OTL logfile created on: 11/27/2009 10:08:34 PM - Run 1 OTL by OldTimer - Version 3.1.11.0 Folder = C:\Users\Hillary\Documents\Downloads Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18828) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 73.49% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 173.76 Gb Total Space | 79.02 Gb Free Space | 45.48% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 1.07 Gb Free Space | 10.67% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HILLARY-PC Current User Name: Hillary Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009/11/27 22:08:05 | 00,532,992 | ---- | M] (OldTimer Tools) -- C:\Users\Hillary\Documents\Downloads\OTL.exe PRC - [2009/11/27 13:26:42 | 01,184,912 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2009/11/27 13:26:42 | 00,788,880 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2009/11/17 11:16:09 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe PRC - [2009/11/14 11:51:24 | 01,278,736 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360tray.exe PRC - [2009/11/14 11:51:22 | 00,312,592 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe PRC - [2009/11/02 00:33:24 | 00,525,296 | ---- | M] (Google Inc.) -- C:\Users\Hillary\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2009/11/02 00:33:24 | 00,525,296 | ---- | M] (Google Inc.) -- C:\Users\Hillary\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2009/10/28 20:21:26 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2009/09/05 12:54:46 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009/08/28 12:33:16 | 00,140,648 | ---- | M] (AOL LLC.) -- c:\Program Files\AIM Toolbar\aimtbServer.exe PRC - [2009/08/22 02:21:19 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009/08/22 02:21:19 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009/06/03 13:46:38 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe PRC - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/04/11 01:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2009/04/11 01:28:11 | 01,143,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe PRC - [2009/04/11 01:28:11 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe PRC - [2009/04/11 01:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2009/04/11 01:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe PRC - [2009/04/11 01:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/03/30 15:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009/03/30 15:28:36 | 00,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009/02/24 00:17:54 | 00,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe PRC - [2009/02/06 17:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe PRC - [2009/01/29 23:50:06 | 00,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe PRC - [2009/01/26 14:31:12 | 05,365,592 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2008/09/03 22:54:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2008/03/25 19:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2008/03/25 19:49:00 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe PRC - [2008/03/25 19:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2008/02/22 17:01:38 | 01,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe PRC - [2008/02/15 18:23:20 | 00,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe PRC - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe PRC - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe PRC - [2008/01/19 02:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008/01/19 02:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2008/01/19 02:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2007/12/08 14:34:40 | 00,024,064 | ---- | M] () -- C:\Windows\System32\WLTRYSVC.EXE PRC - [2007/12/08 14:34:10 | 02,506,752 | ---- | M] (Dell Inc.) -- C:\Windows\System32\BCMWLTRY.EXE PRC - [2007/11/01 15:39:28 | 00,189,736 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe PRC - [2007/09/12 18:27:24 | 00,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe PRC - [2007/09/11 00:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe PRC - [2007/09/11 00:43:54 | 00,067,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe PRC - [2007/08/29 13:25:16 | 00,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe PRC - [2007/07/02 13:29:22 | 00,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe PRC - [2007/06/06 16:44:44 | 00,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe PRC - [2007/05/22 14:18:56 | 00,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe PRC - [2007/05/10 01:01:00 | 00,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe PRC - [2007/04/16 23:05:52 | 00,021,504 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\upeksvr.exe PRC - [2007/04/16 22:55:00 | 00,053,776 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\psqltray.exe PRC - [2007/03/11 21:34:40 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe PRC - [2006/11/27 09:14:52 | 00,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe PRC - [2006/10/03 11:37:04 | 00,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe PRC - [2006/09/08 15:10:22 | 00,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe PRC - [1999/12/13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTSVCCDA.EXE [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009/11/27 22:08:05 | 00,532,992 | ---- | M] (OldTimer Tools) -- C:\Users\Hillary\Documents\Downloads\OTL.exe MOD - [2009/04/11 01:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found -- -- (LiveUpdate Notice Ex) SRV - [2009/11/27 13:26:42 | 01,184,912 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2009/11/24 12:42:58 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist) SRV - [2009/11/17 11:16:09 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829) SRV - [2009/11/14 11:51:22 | 00,312,592 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe -- (IS360service) SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2009/09/24 20:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/09/23 16:36:06 | 00,051,168 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2009/08/22 02:21:19 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe -- (Norton Internet Security) SRV - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009/03/30 15:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009/02/24 00:17:54 | 00,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service) SRV - [2009/02/23 23:58:53 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009/01/29 23:50:06 | 00,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008/09/03 22:54:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc) SRV - [2008/07/18 12:13:20 | 00,053,760 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12) SRV - [2008/07/18 12:13:20 | 00,044,032 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12) SRV - [2008/03/25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc) SRV - [2008/03/25 19:38:24 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08) SRV - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service) SRV - [2008/01/19 02:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/19 02:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2008/01/19 02:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr) SRV - [2007/12/08 14:34:40 | 00,024,064 | ---- | M] () -- C:\Windows\System32\WLTRYSVC.EXE -- (wltrysvc) SRV - [2007/09/12 18:27:24 | 02,999,664 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate) SRV - [2007/09/12 18:27:24 | 00,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2007/09/11 00:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0) SRV - [2007/08/29 13:25:16 | 00,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters) SRV - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service) SRV - [2006/11/02 07:34:14 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched) SRV - [2006/11/02 07:34:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart) SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006/09/14 14:54:34 | 00,073,728 | ---- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr) SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [1999/12/13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTSVCCDA.EXE -- (Creative Service for CDROM Access) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0F BF F0 67 2D 6D CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.) IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "AIM Search" FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=135963" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}:4.0.1 FF - prefs.js..extensions.enabledItems: {8CE11043-9A15-4207-A565-0C94C42D590D}:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}:6.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0 FF - prefs.js..extensions.enabledItems: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.7 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.2.3 FF - prefs.js..extensions.enabledItems: search@searchsettings.com:1.2.2 FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20090630 FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query=" FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/25 13:38:33 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/27 19:48:34 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/27 19:48:34 | 00,000,000 | ---D | M] [2009/02/23 23:09:07 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\Mozilla\Extensions [2009/11/27 13:10:48 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\Mozilla\Firefox\Profiles\j1i39yz6.default\extensions [2009/06/25 14:03:16 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\Mozilla\Firefox\Profiles\j1i39yz6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/07/01 15:43:35 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\Mozilla\Firefox\Profiles\j1i39yz6.default\extensions\nasanightlaunch@example.com [2009/09/15 12:43:19 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\Mozilla\Firefox\Profiles\j1i39yz6.default\extensions\personas@christopher.beard [2009/10/13 21:07:03 | 00,004,554 | ---- | M] () -- C:\Users\Hillary\AppData\Roaming\Mozilla\Firefox\Profiles\j1i39yz6.default\searchplugins\aim-search.xml [2009/11/27 21:58:53 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009/11/18 08:19:26 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} [2009/11/27 00:00:16 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D} [2009/02/24 11:29:15 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [2009/09/16 21:57:43 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [2009/09/05 12:55:12 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2009/11/18 08:19:27 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com [2009/11/17 11:16:09 | 00,119,808 | ---- | M] (Google) -- C:\Program Files\Mozilla Firefox\components\GoogleDesktopMozilla.dll [2006/06/15 20:33:58 | 00,233,472 | ---- | M] (C3D) -- C:\Program Files\Mozilla Firefox\plugins\CrazyTalk4Native.dll [2006/05/25 18:43:32 | 00,204,895 | ---- | M] (Reallusion Inc.) -- C:\Program Files\Mozilla Firefox\plugins\ctdomemhelper.dll [2005/09/29 14:41:38 | 00,077,824 | ---- | M] (Reallusion Inc.) -- C:\Program Files\Mozilla Firefox\plugins\ctframeplayerobject.dll [2006/06/19 13:10:42 | 00,426,081 | ---- | M] (Reallusion Inc.) -- C:\Program Files\Mozilla Firefox\plugins\ctplayerobject.dll [2005/02/02 12:19:12 | 00,458,752 | ---- | M] (BEXTech) -- C:\Program Files\Mozilla Firefox\plugins\imagickrt.dll [2009/01/16 18:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll [2009/07/07 16:20:42 | 00,061,440 | ---- | M] (AOL LLC) -- C:\Program Files\Mozilla Firefox\plugins\npdnu.dll [2009/07/07 16:20:42 | 00,065,536 | ---- | M] (AOL LLC) -- C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll [2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL [2006/01/03 16:00:40 | 00,069,632 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npRLCT4Player.dll [2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll [2006/04/10 18:35:38 | 00,139,264 | ---- | M] (Reallusion Inc.) -- C:\Program Files\Mozilla Firefox\plugins\rlcontentclass.dll [2005/11/09 11:10:06 | 00,204,800 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\RLMusicPacker.dll [2005/11/09 11:42:52 | 00,106,496 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\RLMusicUnpacker.dll [2006/01/04 11:22:00 | 00,212,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\RLVoicePacker.dll [2006/01/04 11:21:44 | 00,167,936 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\RLVoiceUnpacker.dll [2009/11/17 11:16:15 | 00,002,020 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\googledesktop.xml [2009/09/10 02:16:23 | 00,002,221 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\SafeSearch.xml O1 HOSTS File: (358536 bytes) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 12309 more lines... O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.) O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\Windows\System32\TwcToolbarIe7.dll () O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\CoIEPlg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\CoIEPlg.dll (Symantec Corporation) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\System32\WLTRAY.EXE (Dell Inc.) O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.) O4 - HKLM..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe (IObit) O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Fingerprint Reader Suite\launcher.exe (UPEK Inc.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Dealio Toolbar\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Reg Error: Value error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\CoIEPlg.dll (Symantec Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.) O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll File not found O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.) O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{cfb10060-086b-11de-aba5-001e4ce240bc}\Shell - "" = AutoRun O33 - MountPoints2\{cfb10060-086b-11de-aba5-001e4ce240bc}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color] [2009/11/27 21:36:42 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2009/11/27 20:58:48 | 03,895,296 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmttls.dll [2009/11/27 20:58:48 | 00,278,528 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmwlu00.exe [2009/11/27 20:58:47 | 05,967,872 | ---- | C] (Dell Inc.) -- C:\Windows\System32\BCMWLCPL.CPL [2009/11/27 20:58:47 | 00,065,536 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\wltrynt.dll [2009/11/27 20:58:46 | 03,444,736 | ---- | C] (Dell Inc.) -- C:\Windows\System32\WLTRAY.EXE [2009/11/27 20:58:46 | 02,506,752 | ---- | C] (Dell Inc.) -- C:\Windows\System32\BCMWLTRY.EXE [2009/11/27 20:58:44 | 03,579,904 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmihvsrv.dll [2009/11/27 20:58:44 | 03,244,032 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmihvui.dll [2009/11/27 20:58:43 | 01,044,984 | ---- | C] (Broadcom Corp.) -- C:\Windows\System32\drivers\BCMWL6.SYS [2009/11/27 15:34:10 | 00,000,000 | ---D | C] -- C:\Users\Hillary\AppData\Roaming\Malwarebytes [2009/11/27 15:33:52 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2009/11/27 15:33:50 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2009/11/27 15:33:49 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2009/11/27 15:33:49 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009/11/27 13:29:52 | 00,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys [2009/11/27 13:28:50 | 00,093,360 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2009/11/27 13:21:21 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2009/11/27 13:20:37 | 00,000,000 | -H-D | C] -- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} [2009/11/26 20:51:08 | 00,000,000 | -HSD | C] -- C:\Users\Hillary\AppData\Roaming\System [2009/11/26 20:51:07 | 00,000,000 | ---D | C] -- C:\Users\Hillary\AppData\Roaming\Mozilla Firefox [2009/11/26 20:45:00 | 00,000,000 | ---D | C] -- C:\Users\Hillary\AppData\Local\Symantec [2009/11/24 12:43:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Citrix [2009/11/24 12:42:59 | 00,000,000 | ---D | C] -- C:\Program Files\Citrix [2009/11/24 12:42:53 | 00,000,000 | ---D | C] -- C:\Users\Hillary\AppData\Local\Citrix [2009/11/20 12:57:04 | 00,000,000 | ---D | C] -- C:\Users\Hillary\AppData\Roaming\skypePM [2009/11/20 12:42:06 | 00,000,000 | ---D | C] -- C:\Users\Hillary\AppData\Roaming\Skype [2009/11/20 12:41:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2009/11/20 12:41:50 | 00,000,000 | R--D | C] -- C:\Program Files\Skype [2009/11/20 12:41:44 | 00,000,000 | ---D | C] -- C:\ProgramData\Skype [2009/11/18 08:19:26 | 00,000,000 | ---D | C] -- C:\Program Files\Dealio Toolbar [color=#E56717]========== Files - Modified Within 14 Days ==========[/color] [2009/11/27 22:08:51 | 07,077,888 | -HS- | M] () -- C:\Users\Hillary\NTUSER.DAT [2009/11/27 22:05:22 | 01,481,988 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2009/11/27 22:05:22 | 00,667,842 | ---- | M] () -- C:\Windows\System32\perfh00A.dat [2009/11/27 22:05:22 | 00,598,588 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2009/11/27 22:05:22 | 00,130,018 | ---- | M] () -- C:\Windows\System32\perfc00A.dat [2009/11/27 22:05:22 | 00,102,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2009/11/27 22:00:30 | 00,028,029 | ---- | M] () -- C:\ProgramData\nvModes.dat [2009/11/27 22:00:29 | 00,028,029 | ---- | M] () -- C:\ProgramData\nvModes.001 [2009/11/27 21:58:47 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/11/27 21:58:46 | 00,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/11/27 21:58:46 | 00,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/11/27 21:58:21 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/11/27 21:57:34 | 00,524,288 | -HS- | M] () -- C:\Users\Hillary\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms [2009/11/27 21:57:34 | 00,065,536 | -HS- | M] () -- C:\Users\Hillary\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf [2009/11/27 21:57:12 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2009/11/27 21:36:43 | 00,001,876 | ---- | M] () -- C:\Users\Hillary\Desktop\HijackThis.lnk [2009/11/27 21:28:53 | 02,441,978 | -H-- | M] () -- C:\Users\Hillary\AppData\Local\IconCache.db [2009/11/27 21:27:51 | 00,001,929 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2009/11/27 21:13:00 | 00,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-731749000-976430330-979497263-1000UA.job [2009/11/27 20:59:29 | 00,744,740 | ---- | M] () -- C:\Windows\System32\oem22.inf [2009/11/27 20:58:34 | 00,022,729 | ---- | M] () -- C:\newkey [2009/11/27 20:58:34 | 00,022,729 | ---- | M] () -- C:\newfile.enc [2009/11/27 15:34:02 | 00,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/11/27 14:13:03 | 00,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-731749000-976430330-979497263-1000Core.job [2009/11/27 13:47:54 | 00,358,536 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts [2009/11/27 13:40:25 | 00,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2009/11/27 13:28:03 | 00,093,360 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2009/11/27 13:27:58 | 00,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe [2009/11/27 13:24:26 | 00,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk [2009/11/24 12:42:53 | 00,061,224 | ---- | M] () -- C:\Users\Hillary\GoToAssistDownloadHelper.exe [2009/11/21 10:05:32 | 00,356,660 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20091127-134754.backup [2009/11/21 09:35:43 | 00,000,875 | ---- | M] () -- C:\Users\Public\Desktop\IObit Security 360.lnk [2009/11/20 12:57:07 | 00,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat [2009/11/20 12:41:54 | 00,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2009/11/20 10:55:51 | 00,001,720 | ---- | M] () -- C:\Users\Public\Desktop\jGRASP.lnk [2009/11/18 14:03:49 | 00,044,544 | ---- | M] () -- C:\Users\Hillary\Documents\Spring2010.xls [2009/11/18 08:19:55 | 00,001,052 | ---- | M] () -- C:\Users\Public\Desktop\The Weather Channel Desktop .lnk [2009/11/15 11:20:20 | 00,352,008 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20091121-100532.backup [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009/11/27 21:36:42 | 00,001,876 | ---- | C] () -- C:\Users\Hillary\Desktop\HijackThis.lnk [2009/11/27 21:27:51 | 00,001,929 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2009/11/27 20:59:42 | 00,744,740 | ---- | C] () -- C:\Windows\System32\oem22.inf [2009/11/27 20:58:47 | 00,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll [2009/11/27 20:58:45 | 00,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE [2009/11/27 15:34:02 | 00,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/11/27 15:05:15 | 00,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe [2009/11/27 13:40:25 | 00,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009/11/27 13:24:26 | 00,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk [2009/11/24 12:42:52 | 00,061,224 | ---- | C] () -- C:\Users\Hillary\GoToAssistDownloadHelper.exe [2009/11/21 09:35:43 | 00,000,875 | ---- | C] () -- C:\Users\Public\Desktop\IObit Security 360.lnk [2009/11/20 12:57:07 | 00,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2009/11/20 12:41:54 | 00,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2009/11/18 14:03:19 | 00,044,544 | ---- | C] () -- C:\Users\Hillary\Documents\Spring2010.xls [2009/08/31 12:06:13 | 00,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll [2009/08/03 14:07:42 | 00,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/07/22 22:38:57 | 00,331,776 | ---- | C] () -- C:\Windows\System32\TwcToolbarIe7.dll [2009/07/22 22:38:57 | 00,098,304 | ---- | C] () -- C:\Windows\System32\TwcToolbarBho.dll [2009/05/30 12:24:42 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/02/26 17:33:06 | 00,050,176 | ---- | C] () -- C:\Users\Hillary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/02/25 23:36:31 | 00,008,707 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate [2009/02/25 21:48:34 | 00,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini [2009/02/25 21:48:33 | 00,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll [2009/02/25 21:48:33 | 00,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll [2009/02/24 17:11:12 | 00,000,082 | ---- | C] () -- C:\Windows\sbwin.ini [2009/02/24 17:01:49 | 00,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL [2009/02/24 17:01:47 | 00,000,138 | ---- | C] () -- C:\Windows\wininit.ini [2009/02/24 12:04:00 | 00,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en [2009/02/24 11:10:01 | 00,028,029 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009/02/24 11:10:00 | 00,028,029 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009/02/24 01:53:24 | 00,000,680 | ---- | C] () -- C:\Users\Hillary\AppData\Local\d3d9caps.dat [2007/08/06 18:22:15 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006/11/02 07:34:20 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/09/16 23:36:50 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006/09/16 23:36:50 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2005/05/06 19:06:00 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [color=#E56717]========== LOP Check ==========[/color] [2009/02/23 23:38:07 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\acccore [2009/05/01 11:10:43 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2009/09/16 22:32:09 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\Helios [2009/09/30 21:51:40 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\IDM [2009/09/29 20:10:56 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\IObit [2009/08/31 12:06:06 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\iolo [2009/11/05 14:43:45 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\JCreator [2009/09/30 21:51:48 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\NBC Direct [2009/09/05 12:58:48 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\OpenOffice.org [2009/11/27 12:21:56 | 00,000,000 | -HSD | M] -- C:\Users\Hillary\AppData\Roaming\System [2009/11/24 12:37:35 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\SystemRequirementsLab [2009/02/24 09:16:12 | 00,000,000 | ---D | M] -- C:\Users\Hillary\AppData\Roaming\tmp [2009/11/27 21:57:12 | 00,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >