Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Yahoo Redirect


  • Please log in to reply

#1
Road_House_54

Road_House_54

    New Member

  • Member
  • Pip
  • 2 posts
I am currently experiencing problems with one website. I play a text base game online (www.torn.com) and it used to take a fraction of a second to load a page now it takes just shy of 4 minutes to load a page if my browser doesn't get redirected to (http://search.yahoo....?fr=slv502-msgr). This problem doesn't occur on any other site and its only on this computer. I have verified that it wasn't a problem with the site by asking other users and by going using that site on other computers. I tried going through the process for the google redirect virus on the forum but it didn't detect a problem.

OTL logfile created on: 6/15/2011 12:05:34 PM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Randal Gifford\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 56.90% Memory free
7.81 Gb Paging File | 5.72 Gb Available in Paging File | 73.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 219.97 Gb Total Space | 116.39 Gb Free Space | 52.91% Space Free | Partition Type: NTFS
Drive D: | 12.72 Gb Total Space | 2.13 Gb Free Space | 16.72% Space Free | Partition Type: NTFS

Computer Name: RANDALGIFFORD | User Name: Randal Gifford | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/15 11:11:26 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Randal Gifford\Desktop\OTL.exe
PRC - [2011/05/16 07:51:00 | 022,119,824 | ---- | M] (magicJack L.P.) -- C:\Users\Randal Gifford\AppData\Roaming\mjusbsp\magicJack.exe
PRC - [2011/05/06 12:44:51 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/10/14 12:54:14 | 000,300,656 | ---- | M] (Speedbit Ltd.) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2010/10/14 12:54:14 | 000,140,920 | ---- | M] (Speedbit Ltd.) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe
PRC - [2010/10/14 12:47:14 | 002,836,656 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files (x86)\DAP\DAP.exe
PRC - [2010/09/17 13:21:00 | 000,301,648 | ---- | M] (CA) -- C:\Program Files (x86)\CA\SharedComponents\HIPSEngine\UmxPol.exe
PRC - [2010/08/24 13:07:34 | 000,740,160 | ---- | M] (CA) -- C:\Program Files (x86)\CA\SharedComponents\HIPSEngine\UmxCfg.exe
PRC - [2010/06/02 19:56:01 | 002,937,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2010/04/30 09:47:00 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2009/08/31 10:49:52 | 000,107,176 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe
PRC - [2009/07/23 22:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/07/23 13:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/06/04 20:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe


========== Modules (SafeList) ==========

MOD - [2011/06/15 11:11:26 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Randal Gifford\Desktop\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/05/19 10:47:58 | 000,359,248 | ---- | M] (CA, Inc.) [On_Demand | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV:64bit: - [2011/05/19 10:47:58 | 000,285,520 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV:64bit: - [2010/11/12 12:19:52 | 000,301,568 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe -- (CAISafe)
SRV:64bit: - [2010/11/11 02:53:46 | 000,292,168 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\caamsvc.exe -- (CAAMSvc)
SRV:64bit: - [2010/03/23 07:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/08/13 13:08:28 | 001,044,648 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdncoms.exe -- (lxdn_device)
SRV:64bit: - [2009/08/04 12:42:24 | 001,479,160 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe -- (UmxAgent)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 15:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/06/03 16:38:36 | 000,277,032 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)
SRV:64bit: - [2009/03/27 21:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2009/03/02 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe -- (AESTFilters)
SRV - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/14 12:54:14 | 000,300,656 | ---- | M] (Speedbit Ltd.) [Auto | Running] -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2010/09/17 13:21:00 | 000,301,648 | ---- | M] (CA) [Auto | Running] -- C:\Program Files (x86)\CA\SharedComponents\HIPSEngine\UmxPol.exe -- (UmxPol)
SRV - [2010/08/24 13:07:34 | 000,740,160 | ---- | M] (CA) [Auto | Running] -- C:\Program Files (x86)\CA\SharedComponents\HIPSEngine\UmxCfg.exe -- (UmxCfg)
SRV - [2010/04/30 09:47:00 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/13 09:08:12 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxdncoms.exe -- (lxdn_device)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/09/17 13:21:04 | 000,143,952 | ---- | M] (CA) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV:64bit: - [2010/06/09 07:54:42 | 000,337,744 | ---- | M] (CA) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\KmxCfg.sys -- (KmxCfg)
DRV:64bit: - [2010/05/27 22:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/03/22 14:58:42 | 000,108,024 | ---- | M] (CA) [File_System | System | Running] -- C:\Windows\SysNative\drivers\KmxAgent.sys -- (KmxAgent)
DRV:64bit: - [2010/03/01 22:48:14 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/03/01 22:48:14 | 000,139,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2009/11/20 23:14:33 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/10/25 05:44:34 | 000,067,840 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\S3XXx64.sys -- (S3XXx64)
DRV:64bit: - [2009/10/09 21:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/09/28 10:55:42 | 000,051,760 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\OXSDIDRV_x64.sys -- (OXSDIDRV_x64) Oxford Semi eSATA Filter (x64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:31:00 | 000,233,472 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 16:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/08 15:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 15:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/29 13:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/06/24 14:00:00 | 000,216,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 15:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/29 10:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009/04/06 20:31:08 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...bestbuy&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...bestbuy&pf=cnnb
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...bestbuy&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en-maktoob.yahoo.com/
IE - HKCU\..\URLSearchHook: {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://en-maktoob.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {9EB34849-81D3-4841-939D-666D522B889A}:1.4.0.90
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.5.0.0
FF - prefs.js..extensions.enabledItems: {EBFCD017-BCAD-42C3-9ED5-89DBDFC59171}:2.0.7
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/08/09 03:53:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/06 12:44:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/06 12:44:55 | 000,000,000 | ---D | M]

[2010/05/15 00:45:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Randal Gifford\AppData\Roaming\Mozilla\Extensions
[2010/05/15 00:45:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Randal Gifford\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/06/15 12:06:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Randal Gifford\AppData\Roaming\Mozilla\Firefox\Profiles\lgf0y907.default\extensions
[2011/06/15 10:56:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Randal Gifford\AppData\Roaming\Mozilla\Firefox\Profiles\lgf0y907.default\extensions\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
[2011/06/08 20:40:30 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Randal Gifford\AppData\Roaming\Mozilla\Firefox\Profiles\lgf0y907.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011/05/09 01:24:32 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Randal Gifford\AppData\Roaming\Mozilla\Firefox\Profiles\lgf0y907.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/10/10 13:54:10 | 000,000,000 | ---D | M] (WebSlingPlayer) -- C:\Users\Randal Gifford\AppData\Roaming\Mozilla\Firefox\Profiles\lgf0y907.default\extensions\{9EB34849-81D3-4841-939D-666D522B889A}
[2011/05/09 01:24:34 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Randal Gifford\AppData\Roaming\Mozilla\Firefox\Profiles\lgf0y907.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/05/09 01:24:27 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Randal Gifford\AppData\Roaming\Mozilla\Firefox\Profiles\lgf0y907.default\extensions\[email protected]
[2011/06/15 12:06:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Randal Gifford\AppData\Roaming\Mozilla\Firefox\Profiles\lgf0y907.default\extensions\staged
[2011/02/21 16:07:30 | 000,002,427 | ---- | M] () -- C:\Users\Randal Gifford\AppData\Roaming\Mozilla\Firefox\Profiles\lgf0y907.default\searchplugins\askcom.xml
[2011/04/23 12:06:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/09/10 10:26:11 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/05/15 01:57:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/11 07:17:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/20 08:19:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/20 04:17:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/23 12:06:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2010/10/14 12:47:14 | 000,000,000 | ---D | M] (Download Accelerator Plus (DAP) extension) -- C:\PROGRAM FILES (X86)\DAP\DAPFIREFOX
[2010/10/15 07:53:58 | 000,000,000 | ---D | M] (SpeedBit) -- C:\PROGRAM FILES (X86)\SPEEDBIT TOOLBAR\SPFIREFOX
[2011/05/06 12:44:51 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/04/23 12:05:42 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/06/02 19:56:01 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll
[2011/05/06 12:44:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/15 10:43:17 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files (x86)\DAP\DAPIELoader64.dll (SpeedBit Ltd.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files (x86)\SearchPredict\SearchPredict.dll (Speedbit Ltd.)
O2 - BHO: (SPEEDBIT1 Class) - {425E30F0-CCC6-4E24-BBEB-BCBD31720B37} - C:\Program Files (x86)\SpeedBit Toolbar\Toolbar\tbcore3.dll ()
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files (x86)\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SpeedBit) - {EBFCD017-BCAD-42C3-9ED5-89DBDFC59171} - C:\Program Files (x86)\SpeedBit Toolbar\Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit) - {EBFCD017-BCAD-42C3-9ED5-89DBDFC59171} - C:\Program Files (x86)\SpeedBit Toolbar\Toolbar\tbcore3.dll ()
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4:64bit: - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
O4:64bit: - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxdnmon.exe] C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [masqform.exe] C:\Program Files (x86)\PureEdge\Viewer 6.5\masqform.exe (PureEdge™ Solutions Inc.)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [cdloader] C:\Users\Randal Gifford\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files (x86)\DAP\DAP.EXE (SpeedBit Ltd.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O8:64bit: - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm ()
O8:64bit: - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8:64bit: - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000020 - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\SysWow64\VetRedir.dll (Computer Associates International, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 4.2.2.4
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - Reg Error: Key error. - File not found
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\Windows\SysWow64\UmxWNP.dll (CA)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\F\Shell\phone\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/15 11:11:17 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Randal Gifford\Desktop\OTL.exe
[2011/06/15 10:57:42 | 000,000,000 | ---D | C] -- C:\Users\Randal Gifford\Desktop\tdsskiller
[2011/06/15 10:56:01 | 000,000,000 | ---D | C] -- C:\Users\Randal Gifford\Desktop\GooredFix Backups
[2011/06/15 10:55:34 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\Randal Gifford\Desktop\GooredFix.exe
[2011/06/15 10:43:16 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/06/15 10:42:00 | 000,522,752 | ---- | C] (OldTimer Tools) -- C:\Users\Randal Gifford\Desktop\OTM.exe
[2011/06/15 10:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/06/15 10:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/06/15 05:55:33 | 000,000,000 | ---D | C] -- C:\Users\Randal Gifford\AppData\Local\Google
[2011/06/09 06:28:12 | 000,000,000 | ---D | C] -- C:\Users\Randal Gifford\AppData\Local\Garmin
[2011/06/09 06:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Garmin
[2011/06/09 06:27:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[2011/06/09 06:19:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin
[2011/06/08 20:40:38 | 000,000,000 | ---D | C] -- C:\Users\Randal Gifford\AppData\Roaming\GARMIN
[2011/06/06 20:23:49 | 000,039,192 | ---- | C] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2011/06/06 20:20:39 | 000,000,000 | ---D | C] -- C:\Users\Randal Gifford\Documents\RegRun2
[2011/06/06 20:20:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UnHackMe
[2009/10/27 22:10:48 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdninpa.dll
[2009/10/27 22:10:48 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdniesc.dll
[2009/10/27 22:10:47 | 001,101,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdnserv.dll
[2009/10/27 22:10:47 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdnusb1.dll
[2009/10/27 22:10:47 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdnpmui.dll
[2009/10/27 22:10:47 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdnlmpm.dll
[2009/10/27 22:10:47 | 000,320,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdnih.exe
[2009/10/27 22:10:47 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdnprox.dll
[2009/10/27 22:10:46 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdncomc.dll
[2009/10/27 22:10:46 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdnhbn3.dll
[2009/10/27 22:10:46 | 000,594,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdncoms.exe
[2009/10/27 22:10:46 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdncomm.dll
[2009/10/27 22:10:46 | 000,365,224 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdncfg.exe

========== Files - Modified Within 30 Days ==========

[2011/06/15 12:00:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3407523034-4087836082-2259736672-1001UA.job
[2011/06/15 11:11:26 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Randal Gifford\Desktop\OTL.exe
[2011/06/15 11:00:50 | 000,001,023 | ---- | M] () -- C:\Users\Randal Gifford\Desktop\magicJack.lnk
[2011/06/15 10:57:28 | 001,305,136 | ---- | M] () -- C:\Users\Randal Gifford\Desktop\tdsskiller.zip
[2011/06/15 10:57:23 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/15 10:57:23 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/15 10:55:36 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Users\Randal Gifford\Desktop\GooredFix.exe
[2011/06/15 10:50:02 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2011/06/15 10:49:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/15 10:49:33 | 3145,089,024 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/15 10:49:03 | 000,009,429 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxcfg.u2k0
[2011/06/15 10:49:03 | 000,000,293 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxcfg.u2k1
[2011/06/15 10:49:03 | 000,000,085 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxcfg.u2k7
[2011/06/15 10:49:03 | 000,000,085 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxcfg.u2k6
[2011/06/15 10:49:03 | 000,000,085 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxcfg.u2k5
[2011/06/15 10:49:03 | 000,000,085 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxcfg.u2k4
[2011/06/15 10:49:03 | 000,000,085 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxcfg.u2k3
[2011/06/15 10:49:03 | 000,000,085 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxcfg.u2k2
[2011/06/15 10:49:03 | 000,000,049 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxzone.u2k7
[2011/06/15 10:49:03 | 000,000,049 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxzone.u2k6
[2011/06/15 10:49:03 | 000,000,049 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxzone.u2k5
[2011/06/15 10:49:03 | 000,000,049 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxzone.u2k4
[2011/06/15 10:49:03 | 000,000,049 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxzone.u2k3
[2011/06/15 10:49:03 | 000,000,049 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxzone.u2k2
[2011/06/15 10:49:03 | 000,000,049 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxzone.u2k1
[2011/06/15 10:49:03 | 000,000,049 | ---- | M] () -- C:\Windows\SysWow64\drivers\kmxzone.u2k0
[2011/06/15 10:43:17 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/06/15 10:42:07 | 000,522,752 | ---- | M] (OldTimer Tools) -- C:\Users\Randal Gifford\Desktop\OTM.exe
[2011/06/15 10:32:47 | 000,020,040 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/06/15 10:22:06 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2011/06/15 06:00:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3407523034-4087836082-2259736672-1001Core.job
[2011/06/14 10:18:34 | 1676,475,840 | ---- | M] () -- C:\Users\Randal Gifford\Desktop\I Am Number Four.avi
[2011/06/14 10:14:22 | 1334,300,254 | ---- | M] () -- C:\Users\Randal Gifford\Desktop\Unknown.avi
[2011/06/14 07:28:21 | 1579,988,686 | ---- | M] () -- C:\Users\Randal Gifford\Desktop\The Adjustment Bureau.avi
[2011/06/14 06:37:16 | 1469,605,888 | ---- | M] () -- C:\Users\Randal Gifford\Desktop\Hanna.avi
[2011/06/14 06:34:37 | 1572,498,620 | ---- | M] () -- C:\Users\Randal Gifford\Desktop\Paul.avi
[2011/06/14 06:03:34 | 1314,890,392 | ---- | M] () -- C:\Users\Randal Gifford\Desktop\Hall Pass.avi
[2011/06/14 05:52:20 | 1856,275,350 | ---- | M] () -- C:\Users\Randal Gifford\Desktop\Just Go with It.avi
[2011/06/13 13:39:16 | 000,000,084 | ---- | M] () -- C:\Users\Randal Gifford\Desktop\Weight Lifting Charts.URL
[2011/06/12 20:08:09 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRandal Gifford.job
[2011/06/12 06:41:17 | 000,011,974 | ---- | M] () -- C:\Users\Randal Gifford\AppData\Roaming\wklnhst.dat
[2011/06/09 06:32:21 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/09 06:32:21 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/09 06:32:21 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/06 20:27:10 | 000,000,051 | ---- | M] () -- C:\Windows\SysWow64\Partizan.RRI
[2011/06/06 20:23:49 | 000,039,192 | ---- | M] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2011/06/06 20:20:44 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2011/06/06 20:20:44 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\CONFIG.NT
[2011/06/06 20:20:44 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2011/06/04 07:19:33 | 000,001,401 | ---- | M] () -- C:\Users\Randal Gifford\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/03 13:30:11 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/06/03 13:30:09 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/05/22 13:47:38 | 000,001,854 | ---- | M] () -- C:\Users\Randal Gifford\AppData\Roaming\GhostObjGAFix.xml
[2011/05/19 16:02:57 | 000,000,000 | -H-- | M] () -- C:\Users\Randal Gifford\Documents\Default.rdp

========== Files Created - No Company Name ==========

[2011/06/15 10:56:41 | 001,305,136 | ---- | C] () -- C:\Users\Randal Gifford\Desktop\tdsskiller.zip
[2011/06/15 10:22:06 | 000,020,040 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/06/15 10:22:06 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2011/06/15 05:55:34 | 000,000,944 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3407523034-4087836082-2259736672-1001UA.job
[2011/06/15 05:55:34 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3407523034-4087836082-2259736672-1001Core.job
[2011/06/14 05:55:45 | 1469,605,888 | ---- | C] () -- C:\Users\Randal Gifford\Desktop\Hanna.avi
[2011/06/14 05:48:31 | 1572,498,620 | ---- | C] () -- C:\Users\Randal Gifford\Desktop\Paul.avi
[2011/06/14 05:37:28 | 1579,988,686 | ---- | C] () -- C:\Users\Randal Gifford\Desktop\The Adjustment Bureau.avi
[2011/06/14 05:35:50 | 1334,300,254 | ---- | C] () -- C:\Users\Randal Gifford\Desktop\Unknown.avi
[2011/06/14 05:32:27 | 1676,475,840 | ---- | C] () -- C:\Users\Randal Gifford\Desktop\I Am Number Four.avi
[2011/06/14 05:27:19 | 1856,275,350 | ---- | C] () -- C:\Users\Randal Gifford\Desktop\Just Go with It.avi
[2011/06/14 05:27:19 | 1314,890,392 | ---- | C] () -- C:\Users\Randal Gifford\Desktop\Hall Pass.avi
[2011/06/13 13:39:16 | 000,000,084 | ---- | C] () -- C:\Users\Randal Gifford\Desktop\Weight Lifting Charts.URL
[2011/06/12 13:19:29 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForRandal Gifford.job
[2011/06/06 20:23:49 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\Partizan.RRI
[2011/06/06 20:20:44 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2011/06/06 20:20:44 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\CONFIG.NT
[2011/06/06 20:20:44 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2011/06/03 13:30:11 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/06/03 13:30:09 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/05/19 16:02:57 | 000,000,000 | -H-- | C] () -- C:\Users\Randal Gifford\Documents\Default.rdp
[2010/12/26 14:08:20 | 000,001,854 | ---- | C] () -- C:\Users\Randal Gifford\AppData\Roaming\GhostObjGAFix.xml
[2010/11/25 02:40:03 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2010/10/31 03:27:27 | 000,405,227 | ---- | C] () -- C:\Users\Randal Gifford\AppData\Local\tmpIMG00399.0
[2010/10/31 03:27:27 | 000,146,484 | ---- | C] () -- C:\Users\Randal Gifford\AppData\Local\tmpIMG00399.JPG
[2010/10/30 11:08:30 | 000,328,976 | ---- | C] () -- C:\Users\Randal Gifford\AppData\Local\tmpHPIM1490.0
[2010/10/30 11:08:30 | 000,112,984 | ---- | C] () -- C:\Users\Randal Gifford\AppData\Local\tmpHPIM1490.JPG
[2010/10/14 12:38:07 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010/10/11 05:54:06 | 000,631,812 | ---- | C] () -- C:\Users\Randal Gifford\AppData\Local\tmpIMG00364.JPG
[2010/09/10 10:27:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/03/02 13:21:46 | 000,000,017 | ---- | C] () -- C:\Users\Randal Gifford\AppData\Local\resmon.resmoncfg
[2009/12/31 12:40:05 | 002,116,172 | ---- | C] () -- C:\Users\Randal Gifford\AppData\Local\tmpDSCN0095.0
[2009/12/31 12:40:05 | 000,777,591 | ---- | C] () -- C:\Users\Randal Gifford\AppData\Local\tmpDSCN0095.JPG
[2009/11/10 19:06:52 | 000,000,880 | ---- | C] () -- C:\Windows\HBCIKRNL.INI
[2009/10/27 22:10:48 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\LXDNinst.dll
[2009/10/27 22:10:48 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdncomx.dll
[2009/10/26 14:43:45 | 000,011,974 | ---- | C] () -- C:\Users\Randal Gifford\AppData\Roaming\wklnhst.dat
[2009/10/25 23:27:20 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/08/13 22:51:32 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/08/09 01:54:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/07/23 19:49:06 | 000,782,336 | ---- | C] () -- C:\Windows\SysWow64\lxdndrs.dll
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/06/03 14:14:00 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/06/03 14:14:00 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/06/03 14:14:00 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/05/14 13:46:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxdncaps.dll
[2007/10/02 14:51:10 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxdncnv4.dll

========== LOP Check ==========

[2009/12/30 18:51:25 | 000,000,000 | -HSD | M] -- C:\Users\Randal Gifford\AppData\Roaming\.#
[2011/06/14 10:31:27 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\Azureus
[2010/01/12 19:59:58 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/05/08 22:34:45 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1
[2011/06/09 06:28:11 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\GARMIN
[2010/10/04 12:28:39 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\IDM
[2010/08/29 15:08:31 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\Leadertech
[2010/12/01 02:14:47 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\LimeWire
[2011/06/15 11:00:55 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\mjusbsp
[2010/10/04 12:30:51 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\muvee Technologies
[2010/10/04 12:28:42 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\NBC Direct
[2011/05/08 09:08:40 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\Netscape
[2010/02/25 18:41:19 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\PureEdge
[2011/04/23 11:33:02 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\Seagate
[2010/10/10 13:54:19 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\Sling Media
[2009/10/26 14:43:47 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\Template
[2011/04/16 12:17:26 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\TS3Client
[2010/11/18 11:34:14 | 000,000,000 | ---D | M] -- C:\Users\Randal Gifford\AppData\Roaming\Windows Live Writer
[2011/05/02 01:58:40 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:2B11E0DF

< End of report >
  • 0

Advertisements


#2
Road_House_54

Road_House_54

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Bump


Sorry for bumping my post. I thought I read all of the rules for posting but I just re-read them and saw that you aren't supposed to bump.

Edited by Road_House_54, 16 June 2011 - 03:39 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP