1 - Hosts: 127.0.0.1 00.eatgoogle.bij.pl
O1 - Hosts: 127.0.0.1 00.eatgoogle.orge.pl
O1 - Hosts: 127.0.0.1 00.eatgoogle.osa.pl
O1 - Hosts: 127.0.0.1 00.googleeat.345.pl
O1 - Hosts: 127.0.0.1 00.googleeat.bee.pl
O1 - Hosts: 127.0.0.1 00.googleeat.bij.pl
O1 - Hosts: 127.0.0.1 00.googleeat.orge.pl
O1 - Hosts: 127.0.0.1 00.googleeat.osa.pl
O1 - Hosts: 127.0.0.1 00.moregoogle.345.pl
O1 - Hosts: 127.0.0.1 00.moregoogle.bee.pl
O1 - Hosts: 127.0.0.1 00.moregoogle.bij.pl
O1 - Hosts: 127.0.0.1 00.moregoogle.osa.pl
O1 - Hosts: 127.0.0.1 00.w88w8w.cn
O1 - Hosts: 127.0.0.1 000.bbexe.cn
O1 - Hosts: 127.0.0.1 0-0-0-0-0-0-0-0-0-0-0-0-0-1-0-0-0-0-0-0-0-0-0-0-0-0-0.info
O1 - Hosts: 127.0.0.1 0-0-0-0-0-0-0-0-0-0-0-0-0-10-0-0-0-0-0-0-0-0-0-0-0-0-0.info
O1 - Hosts: 127.0.0.1 0-0-0-0-0-0-0-0-0-0-0-0-0-2-0-0-0-0-0-0-0-0-0-0-0-0-0.info
O1 - Hosts: 127.0.0.1 0-0-0-0-0-0-0-0-0-0-0-0-0-3-0-0-0-0-0-0-0-0-0-0-0-0-0.info
O1 - Hosts: 127.0.0.1 0-0-0-0-0-0-0-0-0-0-0-0-0-4-0-0-0-0-0-0-0-0-0-0-0-0-0.info
O1 - Hosts: 127.0.0.1 0-0-0-0-0-0-0-0-0-0-0-0-0-5-0-0-0-0-0-0-0-0-0-0-0-0-0.info
O1 - Hosts: 118527 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - No CLSID value found.
O2 - BHO: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {43F02779-6D88-4958-8AD3-83C12D86ADC7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://downloads.ewido.net/ewidoOnlineScan.cab (ewidoOnlineScan Control)
O16 - DPF: {2C8EEB84-6D60-11D4-BD64-0050048A82BF} http://tech-c.mhi.aol.com/netagent/objects/custappx2.CAB (Reg Error: Key error.)
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} http://aolcc.aol.com/computercheckup/qdiagcc.cab (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146782885359 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146783650515 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/01 23:04:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/22 20:06:02 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/03/17 20:59:12 | 000,000,000 | -HSD | C] -- C:\AV2009_quarantine
[2010/03/17 20:51:15 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/03/04 20:32:53 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue(2)
[2010/03/03 19:36:17 | 000,000,000 | ---D | C] -- C:\RECYCLER(2)
[2010/03/02 13:53:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2010/03/01 20:44:03 | 000,000,000 | ---D | C] -- C:\windowsupdateagent30-x86
[2010/02/22 22:30:14 | 000,000,000 | ---D | C] -- C:\blackpudding
[2010/02/22 22:21:38 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW.1.tmp
[2010/02/19 19:58:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/02/19 19:58:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/02/19 19:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/02/19 19:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/02/19 17:54:47 | 006,885,744 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WindowsUpdateAgent30-x64.exe
[2010/02/18 22:09:51 | 008,327,264 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.6.exe
[2010/02/15 15:31:22 | 045,174,032 | ---- | C] (COMODO) -- C:\Program Files\CIS_Setup_3.14.130099.587_XP_Vista_x32.exe
[2010/02/15 15:22:23 | 009,034,488 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mssefullinstall-x86fre-en-us-xp.exe
[2010/01/22 00:27:27 | 000,173,119 | ---- | C] (Eric_71) -- C:\Program Files\Rooter.exe
[2010/01/21 00:56:28 | 001,956,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flash_player_ax.exe
[2010/01/16 01:09:08 | 000,800,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jre-6u17-windows-i586-iftw-rv.exe
[2010/01/16 00:55:52 | 027,386,256 | ---- | C] ( ) -- C:\Program Files\AdbeRdr930_en_US.exe
[2010/01/11 00:04:27 | 034,628,432 | ---- | C] (PC Tools ) -- C:\Program Files\sdsetup.exe
[2010/01/07 14:28:31 | 040,603,920 | ---- | C] (COMODO) -- C:\Program Files\CIS_Setup_3.13.125662.579_XP_Vista_x32.exe
[2010/01/07 14:00:35 | 000,891,248 | ---- | C] (AVG Technologies) -- C:\Program Files\avg_free_stb_all_9_40_cnet.exe
[2010/01/05 14:40:58 | 005,061,520 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup.exe
[2010/01/01 22:55:35 | 008,086,544 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.5.6.exe
[2009/12/05 02:08:42 | 214,167,816 | ---- | C] (Nero AG) -- C:\Program Files\Nero-9.4.26.0_trial.exe
[2009/12/04 19:35:40 | 002,081,039 | ---- | C] (Cucusoft, Inc. ) -- C:\Program Files\dvd-author.exe
[2009/12/04 19:29:05 | 003,119,665 | ---- | C] (Cucusoft, Inc. ) -- C:\Program Files\dvd-burner.exe
[2009/12/04 19:24:27 | 015,672,013 | ---- | C] (Any-Video-Converter.com ) -- C:\Program Files\avc-free.exe
[2009/12/04 18:56:45 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Jonathan Murray\Application Data\pcouffin.sys
[2009/12/04 18:52:35 | 018,026,336 | ---- | C] (VSO-Software ) -- C:\Program Files\vsoConvertXtoDVD4_setup.exe
[2009/12/04 15:49:15 | 023,804,080 | ---- | C] (DivX, Inc.) -- C:\Program Files\DivXInstaller.exe
[2009/12/04 15:14:00 | 006,104,788 | ---- | C] (Burnaware Technologies ) -- C:\Program Files\burnaware_free242.exe
[2009/12/02 19:12:06 | 008,084,968 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.5.5.exe
[2009/11/13 15:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\qqrcuppz
[2009/11/13 15:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\qqrcuppz
[2009/10/07 16:01:32 | 003,340,064 | ---- | C] (Unity Technologies ApS) -- C:\Program Files\UnityWebPlayer.exe
[2009/09/15 15:42:01 | 025,685,128 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wordview_en-us.exe
[2009/09/04 15:47:45 | 011,729,274 | ---- | C] (AGBO Business Architecture S.L. ) -- C:\Program Files\installeasyjob.exe
[2009/09/02 15:29:16 | 008,050,536 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.5.2.exe
[2009/07/20 17:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2009/07/20 17:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2009/07/07 19:45:58 | 000,359,656 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msicuu2.exe
[2009/06/02 04:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Mozilla
[2009/02/16 00:28:41 | 016,939,888 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-ENU.exe
[2008/12/13 23:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2008/11/23 13:56:50 | 025,740,144 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wmp11-windowsxp-x86-enu.exe
[2008/07/03 20:21:54 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Program Files\WinsockxpFix.exe
[2008/05/30 22:07:36 | 009,723,880 | ---- | C] (Safer Networking Limited ) -- C:\Program Files\spybotsd152.exe
[2008/05/28 20:21:48 | 001,244,712 | ---- | C] (Microsoft Corporation) -- C:\Program Files\SetupOneCare.exe
[2008/05/08 23:44:32 | 010,121,656 | ---- | C] (Alcohol Soft) -- C:\Program Files\Alcohol120_trial_1.9.7.6221.exe
[2008/04/06 13:28:37 | 000,569,777 | ---- | C] ( ) -- C:\Program Files\DVD43_4-2-0_Setup.exe
[2008/01/05 14:20:19 | 003,381,280 | ---- | C] (Lime Wire LLC) -- C:\Program Files\LimeWireWin.exe
[2007/10/18 19:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2007/10/09 19:11:21 | 000,014,992 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys
[2007/10/08 19:22:30 | 001,395,296 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2007/10/08 19:22:30 | 000,652,360 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2007/10/08 19:22:30 | 000,231,224 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2007/10/08 19:22:30 | 000,100,384 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2007/10/08 19:22:30 | 000,014,408 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\RecAgent.sys
[2007/10/08 19:22:30 | 000,013,232 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2006/12/02 12:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AOL
[2006/06/12 14:48:46 | 001,160,885 | ---- | C] (Fengtao Software Inc. ) -- C:\Program Files\DVDRegionFree59.exe
[2006/05/09 22:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2006/03/12 17:49:48 | 003,457,413 | ---- | C] (LG Software Innovations ) -- C:\Program Files\1clickdvdcopysetup.exe
[2006/03/12 15:17:32 | 000,521,403 | ---- | C] ( ) -- C:\Program Files\DVD43_3-7-0_Setup.exe
[2005/09/23 22:14:13 | 024,265,736 | ---- | C] (Microsoft) -- C:\Program Files\dotnetfx.exe
[2005/03/03 17:35:53 | 020,798,256 | ---- | C] (Netopsystems AG ) -- C:\Program Files\AdbeRdr70_enu_full.exe
[2005/01/12 17:05:48 | 000,090,112 | ---- | C] ( ) -- C:\WINDOWS\System32\SCCD3X02.DLL
[2005/01/09 18:39:22 | 002,145,414 | ---- | C] (Kodak) -- C:\Program Files\OneTouch.exe
[2005/01/07 22:48:05 | 004,354,084 | ---- | C] (Safer Networking Limited ) -- C:\Program Files\spybotsd13.exe
[45 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[361 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[25 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/22 23:29:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jonathan Murray\Desktop\OTL.exe
[2010/03/22 23:18:12 | 000,462,908 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/22 23:18:12 | 000,077,626 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/22 23:18:11 | 000,550,784 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/19 19:42:03 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Jonathan Murray\Desktop\Shortcut to Internet Explorer.lnk
[2010/03/19 19:34:03 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/19 19:34:02 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2010/03/19 19:33:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/19 19:33:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/19 19:33:53 | 502,751,232 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/19 19:28:23 | 009,175,040 | ---- | M] () -- C:\Documents and Settings\Jonathan Murray\ntuser.dat
[2010/03/19 19:17:54 | 004,270,708 | -H-- | M] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\IconCache.db
[2010/03/17 19:23:07 | 000,001,561 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/17 19:23:07 | 000,000,240 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/03/17 19:01:17 | 000,025,032 | ---- | M] () -- C:\neoLogitCore.lo_
[2010/03/10 01:50:17 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/03/05 01:48:55 | 003,896,850 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2010/03/02 00:57:48 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Jonathan Murray\ntuser.ini
[2010/03/01 20:30:05 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/01 20:30:05 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/02/25 18:30:56 | 502,779,904 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010/02/25 18:30:55 | 000,580,065 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010/02/25 00:36:59 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Jonathan Murray\Desktop\gmer.zip
[2010/02/23 16:20:09 | 003,869,515 | R--- | M] () -- C:\Documents and Settings\Jonathan Murray\Desktop\blackpudding.exe
[45 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[361 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[25 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/19 19:42:03 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Desktop\Shortcut to Internet Explorer.lnk
[2010/03/17 19:29:03 | 502,751,232 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/01 20:30:05 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/03/01 20:30:05 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/02/22 22:23:26 | 003,869,515 | R--- | C] () -- C:\Documents and Settings\Jonathan Murray\Desktop\blackpudding.exe
[2010/01/28 15:45:48 | 000,000,082 | ---- | C] () -- C:\Program Files\CFscript.txt
[2010/01/17 22:53:54 | 000,595,499 | ---- | C] () -- C:\Program Files\Autoruns.zip
[2010/01/15 18:07:16 | 000,843,187 | ---- | C] () -- C:\Program Files\SecurityCheck.exe
[2010/01/14 19:13:27 | 002,672,312 | ---- | C] () -- C:\Program Files\esetsmartinstaller_enu.exe
[2010/01/11 00:40:03 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010/01/11 00:40:03 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/01/10 18:03:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\prvlcl.dat
[2010/01/07 15:53:23 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2010/01/05 18:42:55 | 007,451,168 | ---- | C] () -- C:\Program Files\SUPERAntiSpywarePro.exe
[2010/01/04 02:29:30 | 000,044,024 | ---- | C] () -- C:\Program Files\bookmarks1-3-09.html
[2009/12/05 12:33:30 | 000,000,145 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Application Data\default.rss
[2009/12/04 19:30:05 | 001,208,320 | ---- | C] () -- C:\WINDOWS\System32\cygxml2-2.dll
[2009/12/04 19:30:05 | 000,980,992 | ---- | C] () -- C:\WINDOWS\System32\cygiconv-2.dll
[2009/12/04 19:30:05 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2009/12/04 18:58:47 | 000,001,041 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Application Data\vso_ts_preview.xml
[2009/12/04 18:57:32 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Application Data\pcouffin.log
[2009/12/04 18:56:45 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Application Data\pcouffin.cat
[2009/12/04 18:56:45 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Application Data\pcouffin.inf
[2009/12/04 15:16:55 | 000,000,267 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Application Data\burnaware.ini
[2009/12/03 20:13:28 | 003,066,744 | ---- | C] () -- C:\Program Files\BitTorrent-6.3c.exe
[2009/10/04 13:11:46 | 012,541,248 | ---- | C] () -- C:\Program Files\RLCSetup.exe
[2009/09/15 15:26:41 | 000,013,824 | R--- | C] () -- C:\Program Files\TRU_Unicru_92908.doc
[2009/09/12 16:16:09 | 004,122,416 | ---- | C] () -- C:\Program Files\freeclip.exe
[2009/09/11 18:55:37 | 000,052,736 | ---- | C] () -- C:\Program Files\oown_resume_template.doc
[2009/06/01 23:26:05 | 000,004,184 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\A6022701-B95D-48CB-A9E8-85F2A3086C61.txt
[2009/06/01 20:23:30 | 000,004,602 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\A6022701-B95D-48CB-A9E8-85F2A3086C61.txt
[2008/12/25 20:52:12 | 000,006,324 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\rx_audio.Cache
[2008/12/25 20:51:31 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\rx_image32.Cache
[2008/09/05 22:40:57 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.Jonathan Murray.ini
[2008/05/27 23:12:30 | 007,608,344 | ---- | C] () -- C:\Program Files\spyhunterFULL.exe
[2008/05/16 23:02:13 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/09 09:47:14 | 001,206,366 | ---- | C] () -- C:\Program Files\wrar371.exe
[2008/05/09 09:43:39 | 000,244,784 | ---- | C] () -- C:\Program Files\gnie_s_dvd4-iml2iso.rar
[2008/05/08 23:28:45 | 001,385,051 | ---- | C] () -- C:\Program Files\cddvdgen.zip
[2008/05/08 23:12:54 | 000,899,414 | ---- | C] () -- C:\Program Files\SetupDVDDecrypter_3.5.4.0.exe
[2007/10/09 19:11:21 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll
[2007/10/09 19:11:21 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll
[2007/10/09 19:11:20 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll
[2007/10/08 19:22:29 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[2007/10/08 19:22:29 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[2007/10/08 19:22:29 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll
[2007/04/04 19:55:51 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/23 13:28:39 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2006/12/23 13:23:06 | 000,001,730 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/06/17 20:07:59 | 001,522,527 | ---- | C] () -- C:\Program Files\dvdrip32572.exe
[2006/06/12 14:54:26 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2006/06/09 20:14:32 | 000,000,015 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameE.txt
[2006/06/07 19:20:21 | 005,057,980 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\imageCache7.db
[2006/06/04 01:56:43 | 000,302,680 | ---- | C] () -- C:\Program Files\ac3filter_0_70b.exe
[2006/06/04 01:50:47 | 000,156,181 | ---- | C] () -- C:\Program Files\MpegDecoder012.zip
[2006/06/03 20:49:56 | 006,973,792 | ---- | C] () -- C:\Program Files\iaplayer_2.60.12.0201_esd.exe
[2006/06/03 17:08:02 | 005,753,886 | ---- | C] () -- C:\Program Files\psp_video_express.exe
[2006/05/14 20:17:10 | 005,779,942 | ---- | C] () -- C:\Program Files\psp_movie_creator.exe
[2006/04/05 10:14:00 | 000,000,163 | ---- | C] () -- C:\WINDOWS\QAWIN32.INI
[2006/03/11 19:17:39 | 003,878,912 | ---- | C] () -- C:\Program Files\ICopyDVDs2_30DayTrial_EN_v4.1.0.2.exe
[2006/01/29 21:05:42 | 007,391,952 | ---- | C] () -- C:\Program Files\ewido-setup.exe
[2005/09/26 20:00:34 | 000,004,588 | ---- | C] () -- C:\WINDOWS\System32\1C6C6B1G.DRV
[2005/09/26 20:00:33 | 000,003,968 | ---- | C] () -- C:\WINDOWS\System32\1EBGEHCJBCF.SYS
[2005/09/26 20:00:33 | 000,003,844 | ---- | C] () -- C:\WINDOWS\System32\3JDJCGAGE.SYS
[2005/09/26 19:55:32 | 000,001,984 | ---- | C] () -- C:\WINDOWS\System32\D9E2.INI
[2005/09/26 19:54:04 | 000,001,488 | ---- | C] () -- C:\WINDOWS\System32\CBCFDABGBAG.INI
[2005/09/26 19:54:03 | 000,000,496 | ---- | C] () -- C:\WINDOWS\System32\1F7A.SYS
[2005/09/26 19:54:02 | 000,004,588 | ---- | C] () -- C:\WINDOWS\System32\ASPI16.SYS
[2005/09/26 19:54:02 | 000,000,248 | ---- | C] () -- C:\WINDOWS\System32\1G9J3C.DRV
[2005/09/25 10:31:51 | 000,194,835 | ---- | C] () -- C:\Program Files\ringtoneripper.exe
[2005/09/24 11:47:42 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\fusioncache.dat
[2005/09/24 11:43:58 | 000,000,064 | -H-- | C] () -- C:\Program Files\AppUpdate.log
[2005/04/10 09:51:43 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2005/03/30 00:13:22 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[2005/03/01 15:30:20 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2005/01/22 13:31:51 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Blink.ini
[2005/01/16 14:14:39 | 000,000,026 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI
[2005/01/16 13:58:49 | 000,000,175 | ---- | C] () -- C:\WINDOWS\upst.ini
[2005/01/12 17:05:48 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\SCCD3X01.DLL
[2005/01/02 23:29:49 | 001,505,160 | ---- | C] () -- C:\Program Files\install_easyshare.exe
[2005/01/02 17:42:52 | 000,000,739 | ---- | C] () -- C:\WINDOWS\STImgBrowser.INI
[2004/10/19 19:21:57 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\Regobj.dll
[2004/10/03 23:16:11 | 000,000,354 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/10/03 22:58:56 | 000,000,354 | ---- | C] () -- C:\WINDOWS\Hqcmwhjw.ini
[2004/09/06 11:50:15 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/09/06 11:50:15 | 000,000,027 | ---- | C] () -- C:\WINDOWS\upth.ini
[2004/05/16 21:06:12 | 000,003,998 | ---- | C] () -- C:\WINDOWS\dpusys.ini
[2004/03/29 20:14:35 | 000,014,806 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/03/24 17:07:41 | 000,065,864 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2004/03/24 17:07:41 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll
[2004/03/24 17:07:40 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll
[2004/03/24 17:07:40 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\dc240u.sys
[2004/03/24 17:07:19 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2004/03/24 16:42:57 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Pex.INI
[2004/03/24 03:43:44 | 000,215,552 | ---- | C] () -- C:\Documents and Settings\Jonathan Murray\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/03/24 00:52:40 | 000,000,015 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DirectCDUserNameE.txt
[2004/03/23 21:07:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2004/03/23 21:05:53 | 000,000,283 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2004/03/23 20:59:40 | 000,000,397 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2004/03/23 20:38:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TTPlat.ini
[2004/03/23 20:04:17 | 000,000,050 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/03/23 19:18:01 | 001,760,378 | ---- | C] () -- C:\Program Files\aaw6.exe
[2004/03/23 18:53:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/03/23 18:45:04 | 000,040,960 | ---- | C] () -- C:\WINDOWS\LoadDll.dll
[2004/03/23 18:42:31 | 000,000,589 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/03/23 18:41:58 | 000,000,820 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/03/23 18:41:58 | 000,000,185 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2004/03/23 18:39:06 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2004/01/22 13:00:28 | 000,012,635 | ---- | C] () -- C:\WINDOWS\System32\DAntivirus.ini
[2003/03/27 15:28:44 | 000,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2001/08/23 15:00:00 | 000,022,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\SbcpHid.sys
[2001/07/07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\the boys1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Slideshow3.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Slideshow2.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Slideshow1.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Slideshow0.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Slideshow.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\setlist.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\scottandmike.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Scott stiener at ESPN Zone01.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\scott family.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\scott and amanda.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\rock.bmp:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\redneckBarbie.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\papa roach1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\OURFIRSTCHRISTMAS.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\My Videos:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\My Scans:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\My Projects:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\My Albums:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\me graduation1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Me eating 5 burgers2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\LimeWire:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\jon1.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\JON.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\Incomplete:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG23.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG20.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG19.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG18.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG15.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG14.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\IMG11.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\guitar hero songs:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\granny6.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\granny.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\girls christmas2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\girls christmas1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\girls christmas.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\DSCF00972.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\CyberLink:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\chris farley looking.bmp:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\chris farley acting goofy.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\brandon.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\amanda granny.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\amanda and me.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\am and jon1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\031_6A.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\018_19A.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\015_11.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\012_25A.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\My Documents\009_28A.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jonathan Murray\Desktop\New Folder:Roxio EMC Stream
@Alternate Data Stream - 170 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >

did not see the Extras file on my desktop

Hello.

Please run OTL.exe.

• Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :OTL
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
  O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
  O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - No CLSID value found.
  O2 - BHO: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
  O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {43F02779-6D88-4958-8AD3-83C12D86ADC7} - No CLSID value found.
  
  
  
• Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  
  
• Click the red Run Fix button.
  
• A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTL.exe
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BF43445-2F28-4351-9252-17FE6E806AA0}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4982D40A-C53B-4615-B15B-B5B5E98D167C}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{43F02779-6D88-4958-8AD3-83C12D86ADC7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43F02779-6D88-4958-8AD3-83C12D86ADC7}\ not found.

OTL by OldTimer - Version 3.1.37.3 log created on 03232010_234341

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

Malwarebytes' Anti-Malware 1.44
Database version: 3910
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

03/25/2010 2:51:35 PM
mbam-log-2010-03-25 (14-51-35).txt

Scan type: Quick Scan
Objects scanned: 149474
Time elapsed: 15 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Do you think it has something to do with my router I am using. I am running my router off a modem from another computer in the house. I have to disconnect and connect about 4 times just to get on the internet but it is still really slow and freezes up. I can get on my laptop no problem. It is running off of my router I am using on this computer and works fine. Do you think my router has something to do with my computer running slow and freezing up and svchost.exe running at 100%? Why would my labtop work runing off my router on this computer and this computer not work. I don't know I hope you know how to help me been trying to fix this problem for like 2 months now. I don't know what to do. Don't know if it is my router, if svchost.exe is damaged or if doing a system restore will solve my problem. Thanks

No, I wouldn't think it was that.

Please download Process Explorer from here:
http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

Download and run it, it will show a list of your running processes.
Look under the CPU column and find the svchost.exe that is showing at 100%, then right click > Properties.

When the Properties window opens, go into the Threads tab, there may be 4 items in the list, 1 of them is the item that's eating the CPU.

Please take a screenshot of the Threads tab, and upload the picture at www.tinypic.com

Post back with the image URL.

Hello.
I am researching this, stay with me.

Mr. Belahzar:
I found this helped me out when my machine did the same thing.
solution to the svchost prob:

http://www.online-tech-tips.com/computer-tips/how-to-fix-svchostexe-errors-and-problems-with-high-cpu-usage/

Thebeast28: Please do not make any changes to your computer until Mr. Belahzar instructs you. This may not solve your prob, just trying to help with a reference, but he is the pro at this stuff.

@ wooowooo - Thanks, you gave me an idea.

@ Thebeast28 - Please re-open Process Explorer, hover your mouse over whichever svchost.exe it is that is hogging the CPU.

When you hover your mouse over, it will list services using that 1 instance of svchost.exe, please list which services are shown.

Mr. Belahzar:
I'm glad I could help you one time, I was hoping that it was ok to post that- didn't want to get on anyone's toes, just thought maybe I could save you a min or two - Man, your a machine!
Thank you for helping all the people that you help.

Check out his result, as we have already tried this method:

http://www.GeekPolice.net/virus-spyware-malware-removal-f11/computer-is-freezing-up-and-running-slow-t18340-90.htm#124754

I would also suggest a topic move, so other tech advisors may assist.

DNS Client (dnscache)

Hello.

Go to Start > Run. In the Run box, type in:

services.msc

Hit enter.
Now when the Service control window opens, scroll down the list to find "DNS Client".

Once found, double click on it to open another Window. There is a little drop down Window called "Startup Type", which is set to Automatic right now.
Drop that list down, change it to Disabled.

Press OK and reboot. Does your CPU still spike now?

I think that my of did the trick. Let me try it for a few days and I will let u know if anything changes. Now how do I stop this from happening again?
What antivrius, virus, and firewall programs do i need to help me from this happening again? I don't have a virus program or firewall.

Hello.
This wasn't malware, DNS Client is a legit service used by Windows that obviously decided to go crazy and hog the CPU. That's stopped now.

You aren't running Anti Virus Software

Please install Avira antivirus otherwise you won't be protected.

1) Antivir PersonalEditionClassic
-Free anti-virus software for Windows.
-Detects and removes more than 50,000 viruses. Free support.

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts.

What program should i use for my firewall?

Which of these programs should i keep and delete?
AVP 2009
Ad-aware 6.0
Spybot Search and Destroy
Spyhunter
Superanitspyware Professional
Spyware Doctor
Malwarebytes' Anti-Malware

Hello.

I would recommend uninstalling the following:

Ad-aware 6.0
Spybot Search and Destroy
Spyhunter
Spyware Doctor

SAS and MBAM work well together and don't use many resources, so keep them.

can't install Antivir PersonalEditionClassic

need help!

Hello.
Okay then, lets try Avast.

http://www.avast.com/en-gb/index

What do I do when Avast expires in 30 days?

What is a good firewall to have cause i need one? thanks

We can try AVG if avast doesn't work out too well.

I recommend Online Armour for a good firewall.
https://www.online-armor.com/products-online-armor-free.php

The internet is still slow. It does open right up when i click on firefox but everything else is slow. Like when i type or scroll up and down it freezes. I don't have svchost.exe running at 100% no more which is a good thing. I think system idle process is suppose to be using at least 90 or higher for the computer and internet to run right but it isn't. System idle process runs 90% or higher but not all the time. It keeps switching back and forth every second. Sometimes System use 90% I don't know what to do. I will post a pic of task manager so u can what i am talk about system idle process not the man one using 90% or more of the computer.

Okay, post when ready.

Hello I need help please

Hello.
That screenshot only shows half the list, it might be worth opening a topic in the Operating Systems forum for this, not sure why System Idle Process is hogging the CPU too.

hey when i go to windows task manager then to process. What should i look for like what should be using the most computer usage so that my computer runs right without freezing up. Should system idle process be hogging the cpu or what should for my computer to run right? here is a pic of task manager and what is using most of the cpu.

Hello.
I see a process called PD4.exe using 30k memory, do you know what that is?

no i do not know what PD4.exe is

Okay, stop it and see if it helps, it is using 30k memory which may explain some slow downs.

The CPU in Task Manager is jumping all over the place. Not just one process is using 99% of the CPU it is a whole lot of different process like sometimes svchost.exe is using 99% or system idle process is using 99%. It jumps from different numbers every second to different process and it isn't always 99%. I will send some pics of what i am talking about and pics of what is using most of the computer's memory and maybe you can figure something out cause computer is slow and freezing.
Also the CPU Usage jumps all over the place ever second sometimes it is low at 2% then back up to 100% then to 50%. It goes back and forth the whole time.

see how CPU Usage is at 100% then in a second it will drop down to 2% then back up to 50% 0r 100% then back down. See the different process using CPU it changes all the time.

see what process are using the most memory usage in this pic.

this pic is never the same it jumps around to different processes

Do you have any idea why the internet is still slow and freezing up?

Everything looks good there. How much RAM does this machine have?

480 MB of RAM

so my CPU jumping all over the place is fine foing from 2% to 100% to 45% that is fine you say.

The CPU going up on the System Idle Process is normal, my machine does it too, it doesn't lag my machine though because I have 2GB+ of RAM.

You should upgrade your RAM, it will help so much.

so upgrading my RAM is the only thing i can do to fix this problem. How do i upgrade my RAM?

See here for quick guide:
More: http://pcworld.com/article/129177/how_to_upgrade_your_pcs_ram.html

Also, video tutorial:
https://www.youtube.com/watch?v=OULZH_CjOmg