Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

searchqu! how can I permanently delete? [Closed]


  • This topic is locked This topic is locked

#1
huggster26

huggster26

    Member

  • Member
  • PipPip
  • 77 posts
I have a malware that has attacked my browser mozilla - called searchqu. This must be living somewhere else because I still cannot use my browser even after re-installing. Get the msg firefox already in use...any suggestions? I have win xp & run a superantispyware & old timer's TFC. how can I get mozilla up & going? u guys are amazing btw - thanks (I hope I have attached the correct errors)

from OTL.txt:

OTL logfile created on: 12/7/2011 11:33:17 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Carolyn\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.07 Mb Total Physical Memory | 365.59 Mb Available Physical Memory | 35.77% Memory free
2.40 Gb Paging File | 1.37 Gb Available in Paging File | 57.07% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 108.95 Gb Free Space | 75.50% Space Free | Partition Type: NTFS

Computer Name: HIGGINS | User Name: Carolyn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/07 11:33:05 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Carolyn\My Documents\Downloads\OTL (1).com
PRC - [2011/11/14 23:39:56 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/11/12 23:48:52 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/11/09 04:42:38 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/10/15 22:11:17 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/01/28 21:26:17 | 001,800,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010/01/28 21:26:15 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2009/04/23 05:29:18 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/04/23 05:29:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/02/10 10:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009/02/03 07:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/17 13:04:58 | 000,263,456 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFTray.exe
PRC - [2008/11/17 13:04:54 | 000,070,944 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/09/30 14:06:50 | 000,485,208 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/12 11:24:26 | 001,811,120 | ---- | M] () -- C:\Program Files\Ocucom\PreCast\tmon.exe
PRC - [2007/03/15 10:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/02/16 00:37:31 | 000,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2006/02/09 16:34:54 | 000,106,496 | ---- | M] (Corel, Inc.) -- C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
PRC - [2005/09/14 20:44:14 | 000,065,536 | ---- | M] (ali) -- C:\Program Files\USB Disk Win98 Driver\Res.exe
PRC - [2005/03/23 00:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/03/14 11:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2005/01/21 18:04:42 | 000,163,840 | ---- | M] (Simple Star, Inc.) -- C:\Program Files\Simple Star\PhotoShow Deluxe 3\data\Xtras\mssysmgr.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/06 23:20:31 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/12/06 23:20:31 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/11/14 23:39:54 | 000,420,920 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011/11/14 23:39:53 | 003,702,840 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011/11/14 23:38:16 | 000,122,952 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011/11/14 23:38:15 | 000,222,280 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011/11/14 23:38:14 | 001,746,504 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011/11/14 20:36:18 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/20 00:04:15 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/08/20 00:04:15 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/02/05 12:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2010/01/28 21:26:40 | 001,143,056 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\mach32.dll
MOD - [2009/04/23 23:33:48 | 000,139,264 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\nsldap32v50.dll
MOD - [2009/04/16 12:03:22 | 000,166,400 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\libxslt.dll
MOD - [2009/04/16 12:02:16 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009/02/10 10:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2008/12/02 22:06:43 | 000,028,672 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\script.cav
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/02/12 11:24:26 | 001,811,120 | ---- | M] () -- C:\Program Files\Ocucom\PreCast\tmon.exe


========== Win32 Services (SafeList) ==========

SRV - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/01/28 21:26:15 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2009/02/10 10:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/11/17 13:04:54 | 000,070,944 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2005/03/14 11:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011/12/06 16:16:24 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{88F70BB2-A4F7-4D55-BC26-C92F6310266D}\MpKslc5490b73.sys -- (MpKslc5490b73)
DRV - [2011/07/22 10:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 15:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/07 10:01:34 | 000,134,344 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2010/01/28 21:26:25 | 000,087,104 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010/01/28 21:26:24 | 000,025,160 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2008/11/17 13:05:14 | 000,039,200 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2008/11/17 13:05:12 | 000,033,056 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2008/11/17 13:05:08 | 000,051,488 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2008/04/13 12:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007/04/20 16:44:08 | 000,069,248 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mr97320.sys -- (mr97320)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/02/16 00:37:34 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/08/04 04:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/06/14 22:40:08 | 000,180,864 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/08/10 05:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 05:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/06/16 03:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/06 04:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 04:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 04:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/01/20 12:50:36 | 000,020,648 | ---- | M] (Thomson Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netrcacm.sys -- (netrcacm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.tangosear...om/?useie5=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.mchsd.com;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = walledgarden.mchsd.com:8000

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaultthis.engineName: "Radio TV 1 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrows...?s=DEF&v=13&q="
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.21.1.1
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.12.0.36949
FF - prefs.js..extensions.enabledItems: [email protected]:0.8.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: [email protected]:1.03.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {23ec984e-464c-4a0c-a8df-f80cb8c090e1}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {f29557fd-78aa-40e6-aba8-9fa219764018}:3.3.0.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://dts.search-re...id=406&sr=0&q="
FF - prefs.js..network.proxy.ftp: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.ftp_port: 8000
FF - prefs.js..network.proxy.gopher: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.gopher_port: 8000
FF - prefs.js..network.proxy.http: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.http_port: 8000
FF - prefs.js..network.proxy.no_proxies_on: "*.mchsd.com"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.socks_port: 8000
FF - prefs.js..network.proxy.ssl: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.ssl_port: 8000


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug2;version=2.0.0.0: C:\Program Files\RealArcade\npracplug2.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\Carolyn\Application Data\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\Firefox [2011/04/21 11:35:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/04/22 02:03:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/06 15:29:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/04 15:47:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Carolyn\Application Data\Move Networks [2009/10/11 19:49:23 | 000,000,000 | ---D | M]

[2011/12/05 07:09:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions
[2009/05/02 15:23:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions\[email protected]
[2010/09/16 04:53:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions\[email protected]
[2011/12/05 07:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions
[2009/04/11 10:36:45 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2011/12/05 07:09:18 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2009/05/27 17:50:27 | 000,000,000 | ---D | M] (Chromifox Basic) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\[email protected]
[2009/07/03 09:11:37 | 000,004,207 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\aim-search.xml
[2010/02/07 17:00:41 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\askcom.xml
[2010/11/29 07:10:42 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\bing-zugo.xml
[2010/12/30 17:21:42 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\conduit.xml
[2011/11/30 19:01:39 | 000,001,672 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\mypoints-search.xml
[2011/12/05 07:08:36 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\Search_Results.xml
[2011/12/06 15:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/29 06:37:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\CAROLYN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZU3MSNT.DEFAULT\EXTENSIONS\[email protected]
[2011/09/29 00:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/22 05:49:56 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/04/22 05:49:57 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2009/11/19 15:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/12/19 06:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2009/11/19 15:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2007/04/16 11:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2011/09/28 18:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2009/09/27 11:42:12 | 000,003,700 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.png
[2009/09/27 11:42:12 | 000,001,963 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.xml
[2011/12/05 07:08:36 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml

========== Chrome ==========

CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-re...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPcol500.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Google Gadget Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
CHR - plugin: RealArcade20 Mozilla Plugin (Enabled) = C:\Program Files\RealArcade\npracplug2.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: Add to Amazon Wish List = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.7_0\
CHR - Extension: True Blood 2 = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kgpnfphdpgfhegonhjbmajnfcnajdceb\1_0\

O1 HOSTS File: ([2009/04/11 18:18:07 | 000,001,070 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 82.98.231.89 browser-security.microsoft.com
O1 - Hosts: 82.98.231.89 best-click-scanner.info
O1 - Hosts: 82.98.231.89 antivirus-xp-pro-2009.com
O1 - Hosts: 82.98.231.89 microsoft.infosecuritycenter.com
O1 - Hosts: 82.98.231.89 microsoft.softwaresecurityhelp.com
O1 - Hosts: 82.98.231.89 onlinenotifyq.net
O1 - Hosts: 82.98.231.89 antivirusxp-pro-2009.com
O1 - Hosts: 82.98.231.89 microsoft.browser-security-center.com
O2 - BHO: (ElnkBhoGuard Class) - {00000000-0000-0000-0000-000000000002} - C:\Program Files\EarthLink\Toolbar\EScamBlk.dll (EarthLink, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O2 - BHO: (ElnkScamBHO Class) - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - C:\Program Files\EarthLink\Toolbar\EScamBlk.dll (EarthLink, Inc.)
O2 - BHO: (Reg Error: Value error.) - {2220F2A2-672E-4EF4-AE44-B802D4E38795} - C:\WINDOWS\system32\ljJATMEX.dll File not found
O2 - BHO: (ElnkPubBHO Class) - {512ACF1B-64D9-4928-B382-A80556F28DB4} - C:\Program Files\EarthLink\Toolbar\ElnkPuB.dll (EarthLink, Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (ElnkProtectionBHO Class) - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\Program Files\EarthLink\Toolbar\ProtctIE.dll (EarthLink, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll (Google)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (ElnkLegacyUninstBHO Class) - {E713904C-DF05-4C79-BBAD-02DB923253BE} - C:\Program Files\EarthLink\Toolbar\uninsttb.dll (EarthLink, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (ShopAtHome Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (EarthLink Toolbar) - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files\EarthLink\Toolbar\Toolbar.dll (EarthLink, Inc.)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (EarthLink Toolbar) - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files\EarthLink\Toolbar\Toolbar.dll (EarthLink, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe (Corel, Inc.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.exe (ali)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background File not found
O4 - HKCU..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Simple Star\PhotoShow Deluxe 3\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
O4 - HKCU..\Run: [RebateInformer] C:\PROGRA~1\REBATE~1\REBATE~1.EXE /STARTUP File not found
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PreCast Monitor.lnk = C:\Program Files\Ocucom\PreCast\tmon.exe ()
O4 - Startup: C:\Documents and Settings\Carolyn\Start Menu\Programs\Startup\IMVU.lnk = File not found
O4 - Startup: C:\Documents and Settings\Carolyn\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = -1
O8 - Extra context menu item: &Search - http://edits.mywebse...html?p=ZKfox000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: EarthLink Yahoo Search - C:\Program Files\EarthLink\Toolbar\SearchUI.dll (EarthLink, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Carolyn\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: toontown.com ([play] http in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...p1.0.0.15-3.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://atv.disney.go...y/OTOYAX29b.cab (Groove Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://aolsvc.aol.co...zylomplayer.cab (Zylom Games Player)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} http://a532.g.akamai...0/Installer.exe (Virtools WebPlayer Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai...l/installer.exe (Virtools WebPlayer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD8535B6-108A-4252-832F-6F25B82A4B65}: DhcpNameServer = 192.168.0.1 205.171.3.25
O18 - Protocol\Handler\inbox - No CLSID value found
O18 - Protocol\Handler\rebinfo - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) -C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) -C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (yhbxys.dll) - File not found
O20 - AppInit_DLLs: (c:\windows\system32\latadeti.dll) - File not found
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) -C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 () - http://thumbp1.mail....f=505&fid=Inbox
O24 - Desktop Components:1 () - http://thumbp1.mail....f=505&fid=Inbox
O24 - Desktop Components:2 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (digeste.dll) - File not found
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\ljJATMEX) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 04:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell - "" = AutoRun
O33 - MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/06 15:25:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carolyn\AppData
[2011/12/05 07:13:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Ilivid Player
[2011/12/05 07:08:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2011/12/05 07:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2011/12/05 07:07:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\PackageAware
[2011/08/20 00:00:26 | 012,495,296 | ---- | C] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware.exe
[2011/08/19 08:00:26 | 048,267,960 | ---- | C] (Flexera Software) -- C:\Program Files\PPTWinInstall.3.0.7.exe
[2011/07/19 21:55:04 | 000,589,664 | ---- | C] (Google Inc.) -- C:\Program Files\ChromeSetup.exe
[2010/11/24 14:48:06 | 005,389,804 | ---- | C] (Pipkins, Inc. ) -- C:\Program Files\PSRViewerSetup.exe
[2010/10/17 17:03:02 | 030,164,216 | ---- | C] (Lime Wire LLC) -- C:\Program Files\LimeWireWin(2).exe
[2010/10/05 06:27:47 | 000,874,272 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jxpiinstall(3).exe
[2010/10/05 06:20:41 | 000,714,528 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jxpiinstall(2).exe
[2010/09/17 05:30:48 | 002,320,763 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\autoupdater(2).exe
[2010/06/26 10:52:32 | 001,068,544 | ---- | C] (Coupons.com Incorporated) -- C:\Program Files\CouponPrinter.exe
[2010/05/25 11:45:24 | 003,103,640 | ---- | C] (Javacool Software LLC ) -- C:\Program Files\spywareblastersetup43.exe
[2010/02/24 19:08:09 | 006,667,584 | ---- | C] (DivX, Inc.) -- C:\Program Files\DivXWebPlayerInstaller.exe
[2009/12/25 20:07:32 | 000,410,624 | ---- | C] (OldTimer Tools) -- C:\Program Files\TFC.exe
[2009/12/05 04:53:59 | 025,740,144 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wmp11-windowsxp-x86-enu.exe
[2009/10/30 20:21:40 | 004,301,928 | ---- | C] (Adobe Systems Inc.) -- C:\Program Files\Shockwave_Installer_Slim(2).exe
[2009/10/30 20:18:23 | 000,714,528 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jxpiinstall.exe
[2009/10/29 16:39:46 | 001,925,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flash_player.exe
[2009/05/28 20:02:17 | 003,500,808 | ---- | C] (Adobe Systems Inc.) -- C:\Program Files\Shockwave_Installer_Slim.exe
[2009/05/02 15:18:50 | 016,509,288 | ---- | C] (Lime Wire LLC) -- C:\Program Files\LimeWireWin.exe
[2009/01/10 11:46:22 | 006,479,282 | ---- | C] (Ocucom) -- C:\Program Files\PrecastSetup.exe
[2008/12/03 19:36:45 | 004,283,512 | ---- | C] (W3i, LLC) -- C:\Program Files\ezvideos.exe
[2008/12/02 22:05:19 | 027,206,408 | ---- | C] (COMODO) -- C:\Program Files\CIS_Setup_3.5.55810.432_XP_Vista_x32.exe
[2007/01/20 12:50:31 | 005,971,432 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 2.0.0.1.exe
[2006/05/25 17:24:18 | 001,320,111 | ---- | C] (Fengtao Software Inc. ) -- C:\Program Files\DVDFabDecrypter29.exe
[1 C:\Documents and Settings\Carolyn\*.tmp files -> C:\Documents and Settings\Carolyn\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/07 11:16:02 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005UA.job
[2011/12/07 11:01:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/12/07 07:13:36 | 000,052,331 | ---- | M] () -- C:\Documents and Settings\Carolyn\Desktop\searchqu errors.zip
[2011/12/07 07:13:07 | 000,524,036 | ---- | M] () -- C:\Documents and Settings\Carolyn\Desktop\searchqu errors.evt
[2011/12/06 23:16:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005Core.job
[2011/12/06 16:21:17 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/12/06 16:17:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/06 16:15:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/06 15:30:12 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/06 15:30:12 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/12/06 08:32:28 | 000,006,686 | ---- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2011/12/06 08:32:28 | 000,000,152 | RHS- | M] () -- C:\WINDOWS\System32\3DC448A41C.sys
[2011/12/04 18:02:29 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2011/12/02 15:40:15 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/11/18 11:18:11 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Carolyn\Desktop\Google Chrome.lnk
[2011/11/18 11:18:11 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/10 03:07:01 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/08 06:37:07 | 000,445,798 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/08 06:37:07 | 000,073,004 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\Documents and Settings\Carolyn\*.tmp files -> C:\Documents and Settings\Carolyn\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/07 07:13:36 | 000,052,331 | ---- | C] () -- C:\Documents and Settings\Carolyn\Desktop\searchqu errors.zip
[2011/12/07 07:13:07 | 000,524,036 | ---- | C] () -- C:\Documents and Settings\Carolyn\Desktop\searchqu errors.evt
[2011/12/06 15:30:12 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/06 15:30:12 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/06 15:30:12 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/01/05 18:22:42 | 001,892,352 | ---- | C] () -- C:\WINDOWS\Win98Driver.exe
[2010/11/29 07:05:53 | 001,418,088 | ---- | C] () -- C:\Program Files\MusicManager.exe
[2010/07/24 07:03:36 | 044,089,904 | ---- | C] () -- C:\Program Files\avira_antivir_personal_en.exe
[2010/06/23 16:45:56 | 052,566,928 | ---- | C] () -- C:\Program Files\setup_av_free(2).exe
[2010/05/25 11:42:42 | 002,062,665 | ---- | C] () -- C:\Program Files\spywareguardsetup.exe
[2010/04/24 21:58:13 | 048,417,032 | ---- | C] () -- C:\Program Files\setup_av_free.exe
[2010/04/09 06:19:23 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/27 16:33:26 | 000,000,540 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\AutoGK.ini
[2010/03/27 16:22:29 | 012,341,641 | ---- | C] () -- C:\Program Files\AutoGordianKnot.2.55.Setup.exe
[2010/02/21 20:28:00 | 000,057,086 | ---- | C] () -- C:\Program Files\IowaWeatherMap.jpg
[2009/12/25 18:47:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Perl
[2009/12/25 18:47:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Carolyn\Application Data\PageLibraries
[2009/12/25 18:47:37 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2009/12/25 09:03:20 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/12/19 19:34:16 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\FixVTS.ini
[2009/12/19 18:44:45 | 000,032,944 | ---- | C] () -- C:\Program Files\FixVTS1.603.zip
[2009/12/15 20:31:07 | 001,089,840 | ---- | C] () -- C:\Program Files\yahoomailuploader_0.5.exe
[2009/12/02 18:02:18 | 001,320,837 | ---- | C] () -- C:\Program Files\RADTools19q.exe
[2009/12/02 17:50:56 | 018,030,130 | ---- | C] () -- C:\Program Files\vlc-1.0.3-win32.exe
[2009/11/15 15:34:40 | 032,770,344 | ---- | C] () -- C:\Program Files\yahoo_cinematycoon2_tm6-3.exe
[2009/11/10 08:09:34 | 000,000,044 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2009/11/10 08:09:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2009/10/29 16:39:16 | 000,465,778 | ---- | C] () -- C:\Program Files\gp.xpi
[2009/10/04 07:35:46 | 000,000,593 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2009/10/04 07:35:22 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009/10/04 07:30:55 | 000,000,042 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2009/08/18 09:17:07 | 000,284,184 | ---- | C] () -- C:\Program Files\PopCapPluginInstaller_v2_en.exe
[2009/08/18 09:14:34 | 057,604,344 | ---- | C] () -- C:\Program Files\BWAVol2Setup_1_1.exe
[2009/06/12 14:38:22 | 001,104,331 | ---- | C] () -- C:\Program Files\Genevieve Jr Miss Louisa County.jpg
[2009/06/08 08:32:36 | 000,291,180 | ---- | C] () -- C:\Program Files\myspace_cube.pdf
[2009/06/08 08:30:56 | 000,404,712 | ---- | C] () -- C:\Program Files\myspace_calendar.pdf
[2009/06/07 11:01:57 | 025,083,936 | ---- | C] () -- C:\Program Files\yahoo_annasicecream_tm6-3.exe
[2009/05/11 12:14:45 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009/04/11 18:17:50 | 001,403,901 | -HS- | C] () -- C:\WINDOWS\System32\epenilek.ini
[2009/01/25 15:10:48 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/08 17:01:22 | 000,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/11/30 20:08:46 | 000,907,380 | -HS- | C] () -- C:\WINDOWS\System32\XEMTAJjl.ini
[2008/11/30 20:08:46 | 000,907,313 | -HS- | C] () -- C:\WINDOWS\System32\XEMTAJjl.ini2
[2008/10/18 16:49:28 | 000,343,235 | ---- | C] () -- C:\Program Files\GuiStyle.exe
[2008/10/03 18:58:00 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2008/06/19 18:24:40 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/02/15 15:50:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2007/11/20 18:20:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2007/07/15 09:11:12 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/04/10 12:40:22 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\mr320exd.dll
[2007/04/03 17:45:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\mr320exv.dll
[2007/03/24 13:25:58 | 000,202,071 | ---- | C] () -- C:\Program Files\RipIt4Me.zip
[2007/01/21 07:48:08 | 000,001,168 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/10/04 15:06:42 | 000,128,000 | ---- | C] () -- C:\WINDOWS\Unwise32.exe
[2006/09/17 09:54:55 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\1CA448C43D.sys
[2006/08/27 08:18:14 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/07/10 13:05:45 | 004,445,923 | ---- | C] () -- C:\Program Files\superman_ss_osx.sit.hqx
[2006/07/03 17:06:06 | 000,000,108 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2006/06/23 15:16:55 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2006/06/13 11:19:41 | 000,398,376 | ---- | C] () -- C:\Program Files\msgr75us.exe
[2006/06/12 16:12:26 | 000,000,024 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/06/07 12:34:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ka.ini
[2006/05/25 17:02:57 | 000,899,414 | ---- | C] () -- C:\Program Files\SetupDVDDecrypter_3.5.4.0.exe
[2006/05/25 17:02:26 | 000,793,583 | ---- | C] () -- C:\Program Files\Classic_0.91.7.zip
[2006/05/25 16:48:38 | 001,094,021 | ---- | C] () -- C:\Program Files\dvdshrink32setup.zip
[2006/04/30 14:30:17 | 003,645,968 | ---- | C] () -- C:\Program Files\123freesolitaire.exe
[2006/03/05 17:17:02 | 000,006,686 | ---- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/03/05 17:17:02 | 000,000,152 | RHS- | C] () -- C:\WINDOWS\System32\3DC448A41C.sys
[2006/02/26 06:55:23 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\PFP120JPR.{PB
[2006/02/26 06:55:23 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\PFP120JCM.{PB
[2006/02/20 22:03:25 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/02/20 17:55:02 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\fusioncache.dat
[2006/02/16 00:50:02 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/16 00:41:32 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/02/16 00:37:56 | 000,000,556 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/16 00:36:44 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/02/16 00:12:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/02/16 00:12:54 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/02/16 00:12:26 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 04:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 04:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 04:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 04:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 04:27:59 | 000,372,080 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 04:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 04:18:33 | 000,445,798 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 04:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 04:18:33 | 000,073,004 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 04:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 04:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 04:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 04:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 04:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 04:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 04:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 04:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/06/22 13:37:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/10/15 16:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2011/08/04 21:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\!SASCORE
[2009/03/30 18:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2010/02/13 17:45:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/12/06 06:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010/11/08 18:19:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2011/06/11 19:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2011/04/16 21:18:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2010/06/16 18:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSetup000
[2010/06/16 18:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSetup001
[2010/06/16 18:49:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSetup002
[2010/06/16 18:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSetup003
[2009/12/25 18:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dictionaries
[2008/07/16 07:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA
[2009/12/25 18:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2009/03/29 14:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc
[2007/11/30 10:47:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2007/11/30 11:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2009/12/25 18:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2007/11/30 12:05:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/11/10 08:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/06/08 16:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Qwest
[2006/07/14 09:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2008/02/02 16:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/12/06 16:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/25 18:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2009/07/03 08:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/04/22 17:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visan
[2006/06/07 12:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
[2011/06/04 22:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2006/12/21 21:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/03/30 18:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ZangoSA
[2008/10/04 14:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2011/02/12 08:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/04/16 21:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Canon
[2011/04/22 05:50:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Catalina Marketing Corp
[2006/03/27 11:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\EA
[2011/02/27 09:22:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\eMusic
[2011/07/26 08:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\FrostWire
[2007/11/30 11:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\GameHouse
[2008/11/30 20:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\GetModule
[2009/03/30 18:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Graboid Inc
[2010/04/16 18:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Image Zone Express
[2011/09/30 11:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Inbox Toolbar
[2008/07/11 19:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Jane s Hotel
[2006/02/26 06:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Leadertech
[2009/12/25 18:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Nikon
[2011/05/28 10:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\OpenCandy
[2011/10/05 17:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\OpenOffice.org
[2008/09/18 20:50:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Opera
[2008/12/02 17:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\PCToolsFirewallPlus
[2010/09/16 04:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Philips
[2010/09/16 04:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Philips-Songbird
[2008/08/08 17:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\PlayFirst
[2011/07/11 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\PreCast
[2008/10/04 15:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\QQ Games
[2008/10/03 18:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\QQ Games Plugin
[2007/04/22 14:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\ri4mupdater
[2010/07/29 16:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\RipIt4Me
[2006/12/21 21:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\ScamBlocker
[2007/11/23 14:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Simple Star
[2009/01/10 11:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Terrapin
[2008/10/14 16:59:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Uniblue
[2008/09/12 17:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Viewpoint
[2011/04/22 17:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Visan
[2009/11/21 16:11:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\W Photo Studio
[2009/11/21 16:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\W Photo Studio Viewer
[2009/09/07 07:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Walgreens
[2006/07/03 18:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\WebRenderer
[2006/07/01 08:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Wildfire
[2011/12/06 16:21:17 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/12/07 11:01:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27EEEB5C
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:680DD2F1
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C5A35877
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C202A457
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3A6BC948
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80B291A7
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E36F5B57
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
from extras.txt:

OTL logfile created on: 12/7/2011 11:33:17 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Carolyn\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.07 Mb Total Physical Memory | 365.59 Mb Available Physical Memory | 35.77% Memory free
2.40 Gb Paging File | 1.37 Gb Available in Paging File | 57.07% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 108.95 Gb Free Space | 75.50% Space Free | Partition Type: NTFS

Computer Name: HIGGINS | User Name: Carolyn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/07 11:33:05 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Carolyn\My Documents\Downloads\OTL (1).com
PRC - [2011/11/14 23:39:56 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/11/12 23:48:52 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/11/09 04:42:38 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/10/15 22:11:17 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/01/28 21:26:17 | 001,800,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010/01/28 21:26:15 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2009/04/23 05:29:18 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/04/23 05:29:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/02/10 10:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009/02/03 07:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/17 13:04:58 | 000,263,456 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFTray.exe
PRC - [2008/11/17 13:04:54 | 000,070,944 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/09/30 14:06:50 | 000,485,208 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/12 11:24:26 | 001,811,120 | ---- | M] () -- C:\Program Files\Ocucom\PreCast\tmon.exe
PRC - [2007/03/15 10:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/02/16 00:37:31 | 000,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2006/02/09 16:34:54 | 000,106,496 | ---- | M] (Corel, Inc.) -- C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
PRC - [2005/09/14 20:44:14 | 000,065,536 | ---- | M] (ali) -- C:\Program Files\USB Disk Win98 Driver\Res.exe
PRC - [2005/03/23 00:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/03/14 11:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2005/01/21 18:04:42 | 000,163,840 | ---- | M] (Simple Star, Inc.) -- C:\Program Files\Simple Star\PhotoShow Deluxe 3\data\Xtras\mssysmgr.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/06 23:20:31 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/12/06 23:20:31 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/11/14 23:39:54 | 000,420,920 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011/11/14 23:39:53 | 003,702,840 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011/11/14 23:38:16 | 000,122,952 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011/11/14 23:38:15 | 000,222,280 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011/11/14 23:38:14 | 001,746,504 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011/11/14 20:36:18 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/20 00:04:15 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/08/20 00:04:15 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/02/05 12:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2010/01/28 21:26:40 | 001,143,056 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\mach32.dll
MOD - [2009/04/23 23:33:48 | 000,139,264 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\nsldap32v50.dll
MOD - [2009/04/16 12:03:22 | 000,166,400 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\libxslt.dll
MOD - [2009/04/16 12:02:16 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009/02/10 10:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2008/12/02 22:06:43 | 000,028,672 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\script.cav
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/02/12 11:24:26 | 001,811,120 | ---- | M] () -- C:\Program Files\Ocucom\PreCast\tmon.exe


========== Win32 Services (SafeList) ==========

SRV - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/01/28 21:26:15 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2009/02/10 10:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/11/17 13:04:54 | 000,070,944 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2005/03/14 11:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011/12/06 16:16:24 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{88F70BB2-A4F7-4D55-BC26-C92F6310266D}\MpKslc5490b73.sys -- (MpKslc5490b73)
DRV - [2011/07/22 10:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 15:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/07 10:01:34 | 000,134,344 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2010/01/28 21:26:25 | 000,087,104 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010/01/28 21:26:24 | 000,025,160 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2008/11/17 13:05:14 | 000,039,200 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2008/11/17 13:05:12 | 000,033,056 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2008/11/17 13:05:08 | 000,051,488 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2008/04/13 12:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007/04/20 16:44:08 | 000,069,248 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mr97320.sys -- (mr97320)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/02/16 00:37:34 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/08/04 04:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/06/14 22:40:08 | 000,180,864 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/08/10 05:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 05:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/06/16 03:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/06 04:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 04:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 04:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/01/20 12:50:36 | 000,020,648 | ---- | M] (Thomson Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netrcacm.sys -- (netrcacm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.tangosear...om/?useie5=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.mchsd.com;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = walledgarden.mchsd.com:8000

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaultthis.engineName: "Radio TV 1 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrows...?s=DEF&v=13&q="
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.21.1.1
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.12.0.36949
FF - prefs.js..extensions.enabledItems: [email protected]:0.8.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: [email protected]:1.03.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {23ec984e-464c-4a0c-a8df-f80cb8c090e1}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {f29557fd-78aa-40e6-aba8-9fa219764018}:3.3.0.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://dts.search-re...id=406&sr=0&q="
FF - prefs.js..network.proxy.ftp: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.ftp_port: 8000
FF - prefs.js..network.proxy.gopher: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.gopher_port: 8000
FF - prefs.js..network.proxy.http: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.http_port: 8000
FF - prefs.js..network.proxy.no_proxies_on: "*.mchsd.com"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.socks_port: 8000
FF - prefs.js..network.proxy.ssl: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.ssl_port: 8000


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug2;version=2.0.0.0: C:\Program Files\RealArcade\npracplug2.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\Carolyn\Application Data\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\Firefox [2011/04/21 11:35:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/04/22 02:03:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/06 15:29:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/04 15:47:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Carolyn\Application Data\Move Networks [2009/10/11 19:49:23 | 000,000,000 | ---D | M]

[2011/12/05 07:09:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions
[2009/05/02 15:23:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions\[email protected]
[2010/09/16 04:53:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions\[email protected]
[2011/12/05 07:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions
[2009/04/11 10:36:45 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2011/12/05 07:09:18 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2009/05/27 17:50:27 | 000,000,000 | ---D | M] (Chromifox Basic) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\[email protected]
[2009/07/03 09:11:37 | 000,004,207 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\aim-search.xml
[2010/02/07 17:00:41 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\askcom.xml
[2010/11/29 07:10:42 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\bing-zugo.xml
[2010/12/30 17:21:42 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\conduit.xml
[2011/11/30 19:01:39 | 000,001,672 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\mypoints-search.xml
[2011/12/05 07:08:36 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\Search_Results.xml
[2011/12/06 15:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/29 06:37:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\CAROLYN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZU3MSNT.DEFAULT\EXTENSIONS\[email protected]
[2011/09/29 00:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/22 05:49:56 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/04/22 05:49:57 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2009/11/19 15:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/12/19 06:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2009/11/19 15:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2007/04/16 11:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2011/09/28 18:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2009/09/27 11:42:12 | 000,003,700 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.png
[2009/09/27 11:42:12 | 000,001,963 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.xml
[2011/12/05 07:08:36 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml

========== Chrome ==========

CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-re...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPcol500.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Google Gadget Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
CHR - plugin: RealArcade20 Mozilla Plugin (Enabled) = C:\Program Files\RealArcade\npracplug2.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: Add to Amazon Wish List = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.7_0\
CHR - Extension: True Blood 2 = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kgpnfphdpgfhegonhjbmajnfcnajdceb\1_0\

O1 HOSTS File: ([2009/04/11 18:18:07 | 000,001,070 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 82.98.231.89 browser-security.microsoft.com
O1 - Hosts: 82.98.231.89 best-click-scanner.info
O1 - Hosts: 82.98.231.89 antivirus-xp-pro-2009.com
O1 - Hosts: 82.98.231.89 microsoft.infosecuritycenter.com
O1 - Hosts: 82.98.231.89 microsoft.softwaresecurityhelp.com
O1 - Hosts: 82.98.231.89 onlinenotifyq.net
O1 - Hosts: 82.98.231.89 antivirusxp-pro-2009.com
O1 - Hosts: 82.98.231.89 microsoft.browser-security-center.com
O2 - BHO: (ElnkBhoGuard Class) - {00000000-0000-0000-0000-000000000002} - C:\Program Files\EarthLink\Toolbar\EScamBlk.dll (EarthLink, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O2 - BHO: (ElnkScamBHO Class) - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - C:\Program Files\EarthLink\Toolbar\EScamBlk.dll (EarthLink, Inc.)
O2 - BHO: (Reg Error: Value error.) - {2220F2A2-672E-4EF4-AE44-B802D4E38795} - C:\WINDOWS\system32\ljJATMEX.dll File not found
O2 - BHO: (ElnkPubBHO Class) - {512ACF1B-64D9-4928-B382-A80556F28DB4} - C:\Program Files\EarthLink\Toolbar\ElnkPuB.dll (EarthLink, Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (ElnkProtectionBHO Class) - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\Program Files\EarthLink\Toolbar\ProtctIE.dll (EarthLink, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll (Google)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (ElnkLegacyUninstBHO Class) - {E713904C-DF05-4C79-BBAD-02DB923253BE} - C:\Program Files\EarthLink\Toolbar\uninsttb.dll (EarthLink, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (ShopAtHome Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (EarthLink Toolbar) - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files\EarthLink\Toolbar\Toolbar.dll (EarthLink, Inc.)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (EarthLink Toolbar) - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files\EarthLink\Toolbar\Toolbar.dll (EarthLink, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe (Corel, Inc.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.exe (ali)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background File not found
O4 - HKCU..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Simple Star\PhotoShow Deluxe 3\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
O4 - HKCU..\Run: [RebateInformer] C:\PROGRA~1\REBATE~1\REBATE~1.EXE /STARTUP File not found
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PreCast Monitor.lnk = C:\Program Files\Ocucom\PreCast\tmon.exe ()
O4 - Startup: C:\Documents and Settings\Carolyn\Start Menu\Programs\Startup\IMVU.lnk = File not found
O4 - Startup: C:\Documents and Settings\Carolyn\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = -1
O8 - Extra context menu item: &Search - http://edits.mywebse...html?p=ZKfox000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: EarthLink Yahoo Search - C:\Program Files\EarthLink\Toolbar\SearchUI.dll (EarthLink, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Carolyn\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: toontown.com ([play] http in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...p1.0.0.15-3.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://atv.disney.go...y/OTOYAX29b.cab (Groove Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://aolsvc.aol.co...zylomplayer.cab (Zylom Games Player)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} http://a532.g.akamai...0/Installer.exe (Virtools WebPlayer Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai...l/installer.exe (Virtools WebPlayer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD8535B6-108A-4252-832F-6F25B82A4B65}: DhcpNameServer = 192.168.0.1 205.171.3.25
O18 - Protocol\Handler\inbox - No CLSID value found
O18 - Protocol\Handler\rebinfo - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) -C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) -C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (yhbxys.dll) - File not found
O20 - AppInit_DLLs: (c:\windows\system32\latadeti.dll) - File not found
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) -C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 () - http://thumbp1.mail....f=505&fid=Inbox
O24 - Desktop Components:1 () - http://thumbp1.mail....f=505&fid=Inbox
O24 - Desktop Components:2 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (digeste.dll) - File not found
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\ljJATMEX) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 04:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell - "" = AutoRun
O33 - MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/06 15:25:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carolyn\AppData
[2011/12/05 07:13:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Ilivid Player
[2011/12/05 07:08:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2011/12/05 07:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2011/12/05 07:07:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\PackageAware
[2011/08/20 00:00:26 | 012,495,296 | ---- | C] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware.exe
[2011/08/19 08:00:26 | 048,267,960 | ---- | C] (Flexera Software) -- C:\Program Files\PPTWinInstall.3.0.7.exe
[2011/07/19 21:55:04 | 000,589,664 | ---- | C] (Google Inc.) -- C:\Program Files\ChromeSetup.exe
[2010/11/24 14:48:06 | 005,389,804 | ---- | C] (Pipkins, Inc. ) -- C:\Program Files\PSRViewerSetup.exe
[2010/10/17 17:03:02 | 030,164,216 | ---- | C] (Lime Wire LLC) -- C:\Program Files\LimeWireWin(2).exe
[2010/10/05 06:27:47 | 000,874,272 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jxpiinstall(3).exe
[2010/10/05 06:20:41 | 000,714,528 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jxpiinstall(2).exe
[2010/09/17 05:30:48 | 002,320,763 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\autoupdater(2).exe
[2010/06/26 10:52:32 | 001,068,544 | ---- | C] (Coupons.com Incorporated) -- C:\Program Files\CouponPrinter.exe
[2010/05/25 11:45:24 | 003,103,640 | ---- | C] (Javacool Software LLC ) -- C:\Program Files\spywareblastersetup43.exe
[2010/02/24 19:08:09 | 006,667,584 | ---- | C] (DivX, Inc.) -- C:\Program Files\DivXWebPlayerInstaller.exe
[2009/12/25 20:07:32 | 000,410,624 | ---- | C] (OldTimer Tools) -- C:\Program Files\TFC.exe
[2009/12/05 04:53:59 | 025,740,144 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wmp11-windowsxp-x86-enu.exe
[2009/10/30 20:21:40 | 004,301,928 | ---- | C] (Adobe Systems Inc.) -- C:\Program Files\Shockwave_Installer_Slim(2).exe
[2009/10/30 20:18:23 | 000,714,528 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jxpiinstall.exe
[2009/10/29 16:39:46 | 001,925,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flash_player.exe
[2009/05/28 20:02:17 | 003,500,808 | ---- | C] (Adobe Systems Inc.) -- C:\Program Files\Shockwave_Installer_Slim.exe
[2009/05/02 15:18:50 | 016,509,288 | ---- | C] (Lime Wire LLC) -- C:\Program Files\LimeWireWin.exe
[2009/01/10 11:46:22 | 006,479,282 | ---- | C] (Ocucom) -- C:\Program Files\PrecastSetup.exe
[2008/12/03 19:36:45 | 004,283,512 | ---- | C] (W3i, LLC) -- C:\Program Files\ezvideos.exe
[2008/12/02 22:05:19 | 027,206,408 | ---- | C] (COMODO) -- C:\Program Files\CIS_Setup_3.5.55810.432_XP_Vista_x32.exe
[2007/01/20 12:50:31 | 005,971,432 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 2.0.0.1.exe
[2006/05/25 17:24:18 | 001,320,111 | ---- | C] (Fengtao Software Inc. ) -- C:\Program Files\DVDFabDecrypter29.exe
[1 C:\Documents and Settings\Carolyn\*.tmp files -> C:\Documents and Settings\Carolyn\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/07 11:16:02 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005UA.job
[2011/12/07 11:01:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/12/07 07:13:36 | 000,052,331 | ---- | M] () -- C:\Documents and Settings\Carolyn\Desktop\searchqu errors.zip
[2011/12/07 07:13:07 | 000,524,036 | ---- | M] () -- C:\Documents and Settings\Carolyn\Desktop\searchqu errors.evt
[2011/12/06 23:16:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005Core.job
[2011/12/06 16:21:17 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/12/06 16:17:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/06 16:15:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/06 15:30:12 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/06 15:30:12 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/12/06 08:32:28 | 000,006,686 | ---- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2011/12/06 08:32:28 | 000,000,152 | RHS- | M] () -- C:\WINDOWS\System32\3DC448A41C.sys
[2011/12/04 18:02:29 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2011/12/02 15:40:15 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/11/18 11:18:11 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Carolyn\Desktop\Google Chrome.lnk
[2011/11/18 11:18:11 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/10 03:07:01 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/08 06:37:07 | 000,445,798 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/08 06:37:07 | 000,073,004 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\Documents and Settings\Carolyn\*.tmp files -> C:\Documents and Settings\Carolyn\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/07 07:13:36 | 000,052,331 | ---- | C] () -- C:\Documents and Settings\Carolyn\Desktop\searchqu errors.zip
[2011/12/07 07:13:07 | 000,524,036 | ---- | C] () -- C:\Documents and Settings\Carolyn\Desktop\searchqu errors.evt
[2011/12/06 15:30:12 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/06 15:30:12 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/06 15:30:12 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/01/05 18:22:42 | 001,892,352 | ---- | C] () -- C:\WINDOWS\Win98Driver.exe
[2010/11/29 07:05:53 | 001,418,088 | ---- | C] () -- C:\Program Files\MusicManager.exe
[2010/07/24 07:03:36 | 044,089,904 | ---- | C] () -- C:\Program Files\avira_antivir_personal_en.exe
[2010/06/23 16:45:56 | 052,566,928 | ---- | C] () -- C:\Program Files\setup_av_free(2).exe
[2010/05/25 11:42:42 | 002,062,665 | ---- | C] () -- C:\Program Files\spywareguardsetup.exe
[2010/04/24 21:58:13 | 048,417,032 | ---- | C] () -- C:\Program Files\setup_av_free.exe
[2010/04/09 06:19:23 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/27 16:33:26 | 000,000,540 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\AutoGK.ini
[2010/03/27 16:22:29 | 012,341,641 | ---- | C] () -- C:\Program Files\AutoGordianKnot.2.55.Setup.exe
[2010/02/21 20:28:00 | 000,057,086 | ---- | C] () -- C:\Program Files\IowaWeatherMap.jpg
[2009/12/25 18:47:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Perl
[2009/12/25 18:47:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Carolyn\Application Data\PageLibraries
[2009/12/25 18:47:37 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2009/12/25 09:03:20 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/12/19 19:34:16 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\FixVTS.ini
[2009/12/19 18:44:45 | 000,032,944 | ---- | C] () -- C:\Program Files\FixVTS1.603.zip
[2009/12/15 20:31:07 | 001,089,840 | ---- | C] () -- C:\Program Files\yahoomailuploader_0.5.exe
[2009/12/02 18:02:18 | 001,320,837 | ---- | C] () -- C:\Program Files\RADTools19q.exe
[2009/12/02 17:50:56 | 018,030,130 | ---- | C] () -- C:\Program Files\vlc-1.0.3-win32.exe
[2009/11/15 15:34:40 | 032,770,344 | ---- | C] () -- C:\Program Files\yahoo_cinematycoon2_tm6-3.exe
[2009/11/10 08:09:34 | 000,000,044 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2009/11/10 08:09:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2009/10/29 16:39:16 | 000,465,778 | ---- | C] () -- C:\Program Files\gp.xpi
[2009/10/04 07:35:46 | 000,000,593 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2009/10/04 07:35:22 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009/10/04 07:30:55 | 000,000,042 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2009/08/18 09:17:07 | 000,284,184 | ---- | C] () -- C:\Program Files\PopCapPluginInstaller_v2_en.exe
[2009/08/18 09:14:34 | 057,604,344 | ---- | C] () -- C:\Program Files\BWAVol2Setup_1_1.exe
[2009/06/12 14:38:22 | 001,104,331 | ---- | C] () -- C:\Program Files\Genevieve Jr Miss Louisa County.jpg
[2009/06/08 08:32:36 | 000,291,180 | ---- | C] () -- C:\Program Files\myspace_cube.pdf
[2009/06/08 08:30:56 | 000,404,712 | ---- | C] () -- C:\Program Files\myspace_calendar.pdf
[2009/06/07 11:01:57 | 025,083,936 | ---- | C] () -- C:\Program Files\yahoo_annasicecream_tm6-3.exe
[2009/05/11 12:14:45 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009/04/11 18:17:50 | 001,403,901 | -HS- | C] () -- C:\WINDOWS\System32\epenilek.ini
[2009/01/25 15:10:48 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/08 17:01:22 | 000,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/11/30 20:08:46 | 000,907,380 | -HS- | C] () -- C:\WINDOWS\System32\XEMTAJjl.ini
[2008/11/30 20:08:46 | 000,907,313 | -HS- | C] () -- C:\WINDOWS\System32\XEMTAJjl.ini2
[2008/10/18 16:49:28 | 000,343,235 | ---- | C] () -- C:\Program Files\GuiStyle.exe
[2008/10/03 18:58:00 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2008/06/19 18:24:40 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/02/15 15:50:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2007/11/20 18:20:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2007/07/15 09:11:12 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/04/10 12:40:22 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\mr320exd.dll
[2007/04/03 17:45:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\mr320exv.dll
[2007/03/24 13:25:58 | 000,202,071 | ---- | C] () -- C:\Program Files\RipIt4Me.zip
[2007/01/21 07:48:08 | 000,001,168 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/10/04 15:06:42 | 000,128,000 | ---- | C] () -- C:\WINDOWS\Unwise32.exe
[2006/09/17 09:54:55 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\1CA448C43D.sys
[2006/08/27 08:18:14 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/07/10 13:05:45 | 004,445,923 | ---- | C] () -- C:\Program Files\superman_ss_osx.sit.hqx
[2006/07/03 17:06:06 | 000,000,108 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2006/06/23 15:16:55 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2006/06/13 11:19:41 | 000,398,376 | ---- | C] () -- C:\Program Files\msgr75us.exe
[2006/06/12 16:12:26 | 000,000,024 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/06/07 12:34:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ka.ini
[2006/05/25 17:02:57 | 000,899,414 | ---- | C] () -- C:\Program Files\SetupDVDDecrypter_3.5.4.0.exe
[2006/05/25 17:02:26 | 000,793,583 | ---- | C] () -- C:\Program Files\Classic_0.91.7.zip
[2006/05/25 16:48:38 | 001,094,021 | ---- | C] () -- C:\Program Files\dvdshrink32setup.zip
[2006/04/30 14:30:17 | 003,645,968 | ---- | C] () -- C:\Program Files\123freesolitaire.exe
[2006/03/05 17:17:02 | 000,006,686 | ---- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/03/05 17:17:02 | 000,000,152 | RHS- | C] () -- C:\WINDOWS\System32\3DC448A41C.sys
[2006/02/26 06:55:23 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\PFP120JPR.{PB
[2006/02/26 06:55:23 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\PFP120JCM.{PB
[2006/02/20 22:03:25 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/02/20 17:55:02 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\fusioncache.dat
[2006/02/16 00:50:02 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/16 00:41:32 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/02/16 00:37:56 | 000,000,556 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/16 00:36:44 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/02/16 00:12:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/02/16 00:12:54 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/02/16 00:12:26 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 04:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 04:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 04:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 04:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 04:27:59 | 000,372,080 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 04:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 04:18:33 | 000,445,798 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 04:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 04:18:33 | 000,073,004 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 04:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 04:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 04:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 04:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 04:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 04:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 04:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 04:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/06/22 13:37:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/10/15 16:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2011/08/04 21:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\!SASCORE
[2009/03/30 18:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2010/02/13 17:45:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/12/06 06:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010/11/08 18:19:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2011/06/11 19:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2011/04/16 21:18:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2010/06/16 18:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSetup000
[2010/06/16 18:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSetup001
[2010/06/16 18:49:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSetup002
[2010/06/16 18:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSetup003
[2009/12/25 18:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dictionaries
[2008/07/16 07:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA
[2009/12/25 18:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2009/03/29 14:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc
[2007/11/30 10:47:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2007/11/30 11:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2009/12/25 18:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2007/11/30 12:05:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/11/10 08:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/06/08 16:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Qwest
[2006/07/14 09:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2008/02/02 16:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/12/06 16:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/25 18:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2009/07/03 08:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/04/22 17:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visan
[2006/06/07 12:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
[2011/06/04 22:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2006/12/21 21:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/03/30 18:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ZangoSA
[2008/10/04 14:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2011/02/12 08:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/04/16 21:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Canon
[2011/04/22 05:50:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Catalina Marketing Corp
[2006/03/27 11:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\EA
[2011/02/27 09:22:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\eMusic
[2011/07/26 08:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\FrostWire
[2007/11/30 11:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\GameHouse
[2008/11/30 20:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\GetModule
[2009/03/30 18:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Graboid Inc
[2010/04/16 18:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Image Zone Express
[2011/09/30 11:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Inbox Toolbar
[2008/07/11 19:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Jane s Hotel
[2006/02/26 06:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Leadertech
[2009/12/25 18:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Nikon
[2011/05/28 10:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\OpenCandy
[2011/10/05 17:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\OpenOffice.org
[2008/09/18 20:50:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Opera
[2008/12/02 17:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\PCToolsFirewallPlus
[2010/09/16 04:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Philips
[2010/09/16 04:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Philips-Songbird
[2008/08/08 17:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\PlayFirst
[2011/07/11 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\PreCast
[2008/10/04 15:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\QQ Games
[2008/10/03 18:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\QQ Games Plugin
[2007/04/22 14:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\ri4mupdater
[2010/07/29 16:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\RipIt4Me
[2006/12/21 21:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\ScamBlocker
[2007/11/23 14:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Simple Star
[2009/01/10 11:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Terrapin
[2008/10/14 16:59:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Uniblue
[2008/09/12 17:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Viewpoint
[2011/04/22 17:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Visan
[2009/11/21 16:11:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\W Photo Studio
[2009/11/21 16:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\W Photo Studio Viewer
[2009/09/07 07:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Walgreens
[2006/07/03 18:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\WebRenderer
[2006/07/01 08:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Wildfire
[2011/12/06 16:21:17 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/12/07 11:01:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27EEEB5C
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:680DD2F1
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C5A35877
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C202A457
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3A6BC948
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80B291A7
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E36F5B57
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

Attached Files


Edited by huggster26, 07 December 2011 - 11:54 AM.

  • 0

Advertisements


#2
havredave

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,689 posts
Hi, welcome to GeeksToGo! I'm havredave, and I'll do my best to help you fix whatever it is that ails your computer.

Just a few things before we begin, to ease the process on both of us:
  • Please don't run any scanning or cleaning software without my direction, as it can make things worse and take longer in the long run.
  • Please be patient. A good cleaning can take quite a while, and usually involves many steps before it is complete. I may not post back quickly, because I often have to research issues or run ideas by my peers for a more thorough fix. Also, I'm currently still in training, so there may be a longer than normal pause between my posts as I get expert feedback and permission to post each fix.
  • You may wish to print out each instruction post in case you lose Internet connectivity (using safe mode, for example), so you can complete the fix.
  • If you have any question on any step, or if something doesn't work as described, please stop and ask before we proceed. Better safe than sorry!
  • Please paste your logs into your replies instead of attaching them. This makes it far easier to review. Feel free to use multiple replies if you need to.
  • Please stick with me until I let you know we're finished. Even if the machine is running better, it doesn't mean it's clean.

As it's been a while since your scans were done, please do the following to generate some fresh ones for me:

First:

Download a new copy of OTL to your Desktop.
  • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Copy the text from the codeblock below (ctrl-c) and paste it (ctrl-v) into the Custom Scans/Fixes box.

    netsvcs
    %SYSTEMDRIVE%\*.exe
    %USERPROFILE%\..|smtmp;true;true;true /FP
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    volsnap.sys
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    CREATERESTOREPOINT
    
  • Put a checkmark in the Scan All Users checkbox, near the top of the window.
  • Put checkmarks in the LOP Check and Purity Check checkboxes.
  • Click the "Use SafeList" radio button in the "Extra Registry" section.
  • Click the Run Scan button. Do not change any other settings. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic



Next:

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

If it asks you to download virus definitions, please say yes.

Click the "Scan" button to start scan. It could take a while, especially for the virus scan part. Do not let it fix anything, just do the scan.
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image



In summary, please post back with a fresh OTL.txt log, and the aswMBR log file.
  • 0

#3
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
I just ran this scan and did not get any output. Do I run it again?
  • 0

#4
havredave

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,689 posts
You received no open text document, like you did when you first scanned the machine with OTL? Were there any pop-up messages during the scan?

Please restart your computer, then try my previous instructions again.

Also, I'm assuming you are talking about the OTL scan not producing any output, correct? If it happens again, please proceed with the aswMBR scan, and post whatever you can.
  • 0

#5
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
yes, it was the OTL program where I got no output. I rebooted and ran again and got the same response. I'm running the other program now and hopefully we can get a result. thanks again
  • 0

#6
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
results from aswmbr.txt:

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-12-14 13:49:47
-----------------------------
13:49:47.640 OS Version: Windows 5.1.2600 Service Pack 3
13:49:47.640 Number of processors: 2 586 0x403
13:49:47.640 ComputerName: HIGGINS UserName: Carolyn
13:50:06.187 Initialize success
13:50:46.078 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
13:50:46.078 Disk 0 Vendor: WDC_WD1600JS-75NCB1 10.02E01 Size: 152587MB BusType: 3
13:50:48.109 Disk 0 MBR read successfully
13:50:48.125 Disk 0 MBR scan
13:50:48.125 Disk 0 unknown MBR code
13:50:48.171 Disk 0 scanning sectors +312496380
13:50:48.375 Disk 0 scanning C:\WINDOWS\system32\drivers
13:51:06.593 Service scanning
13:51:08.156 Service MpKslc929e47f c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D19A23CA-4E58-414F-BB90-691B33579F81}\MpKslc929e47f.sys **LOCKED** 32
13:51:08.890 Modules scanning
13:51:13.796 Disk 0 trace - called modules:
13:51:13.812 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
13:51:13.812 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8977bab8]
13:51:13.812 3 CLASSPNP.SYS[f7652fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x89764b00]
13:51:13.812 Scan finished successfully
13:56:30.437 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Carolyn\Desktop\MBR.dat"
13:56:30.437 The log file has been saved successfully to "C:\Documents and Settings\Carolyn\Desktop\aswMBR.txt"
  • 0

#7
havredave

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,689 posts
Ok, that log looks good to me. Let's go one step further on your MBR and double-check it:

Please visit VirScan.org.

Click the Browse button near the top of the page, and paste the following into the File name box:

C:\Documents and Settings\Carolyn\Desktop\MBR.dat

Click Open, then press the Upload button.

It won't take very long to upload, as the file is very small. If VirScan reports that the file has already been scanned, click the See Result button. Otherwise, press the Scan button.

When VirScan shows you a result page, please copy the URL (should be similar to http://r.virscan.org...bcd6bf135f7ef32), and paste it in your next response.



I'm still going to need a good scan output too, so I'd like you to try OTL one more time; pay attention to the lower-left-hand corner of the OTL window. That's where it indicates what it's doing. It should change now and again, sometimes rapidly and sometimes not. If it stops and does nothing, can you let me know what it said down there?

If OTL fails again, I'll ask you to use a few different scanners instead.
  • 0

#8
havredave

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,689 posts
Actually, I'd like to post an addendum to my last; if VirScan says it's already scanned that file, please tell it to scan it again, as it most definitely has not seen your exact MBR before.

Sorry for that. I use canned responses where I can, for accuracy, and sometimes that 'accuracy' comes back to bite me. :whistling:
  • 0

#9
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
http://r.virscan.org...2b37181c06.html

when I ran the OTL program it ran through all the files....I'll try 1 more time. I got it to run the other day but just ran a quick scan. Not sure but I kept the settings the same as what you had asked....
  • 0

#10
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
OTL ran again and no output file. I have boxes LOP check, Purity check and under 'extra registry' use safe list selected. It starts out scanning windows programs and it looks like it is going through the files. What am I missing? I just tried to look at it again and in the box it is white - I have the hourglass but nothing on that page.
:/
  • 0

Advertisements


#11
havredave

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,689 posts
Quite interesting, but this isn't a game-ender.

What sort of response did you get back from VirScan, on your MBR.dat file?

Let's use a different utility to get a scan, if we can:

Download OTS to your Desktop and double-click on it to run it
  • Make sure you close all other programs and don't use the PC while the scan runs.
  • Put marks in the following boxes in the "Additional Scans" box:
    • Reg - Ext
    • Reg - IE Explorer Bars
    • Reg - NetSvcs
    • Reg - Protocol Filters
    • Reg - Protocol Handlers
    • Reg - Winsock2 Catalogs
    • Reg - Uninstall List
    • Evnt - EventViewer Logs (Last 10 Errors)
    • File - Lop Check
    • File - Purity Scan
  • Next, please paste the following into the "Custom Scans" box:
    netsvcs
    %SYSTEMDRIVE%\*.exe
    %USERPROFILE%\..|smtmp;true;true;true /FP
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    volsnap.*
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    CREATERESTOREPOINT
    
  • Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and post the information back here in an attachment. I will review it when it comes in. The last line is < End of Report >, so make sure that is the last line in the attached report.


Make sure you attach the report in your reply. If it is too big to upload, then zip the text file and upload it that way
  • 0

#12
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
sorry to say I ran this OTS and I am not getting a report on this in notepad either....what is the deal? I have not changed any settings except for what you have told me. and yes, notepad is an app in my computer. LOL
  • 0

#13
havredave

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,689 posts
Actually - can you try to open notepad for me, just to make sure it isn't messed up? There's also a possibility that notepad isn't set as your default .txt file handler. I could tell you what your default is, but I'd need a scan. ;)

Let's try this:

Please look on your desktop, where OTL and OTS are sitting, and look for an OTL.txt, Extras.txt, and OTS.txt file. While they may not have opened, it's possible they were still created.

If you can find them, please attach them to your next post, or if you can get them to open with something, copy/paste their contents in a post as you did the very first post.

I'll see about getting an alternative ready if they're not there. :)
  • 0

#14
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
from OTS.txt:
OTS logfile created on: 12/15/2011 11:29:07 AM - Run 1
OTS by OldTimer - Version 3.1.46.0     Folder = C:\Documents and Settings\Carolyn\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1,022.00 Mb Total Physical Memory | 394.00 Mb Available Physical Memory | 39.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 61.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 109.57 Gb Free Space | 75.93% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 15.39 Gb Total Space | 10.46 Gb Free Space | 67.96% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: HIGGINS
Current User Name: Carolyn
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
 
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Carolyn\My Documents\Downloads\OTS.exe -> [2011/12/15 11:28:19 | 000,646,144 | ---- | M] (OldTimer Tools)
chrome.exe -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\chrome.exe -> [2011/11/14 23:39:56 | 001,036,344 | ---- | M] (Google Inc.)
superantispyware.exe -> C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE -> [2011/11/12 23:48:52 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com)
datamn~1.exe -> C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe -> [2011/11/09 04:42:38 | 001,694,608 | ---- | M] (Bandoo Media, inc)
googlecrashhandler.exe -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\GoogleCrashHandler.exe -> [2011/10/15 22:11:17 | 000,140,952 | ---- | M] (Google Inc.)
sascore.exe -> C:\Program Files\SUPERAntiSpyware\SASCore.exe -> [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com)
msseces.exe -> C:\Program Files\Microsoft Security Client\msseces.exe -> [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation)
msmpeng.exe -> c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation)
cfp.exe -> C:\Program Files\COMODO\COMODO Internet Security\cfp.exe -> [2010/01/28 21:26:17 | 001,800,464 | ---- | M] (COMODO)
cmdagent.exe -> C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -> [2010/01/28 21:26:15 | 000,723,632 | ---- | M] (COMODO)
soffice.bin -> C:\Program Files\OpenOffice.org 3\program\soffice.bin -> [2009/04/23 05:29:18 | 007,418,368 | ---- | M] (OpenOffice.org)
soffice.exe -> C:\Program Files\OpenOffice.org 3\program\soffice.exe -> [2009/04/23 05:29:14 | 007,424,000 | ---- | M] (OpenOffice.org)
ijplmsvc.exe -> C:\Program Files\Canon\IJPLM\ijplmsvc.exe -> [2009/02/10 10:01:49 | 000,116,104 | ---- | M] ()
searchprotection.exe -> C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe -> [2009/02/03 07:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc)
tftray.exe -> C:\Program Files\ThreatFire\TFTray.exe -> [2008/11/17 13:04:58 | 000,263,456 | ---- | M] (PC Tools)
tfservice.exe -> C:\Program Files\ThreatFire\TFService.exe -> [2008/11/17 13:04:54 | 000,070,944 | ---- | M] (PC Tools)
yahooauservice.exe -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.)
nkmonitor.exe -> C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe -> [2008/09/30 14:06:50 | 000,485,208 | ---- | M] (Nikon Corporation)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
tmon.exe -> C:\Program Files\Ocucom\PreCast\tmon.exe -> [2008/02/12 11:24:26 | 001,811,120 | ---- | M] ()
dsagnt.exe -> C:\Program Files\DellSupport\DSAgnt.exe -> [2007/03/15 10:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.)
viewpointservice.exe -> C:\Program Files\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation)
sbupdate.exe -> C:\Program Files\EarthLink\Toolbar\SBUpdate.exe -> [2006/10/11 16:25:56 | 000,087,832 | ---- | M] (EarthLink, Inc.)
realplay.exe -> C:\Program Files\Real\RealPlayer\realplay.exe -> [2006/02/16 00:37:31 | 000,026,112 | ---- | M] (RealNetworks, Inc.)
mediadetect.exe -> C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe -> [2006/02/09 16:34:54 | 000,106,496 | ---- | M] (Corel, Inc.)
res.exe -> C:\Program Files\USB Disk Win98 Driver\Res.exe -> [2005/09/14 20:44:14 | 000,065,536 | ---- | M] (ali)
stsystra.exe -> C:\WINDOWS\stsystra.exe -> [2005/03/23 00:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.)
hpzipm12.exe -> C:\WINDOWS\system32\HPZipm12.exe -> [2005/03/14 11:05:02 | 000,069,632 | ---- | M] (HP)
mssysmgr.exe -> C:\Program Files\Simple Star\PhotoShow Deluxe 3\data\Xtras\mssysmgr.exe -> [2005/01/21 18:04:42 | 000,163,840 | ---- | M] (Simple Star, Inc.)
 
[Modules - No Company Name]
sd10006.dll -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll -> [2011/12/15 06:34:52 | 000,063,488 | ---- | M] ()
sd10007.dll -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll -> [2011/12/15 06:34:52 | 000,052,736 | ---- | M] ()
ppgooglenaclpluginchrome.dll -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll -> [2011/11/14 23:39:54 | 000,420,920 | ---- | M] ()
pdf.dll -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll -> [2011/11/14 23:39:53 | 003,702,840 | ---- | M] ()
avutil-51.dll -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avutil-51.dll -> [2011/11/14 23:38:16 | 000,122,952 | ---- | M] ()
avformat-53.dll -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avformat-53.dll -> [2011/11/14 23:38:15 | 000,222,280 | ---- | M] ()
avcodec-53.dll -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avcodec-53.dll -> [2011/11/14 23:38:14 | 001,746,504 | ---- | M] ()
gcswf32.dll -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll -> [2011/11/14 20:36:18 | 008,593,056 | ---- | M] ()
zlib1.dll -> C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll -> [2011/09/27 06:23:00 | 000,087,912 | ---- | M] ()
libxml2.dll -> C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll -> [2011/09/27 06:22:40 | 001,242,472 | ---- | M] ()
uirepair.dll -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL -> [2011/08/20 00:04:15 | 000,117,760 | ---- | M] ()
sd10005.dll -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll -> [2011/08/20 00:04:15 | 000,052,224 | ---- | M] ()
sbe.dll -> C:\WINDOWS\system32\sbe.dll -> [2011/02/04 17:48:30 | 000,291,840 | ---- | M] ()
quartz.dll -> C:\WINDOWS\system32\quartz.dll -> [2010/02/05 12:27:45 | 001,291,776 | ---- | M] ()
mach32.dll -> C:\Program Files\COMODO\COMODO Internet Security\scanners\mach32.dll -> [2010/01/28 21:26:40 | 001,143,056 | ---- | M] ()
libxml2.dll -> C:\Program Files\OpenOffice.org 3\program\libxml2.dll -> [2009/04/16 12:02:16 | 000,970,752 | ---- | M] ()
ijplmsvc.exe -> C:\Program Files\Canon\IJPLM\ijplmsvc.exe -> [2009/02/10 10:01:49 | 000,116,104 | ---- | M] ()
script.cav -> C:\Program Files\COMODO\COMODO Internet Security\scanners\script.cav -> [2008/12/02 22:06:43 | 000,028,672 | ---- | M] ()
msdmo.dll -> C:\WINDOWS\system32\msdmo.dll -> [2008/04/13 18:11:59 | 000,014,336 | ---- | M] ()
devenum.dll -> C:\WINDOWS\system32\devenum.dll -> [2008/04/13 18:11:51 | 000,059,904 | ---- | M] ()
tmon.exe -> C:\Program Files\Ocucom\PreCast\tmon.exe -> [2008/02/12 11:24:26 | 001,811,120 | ---- | M] ()
 
[Win32 Services - Safe List]
(!SASCORE) SAS Core Service [Unknown | Running] -> C:\Program Files\SUPERAntiSpyware\SASCore.exe -> [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com)
(MsMpSvc) Microsoft Antimalware Service [Unknown | Running] -> c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation)
(cmdAgent) COMODO Internet Security Helper Service [Unknown | Running] -> C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -> [2010/01/28 21:26:15 | 000,723,632 | ---- | M] (COMODO)
(IJPLMSVC) Canon Inkjet Printer/Scanner/Fax Extended Survey Program [Unknown | Running] -> C:\Program Files\Canon\IJPLM\ijplmsvc.exe -> [2009/02/10 10:01:49 | 000,116,104 | ---- | M] ()
(ThreatFire) ThreatFire [Unknown | Running] -> C:\Program Files\ThreatFire\TFService.exe -> [2008/11/17 13:04:54 | 000,070,944 | ---- | M] (PC Tools)
(YahooAUService) Yahoo! Updater [Unknown | Running] -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.)
(DSBrokerService) DSBrokerService [Unknown | Stopped] -> C:\Program Files\DellSupport\brkrsvc.exe -> [2007/03/07 14:47:46 | 000,076,848 | ---- | M] ()
(Viewpoint Manager Service) Viewpoint Manager Service [Unknown | Running] -> C:\Program Files\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation)
(Pml Driver HPZ12) Pml Driver HPZ12 [Unknown | Running] -> C:\WINDOWS\system32\HPZipm12.exe -> [2005/03/14 11:05:02 | 000,069,632 | ---- | M] (HP)
 
[Driver Services - Safe List]
(MpKsl201c01c3) MpKsl201c01c3 [Kernel | Unknown | Running] -> c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D19A23CA-4E58-414F-BB90-691B33579F81}\MpKsl201c01c3.sys -> [2011/12/15 03:16:54 | 000,029,904 | ---- | M] (Microsoft Corporation)
(SASDIFSV) SASDIFSV [Kernel | Unknown | Running] -> C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -> [2011/07/22 10:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASKUTIL) SASKUTIL [Kernel | Unknown | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -> [2011/07/12 15:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(cmdGuard) COMODO Internet Security Sandbox Driver [File_System | Unknown | Running] -> C:\WINDOWS\system32\drivers\cmdguard.sys -> [2010/02/07 10:01:34 | 000,134,344 | ---- | M] (COMODO)
(Inspect) COMODO Internet Security Firewall Driver [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\inspect.sys -> [2010/01/28 21:26:25 | 000,087,104 | ---- | M] (COMODO)
(cmdHlp) COMODO Internet Security Helper Driver [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\cmdhlp.sys -> [2010/01/28 21:26:24 | 000,025,160 | ---- | M] (COMODO)
(TfSysMon) TfSysMon [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\TfSysMon.sys -> [2008/11/17 13:05:14 | 000,039,200 | ---- | M] (PC Tools)
(TfNetMon) TfNetMon [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\TfNetMon.sys -> [2008/11/17 13:05:12 | 000,033,056 | ---- | M] (PC Tools)
(TfFsMon) TfFsMon [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\TfFsMon.sys -> [2008/11/17 13:05:08 | 000,051,488 | ---- | M] (PC Tools)
(NwlnkIpx) NWLink IPX/SPX/NetBIOS Compatible Transport Protocol [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\nwlnkipx.sys -> [2008/04/13 12:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation)
(mr97320) PC-Camera [Kernel | Unknown | Stopped] -> C:\WINDOWS\system32\drivers\mr97320.sys -> [2007/04/20 16:44:08 | 000,069,248 | ---- | M] (Mars Semiconductor Corp.)
(dsunidrv) DellSupport UniDriver [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\dsunidrv.sys -> [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.)
(DSproct) DSproct [Kernel | Unknown | Running] -> C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -> [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.)
(ASCTRM) ASCTRM [Kernel | Unknown | Running] -> C:\WINDOWS\System32\drivers\asctrm.sys -> [2006/02/16 00:37:34 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider)
(ati2mtag) ati2mtag [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\ati2mtag.sys -> [2005/08/04 04:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.)
(STHDA) High Definition Audio Driver (WDM) - SigmaTel CODEC [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2005/06/14 22:40:08 | 000,180,864 | ---- | M] (SigmaTel, Inc.)
(NwlnkNb) NWLink NetBIOS [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\nwlnknb.sys -> [2004/08/10 05:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation)
(NwlnkSpx) NWLink SPX/SPXII Protocol [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\nwlnkspx.sys -> [2004/08/10 05:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation)
(IntelC53) IntelC53 [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\IntelC53.sys -> [2004/06/16 03:52:40 | 000,061,157 | ---- | M] (Intel Corporation)
(IntelC52) IntelC52 [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\IntelC52.sys -> [2004/03/06 04:15:34 | 000,647,929 | ---- | M] (Intel Corporation)
(IntelC51) IntelC51 [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\IntelC51.sys -> [2004/03/06 04:14:42 | 001,233,525 | ---- | M] (Intel Corporation)
(mohfilt) mohfilt [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\mohfilt.sys -> [2004/03/06 04:13:38 | 000,037,048 | ---- | M] (Intel Corporation)
(netrcacm) RCA USB Digital Cable Modem Driver [Kernel | Unknown | Stopped] -> C:\WINDOWS\system32\drivers\netrcacm.sys -> [2003/01/20 12:50:36 | 000,020,648 | ---- | M] (Thomson Inc.)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Secondary Start Pages" -> http://news.yahoo.com [binary data] -> 
HKEY_LOCAL_MACHINE\: Search\\"CustomSearch" -> http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html -> 
HKEY_LOCAL_MACHINE\: Search\\"Default_Page_URL" -> http://www.google.com/ig/dell?hl=en -> 
HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.com/ie -> 
HKEY_LOCAL_MACHINE\: Search\\"Start Page" -> http://www.google.com/ig/dell?hl=en -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\"Default_Page_URL" -> http://www.yahoo.com/?fr=fp-yie8 -> 
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com -> 
HKEY_CURRENT_USER\: Main\\"SearchDefaultBranded" -> 1 -> 
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Google -> 
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 -> 
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.yahoo.com/ -> 
HKEY_CURRENT_USER\: Main\\"Start Page Restore" -> http://www.yahoo.com/?fr=fp-yie8 -> 
HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://www.google.com/ie -> 
HKEY_CURRENT_USER\: SearchURL\\"" -> http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com -> 
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> 
HKEY_CURRENT_USER\: "ProxyOverride" -> *.mchsd.com;*.local -> 
HKEY_CURRENT_USER\: "ProxyServer" -> walledgarden.mchsd.com:8000 -> 
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\prefs.js -> 
browser.search.defaultengine -> "Ask.com" ->
browser.search.defaultenginename -> "Search Results" ->
browser.search.defaultthis.engineName -> "Radio TV 1 Customized Web Search" ->
browser.search.defaulturl -> "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=13&q=" ->
browser.search.order.1 -> "Search Results" ->
browser.search.selectedEngine -> "Search Results" ->
browser.search.useDBForOrder -> true ->
browser.startup.homepage -> "http://www.searchqu.com/406" ->
extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 ->
extensions.enabledItems -> {c2f863cd-0429-48c7-bb54-db756a951760}:5.21.1.1 ->
extensions.enabledItems -> {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5 ->
extensions.enabledItems -> [email protected]:1.12.0.36949 ->
extensions.enabledItems -> [email protected]:0.8.2 ->
extensions.enabledItems -> [email protected]:1.0 ->
extensions.enabledItems -> [email protected]:7 ->
extensions.enabledItems -> {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.2 ->
extensions.enabledItems -> [email protected]:1.6.1 ->
extensions.enabledItems -> {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313 ->
extensions.enabledItems -> [email protected]:1.03.01 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 ->
extensions.enabledItems -> {23ec984e-464c-4a0c-a8df-f80cb8c090e1}:2.7.2.0 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 ->
extensions.enabledItems -> [email protected]:1.2 ->
extensions.enabledItems -> {f29557fd-78aa-40e6-aba8-9fa219764018}:3.3.0.19 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 ->
keyword.URL -> "http://dts.search-results.com/sr?src=ffb&appid=113&systemid=406&sr=0&q=" ->
network.proxy.ftp -> "walledgarden.mchsd.com" ->
network.proxy.ftp_port -> 8000 ->
network.proxy.gopher -> "walledgarden.mchsd.com" ->
network.proxy.gopher_port -> 8000 ->
network.proxy.http -> "walledgarden.mchsd.com" ->
network.proxy.http_port -> 8000 ->
network.proxy.no_proxies_on -> "*.mchsd.com" ->
network.proxy.share_proxy_settings -> true ->
network.proxy.socks -> "walledgarden.mchsd.com" ->
network.proxy.socks_port -> 8000 ->
network.proxy.ssl -> "walledgarden.mchsd.com" ->
network.proxy.ssl_port -> 8000 ->
< FireFox Settings [User.js] > -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\user.js -> 
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\[email protected] -> C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\Firefox [C:\PROGRAM FILES\MSN TOOLBAR\PLATFORM\5.0.1449.0\FIREFOX] -> [2011/04/21 11:35:55 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502} -> C:\PROGRAM FILES\MICROSOFT\SEARCH ENHANCEMENT PACK\SEARCH HELPER\FIREFOXEXTENSION\SEARCHHELPEREXTENSION\ [C:\PROGRAM FILES\MICROSOFT\SEARCH ENHANCEMENT PACK\SEARCH HELPER\FIREFOXEXTENSION\SEARCHHELPEREXTENSION\] -> [2011/04/22 02:03:29 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 7.0.1\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011/12/06 15:29:47 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2011/11/04 15:47:21 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
  -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions -> [2011/12/05 07:09:58 | 000,000,000 | ---D | M]
  -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions\[email protected] -> [2009/05/02 15:23:35 | 000,000,000 | ---D | M]
  -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions\[email protected] -> [2010/09/16 04:53:54 | 000,000,000 | ---D | M]
  -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions -> [2011/12/05 07:09:17 | 000,000,000 | ---D | M]
Aero Fox   -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66} -> [2009/04/11 10:36:45 | 000,000,000 | ---D | M]
Searchqu Toolbar   -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} -> [2011/12/05 07:09:18 | 000,000,000 | ---D | M]
  -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\[email protected] -> [2009/05/27 17:50:27 | 000,000,000 | ---D | M]
< FireFox SearchPlugins [User Folders] > -> 
 aim-search.xml -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\searchplugins\aim-search.xml -> [2009/07/03 09:11:37 | 000,004,207 | ---- | M] ()
 askcom.xml -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\searchplugins\askcom.xml -> [2010/02/07 17:00:41 | 000,002,425 | ---- | M] ()
 bing-zugo.xml -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\searchplugins\bing-zugo.xml -> [2010/11/29 07:10:42 | 000,001,919 | ---- | M] ()
 conduit.xml -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\searchplugins\conduit.xml -> [2010/12/30 17:21:42 | 000,000,923 | ---- | M] ()
 mypoints-search.xml -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\searchplugins\mypoints-search.xml -> [2011/11/30 19:01:39 | 000,001,672 | ---- | M] ()
 Search_Results.xml -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\searchplugins\Search_Results.xml -> [2011/12/05 07:08:36 | 000,002,519 | ---- | M] ()
< FireFox Extensions [Program Folders] > -> 
  -> C:\Program Files\Mozilla Firefox\extensions -> [2011/12/06 15:29:47 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} -> [2011/10/29 06:37:48 | 000,000,000 | ---D | M]
No name found -> C:\DOCUMENTS AND SETTINGS\CAROLYN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZU3MSNT.DEFAULT\EXTENSIONS\[email protected] -> ()
< HOSTS File > ([2009/04/11 18:18:07 | 000,001,070 | ---- | M] - 27 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> 
First 25 entries...
Reset Hosts
127.0.0.1	localhost
82.98.231.89	browser-security.microsoft.com
82.98.231.89	best-click-scanner.info
82.98.231.89	antivirus-xp-pro-2009.com
82.98.231.89	microsoft.infosecuritycenter.com
82.98.231.89	microsoft.softwaresecurityhelp.com
82.98.231.89	onlinenotifyq.net
82.98.231.89	antivirusxp-pro-2009.com
82.98.231.89	microsoft.browser-security-center.com
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{00000000-0000-0000-0000-000000000002} [HKLM] -> C:\Program Files\EarthLink\Toolbar\EScamBlk.dll [ElnkBhoGuard Class] -> [2006/10/11 16:25:46 | 000,198,424 | ---- | M] (EarthLink, Inc.)
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [&Yahoo! Toolbar Helper] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{15F4D456-5BAA-4076-8486-EECB38CD3E57} [HKLM] -> C:\Program Files\EarthLink\Toolbar\EScamBlk.dll [ElnkScamBHO Class] -> [2006/10/11 16:25:46 | 000,198,424 | ---- | M] (EarthLink, Inc.)
{2220F2A2-672E-4EF4-AE44-B802D4E38795} [HKLM] ->  [Reg Error: Value error.] -> File not found
{512ACF1B-64D9-4928-B382-A80556F28DB4} [HKLM] -> C:\Program Files\EarthLink\Toolbar\ElnkPuB.dll [ElnkPubBHO Class] -> [2006/10/11 16:25:46 | 000,206,616 | ---- | M] (EarthLink, Inc.)
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007/12/12 16:09:42 | 000,222,448 | ---- | M] (Yahoo! Inc.)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> [2005/05/31 04:33:00 | 000,118,844 | ---- | M] (Sonic Solutions)
{9579D574-D4D8-4335-9560-FE8641A013BD} [HKLM] -> C:\Program Files\EarthLink\Toolbar\ProtctIE.dll [ElnkProtectionBHO Class] -> [2006/10/11 16:25:50 | 000,251,672 | ---- | M] (EarthLink, Inc.)
{99079a25-328f-4bd4-be04-00955acaa0a7} [HKLM] ->  [Searchqu Toolbar] -> File not found
{9D717F81-9148-4f12-8568-69135F087DB0} [HKLM] -> C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll [DataMngr] -> [2011/11/09 04:42:46 | 000,101,272 | ---- | M] (Bandoo Media, inc)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> c:\Program Files\GoogleAFE\GoogleAE.dll [CBrowserHelperObject Object] -> [2005/12/08 14:00:34 | 000,090,112 | ---- | M] (Google)
{D4027C7F-154A-4066-A1AD-4243D8127440} [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [FrostWire Toolbar] -> [2011/02/01 18:17:24 | 001,487,240 | ---- | M] (Ask)
{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} [HKLM] -> C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll [WeCareReminder Class] -> [2011/04/22 07:13:36 | 000,359,936 | ---- | M] (We-Care.com)
{E713904C-DF05-4C79-BBAD-02DB923253BE} [HKLM] -> C:\Program Files\EarthLink\Toolbar\uninsttb.dll [ElnkLegacyUninstBHO Class] -> [2006/10/11 16:25:54 | 000,096,024 | ---- | M] (EarthLink, Inc.)
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\YTSingleInstance.dll [SingleInstance Class] -> [2010/01/21 23:25:08 | 000,158,520 | ---- | M] (Yahoo! Inc)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{98279C38-DE4B-4bcf-93C9-8EC26069D6F4}" [HKLM] ->  [ShopAtHome Toolbar] -> File not found
"{99079a25-328f-4bd4-be04-00955acaa0a7}" [HKLM] ->  [Searchqu Toolbar] -> File not found
"{C7768536-96F8-4001-B1A2-90EE21279187}" [HKLM] -> C:\Program Files\EarthLink\Toolbar\Toolbar.dll [EarthLink Toolbar] -> [2006/10/11 16:25:52 | 000,247,576 | ---- | M] (EarthLink, Inc.)
"{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [FrostWire Toolbar] -> [2011/02/01 18:17:24 | 001,487,240 | ---- | M] (Ask)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [Yahoo! Toolbar] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
"10" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{C7768536-96F8-4001-B1A2-90EE21279187}" [HKLM] -> C:\Program Files\EarthLink\Toolbar\Toolbar.dll [EarthLink Toolbar] -> [2006/10/11 16:25:52 | 000,247,576 | ---- | M] (EarthLink, Inc.)
WebBrowser\\"{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [FrostWire Toolbar] -> [2011/02/01 18:17:24 | 001,487,240 | ---- | M] (Ask)
WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [Yahoo! Toolbar] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
WebBrowser\\"{FE063DB9-4EC0-403E-8DD8-394C54984B2C}" [HKLM] ->  [Ask Toolbar] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"" ->  [] -> File not found
"APSDaemon" -> C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe ["C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"] -> [2011/09/27 06:22:28 | 000,059,240 | ---- | M] (Apple Inc.)
"COMODO Internet Security" -> C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ["C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h] -> [2010/01/28 21:26:17 | 001,800,464 | ---- | M] (COMODO)
"Corel Photo Downloader" -> C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe [C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe] -> [2006/02/09 16:34:54 | 000,106,496 | ---- | M] (Corel, Inc.)
"DATAMNGR" -> C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE] -> [2011/11/09 04:42:38 | 001,694,608 | ---- | M] (Bandoo Media, inc)
"MSC" -> c:\Program Files\Microsoft Security Client\msseces.exe ["c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey] -> [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation)
"Nikon Transfer Monitor" -> C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe] -> [2008/09/30 14:06:50 | 000,485,208 | ---- | M] (Nikon Corporation)
"RealTray" -> C:\Program Files\Real\RealPlayer\RealPlay.exe [C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER] -> [2006/02/16 00:37:31 | 000,026,112 | ---- | M] (RealNetworks, Inc.)
"SigmatelSysTrayApp" -> C:\WINDOWS\stsystra.exe [stsystra.exe] -> [2005/03/23 00:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.)
"ThreatFire" -> C:\Program Files\ThreatFire\TFTray.exe [C:\Program Files\ThreatFire\TFTray.exe] -> [2008/11/17 13:04:58 | 000,263,456 | ---- | M] (PC Tools)
"USB Storage Toolbox" -> C:\Program Files\USB Disk Win98 Driver\Res.exe [C:\Program Files\USB Disk Win98 Driver\Res.EXE] -> [2005/09/14 20:44:14 | 000,065,536 | ---- | M] (ali)
"YSearchProtection" -> C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe ["C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"] -> [2009/02/03 07:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"DellSupport" -> C:\Program Files\DellSupport\DSAgnt.exe ["C:\Program Files\DellSupport\DSAgnt.exe" /startup] -> [2007/03/15 10:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.)
"MsnMsgr" ->  ["C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background] -> File not found
"PhotoShow Deluxe Media Manager" -> C:\Program Files\Simple Star\PhotoShow Deluxe 3\data\Xtras\mssysmgr.exe [C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe] -> [2005/01/21 18:04:42 | 000,163,840 | ---- | M] (Simple Star, Inc.)
"RebateInformer" ->  [C:\PROGRA~1\REBATE~1\REBATE~1.EXE /STARTUP] -> File not found
"Search Protection" -> C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe] -> [2009/02/03 07:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc)
"SUPERAntiSpyware" -> C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> [2011/11/12 23:48:52 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com)
"updateMgr" -> C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe ["C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1] -> [2006/03/30 15:45:08 | 000,313,472 | R--- | M] (Adobe Systems Incorporated)
"YSearchProtection" -> C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe] -> [2009/02/03 07:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> [2005/09/23 21:05:26 | 000,029,696 | ---- | M] (Adobe Systems Incorporated)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PreCast Monitor.lnk -> C:\Program Files\Ocucom\PreCast\tmon.exe -> [2008/02/12 11:24:26 | 001,811,120 | ---- | M] ()
< Carolyn Startup Folder > -> C:\Documents and Settings\Carolyn\Start Menu\Programs\Startup -> 
C:\Documents and Settings\Carolyn\Start Menu\Programs\Startup\IMVU.lnk ->  -> File not found
C:\Documents and Settings\Carolyn\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe -> [2009/04/16 13:14:14 | 000,384,000 | ---- | M] ()
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" ->  [1] -> File not found
\\"NoCDBurning" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"InstallVisualStyle" -> C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> [2004/08/10 03:39:00 | 001,347,728 | ---- | M] (Microsoft)
\\"InstallTheme" -> C:\WINDOWS\Resources\Themes\Royale.Theme [C:\WINDOWS\Resources\Themes\Royale.theme] -> [2004/07/28 02:03:28 | 000,001,293 | ---- | M] ()
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
\\"NoDriveAutoRun" ->  [-1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 
&Search ->  [http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKfox000] -> File not found
E&xport to Microsoft Excel ->  [res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000] -> File not found
EarthLink Yahoo Search -> C:\Program Files\EarthLink\Toolbar\SearchUI.dll [res://C:\Program Files\EarthLink\Toolbar\SearchUI.dll/search.html] -> [2006/10/11 16:25:52 | 000,243,480 | ---- | M] (EarthLink, Inc.)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}:{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Button: Yahoo! Services] -> [2007/12/12 16:09:42 | 000,222,448 | ---- | M] (Yahoo! Inc.)
{d9288080-1baa-4bc4-9cf8-a92d743db949}:Exec [HKLM] -> C:\Documents and Settings\Carolyn\Start Menu\Programs\IMVU\Run IMVU.lnk [Button: Run IMVU] -> [2008/07/16 07:37:06 | 000,001,540 | ---- | M] ()
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4945 domain(s) found. -> 
objects_aol.com [*] -> Out of zone range - ( 5 ) -> 
play_toontown.com [http] -> Trusted sites -> 
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] -> 
{17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab [Windows Genuine Advantage Validation Tool] -> 
{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} [HKLM] -> http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/MyFunCardsFWBInitialSetup1.0.0.15-3.cab [Reg Error: Key error.] -> 
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] -> 
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} [HKLM] -> C:\Program Files\Yahoo!\Common\Yinsthelper.dll [Installation Support] -> 
{77E32299-629F-43C6-AB77-6A1E6D7663F6} [HKLM] -> http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab [Groove Control] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab [Java Plug-in 1.6.0_29] -> 
{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} [HKLM] -> http://aolsvc.aol.com/onlinegames/free-trial-yahtzee/zylomplayer.cab [Zylom Games Player] -> 
{C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} [HKLM] -> http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe [Virtools WebPlayer Class] -> 
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab [Java Plug-in 1.6.0_29] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab [Java Plug-in 1.6.0_29] -> 
{D4323BF2-006A-4440-A2F5-27E3E7AB25F8} [HKLM] -> http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe [Virtools WebPlayer Class] -> 
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 192.168.0.1 205.171.3.25 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{CD8535B6-108A-4252-832F-6F25B82A4B65}\\DhcpNameServer -> 192.168.0.1 205.171.3.25   (Intel(R) PRO/100 VE Network Connection) -> 
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> 
C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll -> C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll -> [2011/11/09 04:42:41 | 001,236,368 | ---- | M] (Bandoo Media, inc)
C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll -> C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll -> [2011/11/09 04:42:43 | 001,233,816 | ---- | M] (Bandoo Media, inc)
yhbxys.dll ->  -> File not found
c:\windows\system32\latadeti.dll ->  -> File not found
C:\WINDOWS\system32\guard32.dll -> C:\WINDOWS\system32\guard32.dll -> [2010/02/07 10:01:37 | 000,171,552 | ---- | M] (COMODO)
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\WINDOWS\system32\userinit.exe -> C:\WINDOWS\system32\userinit.exe -> [2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
!SASWinLogon -> C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL -> [2011/05/04 11:54:14 | 000,551,296 | ---- | M] (SUPERAntiSpyware.com)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [] -> [2011/07/18 18:02:18 | 000,113,024 | ---- | M] (SuperAdBlocker.com)
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
*SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
digeste.dll ->  -> File not found
*MultiFile Done* -> -> 
< LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 
*LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 
nwprovau -> C:\WINDOWS\System32\nwprovau.dll -> [2008/04/13 18:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation)
C:\WINDOWS\system32\ljJATMEX ->  -> File not found
*MultiFile Done* -> -> 
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"C:\Program Files\America Online 9.0\waol.exe" ->  [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\MSN Messenger\livecall.exe" ->  [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" ->  [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> File not found
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"C:\Documents and Settings\Princess\Application Data\MySpace\IM\bin\MySpaceIM.exe" -> C:\Documents and Settings\Princess\Application Data\MySpace\IM\bin\MySpaceIM.exe [C:\Documents and Settings\Princess\Application Data\MySpace\IM\bin\MySpaceIM.exe:*:Disabled:MySpace Instant Messenger] -> [2008/12/12 12:46:08 | 009,555,968 | ---- | M] ()
"C:\Program Files\AIM6\aim6.exe" ->  [C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM] -> File not found
"C:\Program Files\America Online 9.0\waol.exe" ->  [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" -> C:\Program Files\Common Files\AOL\Loader\aolload.exe [C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader] -> [2006/11/03 01:17:27 | 000,010,800 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" -> C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe [C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit] -> [2011/09/27 06:22:50 | 000,014,184 | ---- | M] (Apple Inc.)
"C:\Program Files\FrostWire 5\FrostWire.exe" -> C:\Program Files\FrostWire 5\FrostWire.exe [C:\Program Files\FrostWire 5\FrostWire.exe:*:Enabled:FrostWire] -> [2011/07/15 15:24:42 | 000,466,944 | ---- | M] (FrostWire Group)
"C:\Program Files\FrostWire\FrostWire.exe" ->  [C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire] -> File not found
"C:\Program Files\Graboid\GraboidVideo\1.4.0.0\DLManager\GraboidDLManager.exe" ->  [C:\Program Files\Graboid\GraboidVideo\1.4.0.0\DLManager\GraboidDLManager.exe:*:Enabled:SABnzbd-0.2.5] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" ->  [C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" ->  [C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe] -> File not found
"C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe" -> C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe [C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP Device Setup] -> [2010/06/14 15:07:50 | 006,758,248 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe" -> C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe [C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Network Communicator] -> [2010/06/14 15:03:46 | 000,391,528 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2009/03/10 14:10:51 | 000,139,776 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\MSN Messenger\livecall.exe" ->  [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" ->  [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> File not found
"C:\Program Files\Skype\Phone\Skype.exe" ->  [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> File not found
"C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" -> C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe [C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker] -> [2011/10/31 07:37:30 | 000,094,168 | ---- | M] (Visicom Media Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" ->  [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" ->  [C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server] -> File not found
"C:\StubInstaller.exe" -> C:\StubInstaller.exe [C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer] -> [2005/10/31 09:56:00 | 000,700,416 | ---- | M] (LimeWire)
"C:\WINDOWS\explorer.exe" -> C:\WINDOWS\explorer.exe [C:\WINDOWS\explorer.exe:*:Enabled:Explorer] -> [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
"C:\WINDOWS\system32\mmc.exe" -> C:\WINDOWS\System32\mmc.exe [C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console] -> [2008/04/13 18:12:25 | 001,414,656 | ---- | M] (Microsoft Corporation)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  -> 
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2005/08/16 04:43:04 | 000,000,000 | ---- | M] ()
F:\autorun.inf [[AutoRun] | icon=launcher.exe,0 | action=Coby Media Manager | shellexecute=launcher.exe | shell\Auto\command=launcher.exe | shell\Auto=Coby &Media Manager | shell=Auto | ] -> F:\autorun.inf [ FAT32 ] -> [2010/01/04 10:30:42 | 000,000,163 | R--- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell
\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun
\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun\command
\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun\command\\"" ->  [F:\setup.exe -a] -> File not found
\{361ac05d-0e0d-11da-9aa9-806d6172696f}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell
\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun
\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command
\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command\\"" ->  [E:\setup.exe] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
 
[Registry - Additional Scans - Safe List]
< Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> 
{00ba0ab2-09c6-450d-b5c6-334f22153f18} [HKLM] -> C:\Documents and Settings\All Users\Application Data\HP Photo Creations\RLPNUpload.dll [CRLPNUpld Object] -> [2011/04/22 17:22:41 | 000,141,480 | ---- | M] (RocketLife)
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [&Yahoo! Toolbar Helper] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{0291E591-EA41-4c82-8106-3DC6CE7F7664} [HKLM] -> C:\Program Files\Yahoo!\Common\YInstHelper.dll [Installation Support] -> [2007/11/28 15:55:58 | 000,211,744 | ---- | M] (Yahoo! Inc.)
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2011/10/24 14:30:12 | 000,796,520 | ---- | M] (Apple Inc.)
{03F998B2-0E00-11D3-A498-00104B6EB52E} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll [MetaStreamCtl Class] -> [2008/02/06 18:58:48 | 000,262,214 | ---- | M] (Viewpoint Corporation)
{0566A191-D675-4911-9C7E-50EDBEF90F32} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{12a0d4c1-4d44-4fb6-bdba-a7aabfda7e75} [HKLM] -> C:\Documents and Settings\All Users\Application Data\HP Photo Creations\RocketEngine.dll [CFXEngine Object] -> [2011/04/22 17:22:41 | 001,231,016 | ---- | M] (Visan inc.)
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Director\SwDir.dll [Shockwave ActiveX Control] -> [2007/08/07 16:20:44 | 000,182,248 | ---- | M] (Adobe Systems, Inc.)
{1B00725B-C455-4DE6-BFB6-AD540AD427CD} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll [MetaStreamCtl Class] -> [2008/02/06 18:58:48 | 000,262,214 | ---- | M] (Viewpoint Corporation)
{1C58E5DD-0EE7-4F86-9F73-54653137E5F2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\WINDOWS\system32\Macromed\Director\SwDir.dll [Shockwave ActiveX Control] -> [2007/08/07 16:20:44 | 000,182,248 | ---- | M] (Adobe Systems, Inc.)
{30528230-99F7-4BB4-88D8-FA1D4F56A2AB} [HKLM] -> C:\Program Files\Yahoo!\Common\YInstHelper.dll [Installation Support] -> [2007/11/28 15:55:58 | 000,211,744 | ---- | M] (Yahoo! Inc.)
{347B0667-C7ED-429B-BDE3-CC8D3BACAA31} [HKLM] -> C:\Program Files\Yahoo!\Common\YInstHelper.dll [Installation Support] -> [2007/11/28 15:55:58 | 000,211,744 | ---- | M] (Yahoo! Inc.)
{3788E535-897B-463d-B6D6-FEE5B86EC144} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{3EEEBC9A-580F-46EF-81D9-55510266413D} [HKLM] -> C:\Documents and Settings\All Users\Application Data\HP Photo Creations\ContentMan.dll [CRecord Object] -> [2011/04/22 17:22:39 | 000,194,728 | ---- | M] (RocketLife)
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2011/10/24 14:30:12 | 000,796,520 | ---- | M] (Apple Inc.)
{444785F1-DE89-4295-863A-D46C3A781394} [HKLM] -> C:\Program Files\Unity\WebPlayer\loader\UnityWebPluginAX.ocx [UnityWebPlayer Control] -> [2008/07/17 19:51:56 | 000,508,656 | ---- | M] (Unity Technologies ApS)
{444785F1-DE89-4295-863A-D46C3A781394} [HKCU] -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Unity\WebPlayer\loader\UnityWebPluginAX.ocx [UnityWebPlayer Control] -> [2010/11/29 10:26:14 | 000,173,528 | ---- | M] (Unity Technologies ApS)
{5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2011/10/03 04:06:06 | 000,112,416 | ---- | M] (Sun Microsystems, Inc.)
{5dcf3f4a-fda4-46a9-9129-47dd0cc8243f} [HKLM] -> C:\Documents and Settings\All Users\Application Data\HP Photo Creations\ContentMan.dll [CCMan Object] -> [2011/04/22 17:22:39 | 000,194,728 | ---- | M] (RocketLife)
{69725738-CD68-4f36-8D02-8C43722EE5DA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{6E1D8C13-B506-495A-995C-BE98117A7D3F} [HKLM] ->  [WebActivater Control] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{83453071-3F9C-4ab0-BE30-EDA368D7976D} [HKLM] -> C:\Program Files\AskTBar\bar\1.bin\A5POPSWT.DLL [PopSwatter Settings Class] -> [2007/03/18 07:38:38 | 000,118,784 | ---- | M] (Ask.com)
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_29.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:11 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.)
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{A17E30C4-A9BA-11D4-8673-60DB54C10000} [HKLM] -> C:\Program Files\Yahoo!\Common\YMMAPI.dll [Yahoo! MailTo] -> [2007/06/28 15:41:00 | 000,285,464 | ---- | M] (Yahoo! Inc.)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2006/11/27 10:25:38 | 000,292,488 | ---- | M] (Adobe Systems, Inc.)
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_02] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_02] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_02] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_03] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_03] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_03] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_15] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_15] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_15] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_29.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:11 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_29.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:11 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_29.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:11 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deployJava1.dll [Deployment Toolkit] -> [2011/10/03 04:06:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deployJava1.dll [Deployment Toolkit] -> [2011/10/03 04:06:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [Behavior Object] -> [2011/10/24 14:30:12 | 000,796,520 | ---- | M] (Apple Inc.)
{CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> C:\WINDOWS\system32\rmoc3260.dll [RealPlayer G2 Control] -> [2006/02/16 00:37:35 | 000,157,696 | ---- | M] (RealNetworks)
{D02818A3-BD90-4369-951D-464336725225} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash11e.ocx [Shockwave Flash Object] -> [2011/12/13 11:30:13 | 008,632,480 | R--- | M] (Adobe Systems, Inc.)
{D3D233D5-9F6D-436C-B6C7-E63F77503B30} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D3F940EA-4E87-423b-9091-934E1E4FCEAE} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2011/06/10 00:13:12 | 000,111,904 | ---- | M] (Apple Inc.)
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} [HKLM] -> Reg Error: Key error. [&Inbox Toolbar] -> File not found
{DFEAF541-F3E1-4c24-ACAC-99C30715084A} [HKLM] -> c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll [Microsoft Silverlight] -> [2011/08/30 15:48:52 | 001,025,864 | ---- | M] ( Microsoft Corporation)
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [Yahoo! Toolbar] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{FE063DBB-4EC0-403e-8DD8-394C54984B2C} [HKLM] ->  [Ask Toolbar Settings] -> File not found
< Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> 
{00000000-0000-0000-0000-000000000002} [HKLM] -> C:\Program Files\EarthLink\Toolbar\EScamBlk.dll [ElnkBhoGuard Class] -> [2006/10/11 16:25:46 | 000,198,424 | ---- | M] (EarthLink, Inc.)
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [&Yahoo! Toolbar Helper] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{15F4D456-5BAA-4076-8486-EECB38CD3E57} [HKLM] -> C:\Program Files\EarthLink\Toolbar\EScamBlk.dll [ElnkScamBHO Class] -> [2006/10/11 16:25:46 | 000,198,424 | ---- | M] (EarthLink, Inc.)
{21347690-EC41-4F9A-8887-1F4AEE672439} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{30528230-99F7-4BB4-88D8-FA1D4F56A2AB} [HKLM] -> C:\Program Files\Yahoo!\Common\YInstHelper.dll [Installation Support] -> [2007/11/28 15:55:58 | 000,211,744 | ---- | M] (Yahoo! Inc.)
{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{4A368E80-174F-4872-96B5-0B27DDD11DB2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{512ACF1B-64D9-4928-B382-A80556F28DB4} [HKLM] -> C:\Program Files\EarthLink\Toolbar\ElnkPuB.dll [ElnkPubBHO Class] -> [2006/10/11 16:25:46 | 000,206,616 | ---- | M] (EarthLink, Inc.)
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007/12/12 16:09:42 | 000,222,448 | ---- | M] (Yahoo! Inc.)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> [2005/05/31 04:33:00 | 000,118,844 | ---- | M] (Sonic Solutions)
{61539ECD-CC67-4437-A03C-9AACCBD14326} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9579D574-D4D8-4335-9560-FE8641A013BD} [HKLM] -> C:\Program Files\EarthLink\Toolbar\ProtctIE.dll [ElnkProtectionBHO Class] -> [2006/10/11 16:25:50 | 000,251,672 | ---- | M] (EarthLink, Inc.)
{99079A25-328F-4BD4-BE04-00955ACAA0A7}, [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9D425283-D487-4337-BAB6-AB8354A81457} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9D717F81-9148-4F12-8568-69135F087DB0} [HKLM] -> C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll [DataMngr] -> [2011/11/09 04:42:46 | 000,101,272 | ---- | M] (Bandoo Media, inc)
{9D717F81-9148-4f12-8568-69135F087DB0}, [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{B0CDA128-B425-4EEF-A174-61A11AC5DBF8} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BDD307C3-7BC0-4542-9F8F-A9611FE6C1BF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C7768536-96F8-4001-B1A2-90EE21279187} [HKLM] -> C:\Program Files\EarthLink\Toolbar\Toolbar.dll [EarthLink Toolbar] -> [2006/10/11 16:25:52 | 000,247,576 | ---- | M] (EarthLink, Inc.)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> c:\Program Files\GoogleAFE\GoogleAE.dll [CBrowserHelperObject Object] -> [2005/12/08 14:00:34 | 000,090,112 | ---- | M] (Google)
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash11e.ocx [Shockwave Flash Object] -> [2011/12/13 11:30:13 | 008,632,480 | R--- | M] (Adobe Systems, Inc.)
{D4027C7F-154A-4066-A1AD-4243D8127440} [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [FrostWire Toolbar] -> [2011/02/01 18:17:24 | 001,487,240 | ---- | M] (Ask)
{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} [HKLM] -> C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll [WeCareReminder Class] -> [2011/04/22 07:13:36 | 000,359,936 | ---- | M] (We-Care.com)
{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{E713904C-DF05-4C79-BBAD-02DB923253BE} [HKLM] -> C:\Program Files\EarthLink\Toolbar\uninsttb.dll [ElnkLegacyUninstBHO Class] -> [2006/10/11 16:25:54 | 000,096,024 | ---- | M] (EarthLink, Inc.)
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [Yahoo! Toolbar] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\YTSingleInstance.dll [SingleInstance Class] -> [2010/01/21 23:25:08 | 000,158,520 | ---- | M] (Yahoo! Inc)
< Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> 
{00000000-0000-0000-0000-000000000002} [HKLM] -> C:\Program Files\EarthLink\Toolbar\EScamBlk.dll [ElnkBhoGuard Class] -> [2006/10/11 16:25:46 | 000,198,424 | ---- | M] (EarthLink, Inc.)
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [&Yahoo! Toolbar Helper] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2011/10/24 14:30:12 | 000,796,520 | ---- | M] (Apple Inc.)
{03402F96-3DC7-4285-BC50-9E81FEFAFE43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{03F998B2-0E00-11D3-A498-00104B6EB52E} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll [MetaStreamCtl Class] -> [2008/02/06 18:58:48 | 000,262,214 | ---- | M] (Viewpoint Corporation)
{042DA63B-0933-403D-9395-B49307691690} [HKLM] -> Reg Error: Key error. [] -> File not found
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/12/18 03:16:42 | 000,059,032 | ---- | M] (Adobe Systems Incorporated)
{07B18EAB-A523-4961-B6BB-170DE4475CCA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found
{0B83C99C-1EFA-4259-858F-BCB33E007A5B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{14EC1DDF-9B08-4D73-8D98-A984BF0DEE7C} [HKLM] -> C:\Program Files\MTV Networks\URGE\UrgeLaunch.dll [CUrgeLaunchCls Object] -> [2007/03/21 14:30:58 | 000,124,432 | ---- | M] (MTV Networks)
{15F4D456-5BAA-4076-8486-EECB38CD3E57} [HKLM] -> C:\Program Files\EarthLink\Toolbar\EScamBlk.dll [ElnkScamBHO Class] -> [2006/10/11 16:25:46 | 000,198,424 | ---- | M] (EarthLink, Inc.)
{1B00725B-C455-4DE6-BFB6-AD540AD427CD} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll [MetaStreamCtl Class] -> [2008/02/06 18:58:48 | 000,262,214 | ---- | M] (Viewpoint Corporation)
{1C58E5DD-0EE7-4F86-9F73-54653137E5F2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{21347690-EC41-4F9A-8887-1F4AEE672439} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{2220F2A2-672E-4EF4-AE44-B802D4E38795} [HKLM] ->  [Reg Error: Value error.] -> File not found
{22BF413B-C6D2-4D91-82A9-A0F997BA588C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\WINDOWS\system32\Macromed\Director\SwDir.dll [Shockwave ActiveX Control] -> [2007/08/07 16:20:44 | 000,182,248 | ---- | M] (Adobe Systems, Inc.)
{30528230-99F7-4BB4-88D8-FA1D4F56A2AB} [HKLM] -> C:\Program Files\Yahoo!\Common\YInstHelper.dll [Installation Support] -> [2007/11/28 15:55:58 | 000,211,744 | ---- | M] (Yahoo! Inc.)
{3107C2A8-9F0B-4404-A58B-21BD85268FBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{3369AF0D-62E9-4BDA-8103-B4C75499B578} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{38EEBABB-01E5-46B8-A737-FA2318DCCF1C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{39FD89BF-D3F1-45B6-BB56-3582CCF489E1} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2011/10/24 14:30:12 | 000,796,520 | ---- | M] (Apple Inc.)
{41293422-93FD-443C-B848-E07EDBF866C3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{41D68ED8-4CFF-4115-88A6-6EBB8AF19000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{444785F1-DE89-4295-863A-D46C3A781394} [HKLM] -> C:\Program Files\Unity\WebPlayer\loader\UnityWebPluginAX.ocx [UnityWebPlayer Control] -> [2008/07/17 19:51:56 | 000,508,656 | ---- | M] (Unity Technologies ApS)
{444785F1-DE89-4295-863A-D46C3A781394} [HKCU] -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Unity\WebPlayer\loader\UnityWebPluginAX.ocx [UnityWebPlayer Control] -> [2010/11/29 10:26:14 | 000,173,528 | ---- | M] (Unity Technologies ApS)
{4A368E80-174F-4872-96B5-0B27DDD11DB2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{4F878398-E58A-11D3-BEE9-00C04FA0D6BA} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\GbDetect.dll [Glassbook Detecter Class] -> [2004/12/14 01:15:42 | 000,067,192 | ---- | M] (Adobe Systems Incorporated)
{512ACF1B-64D9-4928-B382-A80556F28DB4} [HKLM] -> C:\Program Files\EarthLink\Toolbar\ElnkPuB.dll [ElnkPubBHO Class] -> [2006/10/11 16:25:46 | 000,206,616 | ---- | M] (EarthLink, Inc.)
{5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2011/10/03 04:06:06 | 000,112,416 | ---- | M] (Sun Microsystems, Inc.)
{5B7524C8-2446-40E9-9474-94A779DBA224} [HKLM] -> C:\WINDOWS\Downloaded Program Files\isusweb.dll [InstallShield Update Service Agent] -> [2005/06/10 10:44:02 | 000,417,792 | ---- | M] ()
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007/12/12 16:09:42 | 000,222,448 | ---- | M] (Yahoo! Inc.)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> [2005/05/31 04:33:00 | 000,118,844 | ---- | M] (Sonic Solutions)
{61539ECD-CC67-4437-A03C-9AACCBD14326} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{6FD5151B-A94A-4F6E-96FA-CD471AD4AA30} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{77E32299-629F-43C6-AB77-6A1E6D7663F6} [HKLM] -> C:\WINDOWS\Downloaded Program Files\OTOYAX.dll [Groove Control] -> [2005/10/21 15:38:02 | 000,510,136 | ---- | M] ()
{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8736C681-37A0-40C6-A0F0-4C083409151C} [HKLM] -> Reg Error: Key error. [] -> File not found
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_29.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:11 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.)
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{92277284-D839-45C7-B806-82BE1E86FEBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{93EFDAB8-8800-4896-B428-76F943140E1B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9522B3FB-7A2B-4646-8AF6-36E7F593073C} [HKLM] -> C:\WINDOWS\CouponPrinter.ocx [cpbrkpie Control] -> [2009/11/19 15:16:27 | 000,068,824 | ---- | M] ()
{9579D574-D4D8-4335-9560-FE8641A013BD} [HKLM] -> C:\Program Files\EarthLink\Toolbar\ProtctIE.dll [ElnkProtectionBHO Class] -> [2006/10/11 16:25:50 | 000,251,672 | ---- | M] (EarthLink, Inc.)
{98279C38-DE4B-4BCF-93C9-8EC26069D6F4} [HKLM] ->  [ShopAtHome Toolbar] -> File not found
{99079A25-328F-4BD4-BE04-00955ACAA0A7} [HKLM] ->  [Searchqu Toolbar] -> File not found
{9D717F81-9148-4F12-8568-69135F087DB0} [HKLM] -> C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll [DataMngr] -> [2011/11/09 04:42:46 | 000,101,272 | ---- | M] (Bandoo Media, inc)
{9FF05104-B030-46FC-94B8-81276E4E27DF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{A8FA393E-7CD7-4046-9686-881CC8155709} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\WINDOWS\system32\msnetobj.dll [RMGetLicense Class] -> [2009/01/30 19:33:54 | 000,179,712 | ---- | M] (Microsoft Corporation)
{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} [HKLM] -> C:\WINDOWS\wt\webdriver\4.1.1\wthostctl.dll [WTHoster Class] -> [2004/04/26 15:19:34 | 000,057,344 | ---- | M] (WildTangent)
{B0CDA128-B425-4EEF-A174-61A11AC5DBF8} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BA52B914-B692-46C4-B683-905236F6F655} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} [HKLM] -> C:\WINDOWS\Downloaded Program Files\zylomgamesplayer.dll [Zylom Games Player] -> [2006/08/29 13:17:22 | 000,161,976 | ---- | M] ()
{C02226EB-A5D7-4B1F-BD7E-635E46C2288D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} [HKCU] -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll [Google Update Plugin] -> [2011/10/15 22:11:18 | 000,239,256 | ---- | M] (Google Inc.)
{C442AC41-9200-4770-8CC0-7CDB4F245C55} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C442AC41-9200-4770-8CC0-7CDB4F245C55} [HKCU] -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll [Google Update Plugin] -> [2011/10/15 22:11:18 | 000,239,256 | ---- | M] (Google Inc.)
{C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} [HKLM] -> C:\Program Files\Virtools\3D Life Player\WebPlayer.ocx [Virtools WebPlayer Class] -> [2007/09/04 15:48:34 | 000,300,344 | ---- | M] (Virtools SA)
{C7768536-96F8-4001-B1A2-90EE21279187} [HKLM] -> C:\Program Files\EarthLink\Toolbar\Toolbar.dll [EarthLink Toolbar] -> [2006/10/11 16:25:52 | 000,247,576 | ---- | M] (EarthLink, Inc.)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> c:\Program Files\GoogleAFE\GoogleAE.dll [CBrowserHelperObject Object] -> [2005/12/08 14:00:34 | 000,090,112 | ---- | M] (Google)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2006/11/27 10:25:38 | 000,292,488 | ---- | M] (Adobe Systems, Inc.)
{CD67F990-D8E9-11D2-98FE-00C0F0318AFE} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [HKLM] -> C:\WINDOWS\system32\rmoc3260.dll [RealPlayer G2 Control] -> [2006/02/16 00:37:35 | 000,157,696 | ---- | M] (RealNetworks)
{D02818A3-BD90-4369-951D-464336725225} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash11e.ocx [Shockwave Flash Object] -> [2011/12/13 11:30:13 | 008,632,480 | R--- | M] (Adobe Systems, Inc.)
{D4027C7F-154A-4066-A1AD-4243D8127440} [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [FrostWire Toolbar] -> [2011/02/01 18:17:24 | 001,487,240 | ---- | M] (Ask)
{D4323BF2-006A-4440-A2F5-27E3E7AB25F8} [HKLM] -> C:\Program Files\Virtools\3D Life Player\WebPlayer.ocx [Virtools WebPlayer Class] -> [2007/09/04 15:48:34 | 000,300,344 | ---- | M] (Virtools SA)
{D62D1B36-253D-4218-B033-5ACE0B42B8BF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D62D1B36-253D-4218-B033-5ACE0B42B8BF} [HKCU] -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\InContext Solutions\Shopping InContext\InContextU31.dll [IEWebGameCtrl Class] -> [2011/01/11 14:18:42 | 000,144,360 | ---- | M] (InContext Solutions, LLC)
{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} [HKLM] -> C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll [WeCareReminder Class] -> [2011/04/22 07:13:36 | 000,359,936 | ---- | M] (We-Care.com)
{D9288080-1BAA-4BC4-9CF8-A92D743DB949} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} [HKLM] ->  [MessengerChecker Class] -> File not found
{DA80E089-4648-43D5-93B4-7F37917084E6} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} [HKLM] -> C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx [QuickTimeCheck Class] -> [2011/10/24 14:30:12 | 000,137,064 | ---- | M] (Apple Inc.)
{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{DF780F87-FF2B-4DF8-92D0-73DB16A1543A} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} [HKLM] -> c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll [Microsoft Silverlight] -> [2011/08/30 15:48:52 | 001,025,864 | ---- | M] ( Microsoft Corporation)
{E2E2DD38-D088-4134-82B7-F2BA38496583} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{e3e02f12-2adb-478c-8742-5f0819f9f0f4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{e3e02f12-2adb-478c-8742-5f0819f9f0f4} [HKCU] -> C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll [] -> [2009/10/11 19:49:21 | 004,183,416 | ---- | M] (Move Networks)
{e473a65c-8087-49a3-affd-c5bc4a10669b} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{e473a65c-8087-49a3-affd-c5bc4a10669b} [HKCU] -> C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll [] -> [2009/10/11 19:49:21 | 004,183,416 | ---- | M] (Move Networks)
{E713904C-DF05-4C79-BBAD-02DB923253BE} [HKLM] -> C:\Program Files\EarthLink\Toolbar\uninsttb.dll [ElnkLegacyUninstBHO Class] -> [2006/10/11 16:25:54 | 000,096,024 | ---- | M] (EarthLink, Inc.)
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [Yahoo! Toolbar] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{FB5F1910-F110-11D2-BB9E-00C04F795683} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{fc345d4c-b8f4-4674-bff7-3c37d2e535ee} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{fc345d4c-b8f4-4674-bff7-3c37d2e535ee} [HKCU] -> C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll [] -> [2009/10/11 19:49:21 | 004,183,416 | ---- | M] (Move Networks)
{fd6484ed-ebe3-4c3d-938a-8238003b41b7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{fd6484ed-ebe3-4c3d-938a-8238003b41b7} [HKCU] -> C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll [] -> [2009/10/11 19:49:21 | 004,183,416 | ---- | M] (Move Networks)
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\YTSingleInstance.dll [SingleInstance Class] -> [2010/01/21 23:25:08 | 000,158,520 | ---- | M] (Yahoo! Inc)
{FE063DB1-4EC0-403E-8DD8-394C54984B2C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{FE063DB9-4EC0-403E-8DD8-394C54984B2C} [HKLM] ->  [Ask Toolbar] -> File not found
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
6to4 ->  -> File not found
Ias ->  -> File not found
Iprip ->  -> File not found
Irmon ->  -> File not found
Nwsapagent ->  -> File not found
WmdmPmSp ->  -> File not found
*MultiFile Done* -> -> 
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
inbox:{37540F19-DD4C-478B-B2DF-C19281BCAF27} [HKLM] -> Reg Error: Key error.[] -> File not found
rebinfo:{AF808758-C780-404C-A4EE-4526323FD9B6} [HKLM] -> Reg Error: Key error.[] -> File not found
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> 
NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] -> C:\WINDOWS\system32\nwprovau.dll -> [2008/04/13 18:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000005 [mdnsNSP] -> C:\Program Files\Bonjour\mdnsNSP.dll -> [2011/08/30 22:05:02 | 000,121,704 | ---- | M] (Apple Inc.)
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
{05BFB060-4F22-4710-B0A2-2801A1B606C5} -> Microsoft Antimalware
{06E6E30D-B498-442F-A943-07DE41D7F785} -> Microsoft Search Enhancement Pack
{075473F5-846A-448B-BCB3-104AA1760205} -> Sonic RecordNow Data
{08234a0d-cf39-4dca-99f0-0c5cb496da81} -> Bing Bar
{0840B4D6-7DD1-4187-8523-E6FC0007EFB7} -> Windows Live ID Sign-in Assistant
{0BEDBD4E-2D34-47B5-9973-57E62B29307C} -> ATI Control Panel
{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B} -> Microsoft Plus! Photo Story 2 LE
{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -> Sonic DLA
{15D43B60-DAED-435D-894E-E58947A5CCC8} -> Tango
{1A15507A-8551-4626-915D-3D5FA095CC1B} -> Corel Paint Shop Pro X
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{21657574-BD54-48A2-9450-EB03B2C7FC29} -> Sonic MyDVD LE
{237CD223-1B9D-47E8-A76C-E478B83CCEA2} -> File Uploader
{23B35809-5E4A-4F14-8332-1CDEDDFAC089} -> CP_Package_Variety2
{26A24AE4-039D-4CA4-87B4-2F83216013FF} -> Java(TM) 6 Update 29
{26A24AE4-039D-4CA4-87B4-2F83216015F0} -> Java(TM) 6 Update 15
{29ED20C9-5E15-4969-9279-25BF3727A3DA} -> iTunes
{30465B6C-B53F-49A1-9EBA-A3F187AD502E} -> Sonic Update Manager
{3248F0A8-6813-11D6-A77B-00B0D0150060} -> J2SE Runtime Environment 5.0 Update 6
{3248F0A8-6813-11D6-A77B-00B0D0150090} -> J2SE Runtime Environment 5.0 Update 9
{3248F0A8-6813-11D6-A77B-00B0D0150100} -> J2SE Runtime Environment 5.0 Update 10
{3248F0A8-6813-11D6-A77B-00B0D0160010} -> Java(TM) SE Runtime Environment 6 Update 1
{3248F0A8-6813-11D6-A77B-00B0D0160020} -> Java(TM) 6 Update 2
{3248F0A8-6813-11D6-A77B-00B0D0160030} -> Java(TM) 6 Update 3
{33BB4982-DC52-4886-A03B-F4C5C80BEE89} -> Windows Media Player 10
{34910BCD-F6D8-4FDD-BB2F-4622ED2DD132} -> Vantage Point Report Viewer
{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{352310C3-E46B-42D3-8F32-54721FDD72D9} -> NetZeroInstallers
{3EE33958-7381-4E7B-A4F3-6E43098E9E9C} -> Google AFE
{3F92ABBB-6BBF-11D5-B229-002078017FBF} -> Modem On Hold
{4667B940-BB01-428B-986E-A0CC46497BF7} -> ELIcon
{4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
{4E79A62F-7A2D-4058-BCE0-94E6B9E2F162} -> USB Disk Win98 Driver
{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1 -> RebateInformer
{4F7177E9-2B54-48B4-AAFD-03FA1F87A542} -> Bing Bar Platform
{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1} -> CP_Package_Variety1
{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B} -> Microsoft Security Client
{5905F42D-3F5F-4916-ADA6-94A3646AEE76} -> Dell Driver Reset Tool
{612AD33D-9824-4E87-8396-92374E91C4BB}_is1 -> Inbox Toolbar
{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C} -> AOLIcon
{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} -> Windows Genuine Advantage v1.3.0254.0
{6811CAA0-BF12-11D4-9EA1-0050BAE317E1} -> PowerDVD 5.5
{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} -> Windows Media Player Firefox Plugin
{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33} -> Digital Content Portal
{6DA93E66-5FA8-44ED-9CCA-40773444C10D} -> HP Deskjet 3050 J610 series Basic Device Software
{6E45BA47-383C-4C1E-8ED0-0D4845C293D7} -> Microsoft Plus! Digital Media Edition Installer
{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} -> Microsoft Visual C++ 2005 Redistributable
{7148F0A8-6813-11D6-A77B-00B0D0142030} -> Java 2 Runtime Environment, SE v1.4.2_03
{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE} -> EarthLink setup files
{74F7662C-B1DB-489E-A8AC-07A06B24978B} -> Dell System Restore
{770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
{787D1A33-A97B-4245-87C0-7174609A540C} -> HP Update
{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} -> Apple Software Update
{79155F2B-9895-49D7-8612-D92580E0DE5B} -> Bonjour
{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68} -> Modem Event Monitor
{7BE15435-2D3E-4B58-867F-9C75BED0208C} -> QuickTime
{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D} -> DellSupport
{7F142D56-3326-11D5-B229-002078017FBF} -> Modem Helper
{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA} -> Intel(R) PROSet for Wired Connections
{86CE85E6-DBAC-3FFD-B977-E4B79F83C909} -> Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
{86D4B82A-ABED-442A-BE86-96357B70F4FE} -> Ask Toolbar
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{8A62A068-3FD6-495A-9F66-26FE94F32EC9} -> Rhapsody Player Engine
{8A9B8148-DDD7-448F-BD6C-358386D32354} -> Corel Photo Album 6
{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF} -> URGE
{95120000-00B9-0409-0000-0000000FF1CE} -> Microsoft Application Error Reporting
{9941F0AA-B903-4AF4-A055-83A9815CC011} -> Sonic Encoders
{9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
{9BE518E6-ECC6-35A9-88E4-87755C07200F} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
{9F4ECB4A-AFD9-4E9F-8DF2-1E339AF8F2CF} -> ASPCA Tri Reminder by We-Care.com v4.0.7.5
{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21} -> Apple Mobile Device Support
{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} -> Microsoft .NET Framework 3.0 Service Pack 2
{A83279FD-CA4B-4206-9535-90974DE76654} -> Apple Application Support
{AB708C9B-97C8-4AC9-899B-DBF226AC9382} -> Sonic Audio module
{AC76BA86-7AD7-1033-7B44-A70900000002} -> Adobe Reader 7.0.9
{AF19F291-F22F-4798-9662-525305AE9E48} -> WordPerfect Office 12
{B12665F4-4E93-4AB4-B7FC-37053B524629} -> Sonic RecordNow Copy
{B57F2FF0-5A25-4332-B503-4592B370C02F} -> CP_Package_Variety3
{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE} -> Microsoft XML Parser
{B8C2A83F-20B0-49D9-BA2B-6495DD8639ED} -> EarthLink Toolbar
{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120} -> Microsoft Default Manager
{C057F6D0-0E4C-4B18-B645-9D0804FCFAFD} -> EarthLink Common Authentication
{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} -> Microsoft .NET Framework 2.0 Service Pack 2
{C4124E95-5061-4776-8D5D-E3D931C778E1} -> Microsoft VC9 runtime libraries
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1
{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1
{D2988E9B-C73F-422C-AD4B-A66EBE257120} -> MCU
{D2FCC1AE-6311-47C5-8130-C6C66D77DD71} -> Nikon Message Center
{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7} -> Opera 9.52
{E6B87DC4-2B3D-4483-ADFF-E483BF718991} -> OpenOffice.org 3.1
{E93E5EF6-D361-481E-849D-F16EF5C78EBC} -> Musicmatch for Windows Media Player
{E9757890-7EC5-46C8-99AB-B00F07B6525C} -> Nikon Transfer
{F7632A9B-661E-4FD9-B1A4-3B86BC99847F} -> HP Deskjet 3050 J610 series Help
3554AA4B-9B0B-451a-A269-2B5F53982209_is1 -> ThreatFire 4.0
3A63F898C880C6A38C1D6D6E3E2300FF28E59320 -> Windows Driver Package - OEM (mr97320) Image  (04/20/2007 1.0.0.0)
3DGroove -> OTOY
Adobe Flash Player ActiveX -> Adobe Flash Player 11 ActiveX
Adobe Flash Player Plugin -> Adobe Flash Player 11 Plugin
Adobe Shockwave Player -> Adobe Shockwave Player
AskTBar Uninstall -> Ask Toolbar
ATI Display Driver -> ATI Display Driver
B3EE3001-DC24-4cd1-8743-5692C716659F -> Otto
CANONIJPLM100 -> Canon Inkjet Printer/Scanner/Fax Extended Survey Program
COMODO Internet Security -> COMODO Internet Security
Coupon Printer for Windows5.0.0.0 -> Coupon Printer for Windows
Dell Digital Jukebox Driver -> Dell Digital Jukebox Driver
DVD Decrypter -> DVD Decrypter (Remove Only)
DVD Shrink_is1 -> DVD Shrink 3.2
EmeraldQFE2 -> Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
FrostWire 5 -> FrostWire 5.1.5
HP Photo Creations -> HP Photo Creations
HyperStudio 4 iPreview -> HyperStudio 4 iPreview
IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs
ie7 -> Windows Internet Explorer 7
ie8 -> Windows Internet Explorer 8
Intel(R) 537EP V9x DF PCI Modem -> Intel(R) 537EP V9x DF PCI Modem
InterActual Player -> InterActual Player
LimeWire -> LimeWire 5.1.2
LivingPlay -> LivingPlay
Microsoft .NET Framework 1.1  (1033) -> Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1
Microsoft Security Client -> Microsoft Security Essentials
Mozilla Firefox 7.0.1 (x86 en-US) -> Mozilla Firefox 7.0.1 (x86 en-US)
MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP
MSNINST -> MSN
NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs
Owl and Mouse Africa Map Puzzle -> Owl and Mouse Africa Map Puzzle
PhotoShow Express -> PhotoShow Express
PreCast -> Ocucom PreCast 1.6
PROSet -> Intel(R) PRO Network Connections Drivers
Pyware 3D Performer's Practice Tools -> Pyware 3D Performer's Practice Tools
QQ Games -> QQ Games
QQ Pool -> QQ Pool
RealPlayer 6.0 -> RealPlayer Basic
Sandlot Games Client Services_is1 -> Sandlot Games Client Services
SelectRebatesUninstall -> ShopAtHome SelectRebates
StreetPlugin -> Learn2 Player (Uninstall Only)
UnityWebPlayer -> Unity Web Player
ViewpointMediaPlayer -> Viewpoint Media Player
Virtools3DLifePlayer -> Virtools 3D Life Player
VobSub -> VobSub v2.23 (Remove Only)
WebCyberCoach_wtrb -> WebCyberCoach 3.2 Dell
WildTangent CDA -> WildTangent Web Driver
Windows Media Format Runtime -> Windows Media Format 11 runtime
Windows Media Player -> Windows Media Player 11
Windows Searchqu Toolbar -> Windows iLivid Toolbar
Windows XP Service Pack -> Windows XP Service Pack 3
WMFDist11 -> Windows Media Format 11 runtime
wmp11 -> Windows Media Player 11
Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0
XviD MPEG4 Video Codec -> XviD MPEG4 Video Codec (remove only)
Yahoo! Companion -> Yahoo! Toolbar
Yahoo! Extras -> Yahoo! Browser Services
Yahoo! Search Defender -> Yahoo! Search Protection
Yahoo! Software Update -> Yahoo! Software Update
YTdetect -> Yahoo! Detect
< Uninstall List [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
{4E002314-9999-4402-9823-1CB9E6098849}_is1 -> Shopping InContext
GabPath -> GabPath
Google Chrome -> Google Chrome
Move Media Player -> Move Media Player
UnityWebPlayer -> Unity Web Player
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Error: Unable to start EventLog service!
 
[Files/Folders - Created Within 30 Days]
 cpnprt2.cid -> C:\WINDOWS\System32\cpnprt2.cid -> [2011/12/14 07:04:43 | 000,398,760 | R--- | C] (Coupons, Inc.)
 AppData -> C:\Documents and Settings\Carolyn\AppData -> [2011/12/06 15:25:24 | 000,000,000 | ---D | C]
 Ilivid Player -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Ilivid Player -> [2011/12/05 07:13:25 | 000,000,000 | ---D | C]
 boost_interprocess -> C:\Documents and Settings\All Users\Application Data\boost_interprocess -> [2011/12/05 07:08:37 | 000,000,000 | ---D | C]
 Windows iLivid Toolbar -> C:\Program Files\Windows iLivid Toolbar -> [2011/12/05 07:08:34 | 000,000,000 | ---D | C]
 PackageAware -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\PackageAware -> [2011/12/05 07:07:12 | 000,000,000 | ---D | C]
 SUPERAntiSpyware.exe -> C:\Program Files\SUPERAntiSpyware.exe -> [2011/08/20 00:00:26 | 012,495,296 | ---- | C] (SUPERAntiSpyware.com)
 PPTWinInstall.3.0.7.exe -> C:\Program Files\PPTWinInstall.3.0.7.exe -> [2011/08/19 08:00:26 | 048,267,960 | ---- | C] (Flexera Software)
 ChromeSetup.exe -> C:\Program Files\ChromeSetup.exe -> [2011/07/19 21:55:04 | 000,589,664 | ---- | C] (Google Inc.)
 PSRViewerSetup.exe -> C:\Program Files\PSRViewerSetup.exe -> [2010/11/24 14:48:06 | 005,389,804 | ---- | C] (Pipkins, Inc.                                               )
 LimeWireWin(2).exe -> C:\Program Files\LimeWireWin(2).exe -> [2010/10/17 17:03:02 | 030,164,216 | ---- | C] (Lime Wire LLC)
 jxpiinstall(3).exe -> C:\Program Files\jxpiinstall(3).exe -> [2010/10/05 06:27:47 | 000,874,272 | ---- | C] (Sun Microsystems, Inc.)
 jxpiinstall(2).exe -> C:\Program Files\jxpiinstall(2).exe -> [2010/10/05 06:20:41 | 000,714,528 | ---- | C] (Sun Microsystems, Inc.)
 autoupdater(2).exe -> C:\Program Files\autoupdater(2).exe -> [2010/09/17 05:30:48 | 002,320,763 | ---- | C] (InstallShield Software Corporation)
 CouponPrinter.exe -> C:\Program Files\CouponPrinter.exe -> [2010/06/26 10:52:32 | 001,068,544 | ---- | C] (Coupons.com Incorporated)
 spywareblastersetup43.exe -> C:\Program Files\spywareblastersetup43.exe -> [2010/05/25 11:45:24 | 003,103,640 | ---- | C] (Javacool Software LLC                                       )
 DivXWebPlayerInstaller.exe -> C:\Program Files\DivXWebPlayerInstaller.exe -> [2010/02/24 19:08:09 | 006,667,584 | ---- | C] (DivX, Inc.)
 TFC.exe -> C:\Program Files\TFC.exe -> [2009/12/25 20:07:32 | 000,410,624 | ---- | C] (OldTimer Tools)
 wmp11-windowsxp-x86-enu.exe -> C:\Program Files\wmp11-windowsxp-x86-enu.exe -> [2009/12/05 04:53:59 | 025,740,144 | ---- | C] (Microsoft Corporation)
 Shockwave_Installer_Slim(2).exe -> C:\Program Files\Shockwave_Installer_Slim(2).exe -> [2009/10/30 20:21:40 | 004,301,928 | ---- | C] (Adobe Systems Inc.)
 jxpiinstall.exe -> C:\Program Files\jxpiinstall.exe -> [2009/10/30 20:18:23 | 000,714,528 | ---- | C] (Sun Microsystems, Inc.)
 install_flash_player.exe -> C:\Program Files\install_flash_player.exe -> [2009/10/29 16:39:46 | 001,925,024 | ---- | C] (Adobe Systems Incorporated)
 Shockwave_Installer_Slim.exe -> C:\Program Files\Shockwave_Installer_Slim.exe -> [2009/05/28 20:02:17 | 003,500,808 | ---- | C] (Adobe Systems Inc.)
 LimeWireWin.exe -> C:\Program Files\LimeWireWin.exe -> [2009/05/02 15:18:50 | 016,509,288 | ---- | C] (Lime Wire LLC)
 PrecastSetup.exe -> C:\Program Files\PrecastSetup.exe -> [2009/01/10 11:46:22 | 006,479,282 | ---- | C] (Ocucom)
 ezvideos.exe -> C:\Program Files\ezvideos.exe -> [2008/12/03 19:36:45 | 004,283,512 | ---- | C] (W3i, LLC)
 CIS_Setup_3.5.55810.432_XP_Vista_x32.exe -> C:\Program Files\CIS_Setup_3.5.55810.432_XP_Vista_x32.exe -> [2008/12/02 22:05:19 | 027,206,408 | ---- | C] (COMODO)
 Firefox Setup 2.0.0.1.exe -> C:\Program Files\Firefox Setup 2.0.0.1.exe -> [2007/01/20 12:50:31 | 005,971,432 | ---- | C] (Mozilla)
 DVDFabDecrypter29.exe -> C:\Program Files\DVDFabDecrypter29.exe -> [2006/05/25 17:24:18 | 001,320,111 | ---- | C] (Fengtao Software Inc.                                       )
 
[Files/Folders - Modified Within 30 Days]
 GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005UA.job -> [2011/12/15 11:16:00 | 000,000,986 | ---- | M] ()
 Scheduled Update for Ask Toolbar.job -> C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job -> [2011/12/15 11:01:00 | 000,000,238 | ---- | M] ()
 wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2011/12/15 06:32:18 | 000,002,206 | ---- | M] ()
 MP Scheduled Scan.job -> C:\WINDOWS\tasks\MP Scheduled Scan.job -> [2011/12/15 03:21:54 | 000,000,424 | -H-- | M] ()
 bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2011/12/15 03:15:55 | 000,002,048 | --S- | M] ()
 FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2011/12/15 03:15:51 | 000,372,080 | ---- | M] ()
 imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2011/12/15 00:19:30 | 000,001,393 | ---- | M] ()
 GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005Core.job -> [2011/12/14 23:16:00 | 000,000,934 | ---- | M] ()
 KGyGaAvL.sys -> C:\WINDOWS\System32\KGyGaAvL.sys -> [2011/12/14 17:44:37 | 000,006,686 | ---- | M] ()
 3DC448A41C.sys -> C:\WINDOWS\System32\3DC448A41C.sys -> [2011/12/14 17:44:37 | 000,000,152 | RHS- | M] ()
 WordPerfect.lnk -> C:\Documents and Settings\Carolyn\Desktop\WordPerfect.lnk -> [2011/12/14 17:44:28 | 000,002,429 | ---- | M] ()
 PKP_DLdu.DAT -> C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT -> [2011/12/14 17:03:31 | 000,000,020 | -H-- | M] ()
 MBR.dat -> C:\Documents and Settings\Carolyn\Desktop\MBR.dat -> [2011/12/14 13:56:30 | 000,000,512 | ---- | M] ()
 cpnprt2.cid -> C:\WINDOWS\System32\cpnprt2.cid -> [2011/12/14 07:04:43 | 000,398,760 | R--- | M] (Coupons, Inc.)
 FlashPlayerCPLApp.cpl -> C:\WINDOWS\System32\FlashPlayerCPLApp.cpl -> [2011/12/13 11:30:15 | 000,414,368 | ---- | M] (Adobe Systems Incorporated)
 AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2011/12/09 15:40:12 | 000,000,284 | ---- | M] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> [2011/12/06 15:30:12 | 000,000,742 | ---- | M] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk -> [2011/12/06 15:30:12 | 000,000,724 | ---- | M] ()
 win32k.sys -> C:\WINDOWS\System32\win32k.sys -> [2011/11/23 07:25:32 | 001,859,584 | ---- | M] (Microsoft Corporation)
 win32k.sys -> C:\WINDOWS\System32\dllcache\win32k.sys -> [2011/11/23 07:25:32 | 001,859,584 | ---- | M] (Microsoft Corporation)
 Google Chrome.lnk -> C:\Documents and Settings\Carolyn\Desktop\Google Chrome.lnk -> [2011/11/18 11:18:11 | 000,002,300 | ---- | M] ()
 Google Chrome.lnk -> C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> [2011/11/18 11:18:11 | 000,002,278 | ---- | M] ()
 2 C:\Documents and Settings\Carolyn\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Carolyn\Local Settings\Temp\*.tmp -> 
 
[Files - No Company Name]
 WordPerfect.lnk -> C:\Documents and Settings\Carolyn\Desktop\WordPerfect.lnk -> [2011/12/14 15:42:29 | 000,002,429 | ---- | C] ()
 MBR.dat -> C:\Documents and Settings\Carolyn\Desktop\MBR.dat -> [2011/12/14 13:56:30 | 000,000,512 | ---- | C] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> [2011/12/06 15:30:12 | 000,000,742 | ---- | C] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk -> [2011/12/06 15:30:12 | 000,000,730 | ---- | C] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk -> [2011/12/06 15:30:12 | 000,000,724 | ---- | C] ()
 Win98Driver.exe -> C:\WINDOWS\Win98Driver.exe -> [2011/01/05 18:22:42 | 001,892,352 | ---- | C] ()
 avira_antivir_personal_en.exe -> C:\Program Files\avira_antivir_personal_en.exe -> [2010/07/24 07:03:36 | 044,089,904 | ---- | C] ()
 setup_av_free(2).exe -> C:\Program Files\setup_av_free(2).exe -> [2010/06/23 16:45:56 | 052,566,928 | ---- | C] ()
 spywareguardsetup.exe -> C:\Program Files\spywareguardsetup.exe -> [2010/05/25 11:42:42 | 002,062,665 | ---- | C] ()
 setup_av_free.exe -> C:\Program Files\setup_av_free.exe -> [2010/04/24 21:58:13 | 048,417,032 | ---- | C] ()
 d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2010/04/09 06:19:23 | 000,000,664 | ---- | C] ()
 AutoGK.ini -> C:\Documents and Settings\Carolyn\Application Data\AutoGK.ini -> [2010/03/27 16:33:26 | 000,000,540 | ---- | C] ()
 AutoGordianKnot.2.55.Setup.exe -> C:\Program Files\AutoGordianKnot.2.55.Setup.exe -> [2010/03/27 16:22:29 | 012,341,641 | ---- | C] ()
 IowaWeatherMap.jpg -> C:\Program Files\IowaWeatherMap.jpg -> [2010/02/21 20:28:00 | 000,057,086 | ---- | C] ()
 Perl -> C:\Documents and Settings\All Users\Application Data\Perl -> [2009/12/25 18:47:37 | 000,000,268 | RH-- | C] ()
 PageLibraries -> C:\Documents and Settings\Carolyn\Application Data\PageLibraries -> [2009/12/25 18:47:37 | 000,000,268 | RH-- | C] ()
 PKP_DLdu.DAT -> C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT -> [2009/12/25 18:47:37 | 000,000,020 | -H-- | C] ()
 msoffice.ini -> C:\WINDOWS\msoffice.ini -> [2009/12/25 09:03:20 | 000,000,002 | ---- | C] ()
 FixVTS.ini -> C:\Documents and Settings\Carolyn\Application Data\FixVTS.ini -> [2009/12/19 19:34:16 | 000,000,120 | ---- | C] ()
 FixVTS1.603.zip -> C:\Program Files\FixVTS1.603.zip -> [2009/12/19 18:44:45 | 000,032,944 | ---- | C] ()
 yahoomailuploader_0.5.exe -> C:\Program Files\yahoomailuploader_0.5.exe -> [2009/12/15 20:31:07 | 001,089,840 | ---- | C] ()
 RADTools19q.exe -> C:\Program Files\RADTools19q.exe -> [2009/12/02 18:02:18 | 001,320,837 | ---- | C] ()
 vlc-1.0.3-win32.exe -> C:\Program Files\vlc-1.0.3-win32.exe -> [2009/12/02 17:50:56 | 018,030,130 | ---- | C] ()
 yahoo_cinematycoon2_tm6-3.exe -> C:\Program Files\yahoo_cinematycoon2_tm6-3.exe -> [2009/11/15 15:34:40 | 032,770,344 | ---- | C] ()
 popcinfot.dat -> C:\WINDOWS\popcinfot.dat -> [2009/11/10 08:09:34 | 000,000,044 | ---- | C] ()
 popcreg.dat -> C:\WINDOWS\popcreg.dat -> [2009/11/10 08:09:34 | 000,000,000 | ---- | C] ()
 gp.xpi -> C:\Program Files\gp.xpi -> [2009/10/29 16:39:16 | 000,465,778 | ---- | C] ()
 videoimp.ini -> C:\WINDOWS\videoimp.ini -> [2009/10/04 07:35:46 | 000,000,593 | ---- | C] ()
 vidx16.dll -> C:\WINDOWS\System32\vidx16.dll -> [2009/10/04 07:35:22 | 000,010,240 | ---- | C] ()
 marscam.ini -> C:\WINDOWS\marscam.ini -> [2009/10/04 07:30:55 | 000,000,042 | ---- | C] ()
 PopCapPluginInstaller_v2_en.exe -> C:\Program Files\PopCapPluginInstaller_v2_en.exe -> [2009/08/18 09:17:07 | 000,284,184 | ---- | C] ()
 BWAVol2Setup_1_1.exe -> C:\Program Files\BWAVol2Setup_1_1.exe -> [2009/08/18 09:14:34 | 057,604,344 | ---- | C] ()
 Genevieve Jr Miss Louisa County.jpg -> C:\Program Files\Genevieve Jr Miss Louisa County.jpg -> [2009/06/12 14:38:22 | 001,104,331 | ---- | C] ()
 myspace_cube.pdf -> C:\Program Files\myspace_cube.pdf -> [2009/06/08 08:32:36 | 000,291,180 | ---- | C] ()
 myspace_calendar.pdf -> C:\Program Files\myspace_calendar.pdf -> [2009/06/08 08:30:56 | 000,404,712 | ---- | C] ()
 yahoo_annasicecream_tm6-3.exe -> C:\Program Files\yahoo_annasicecream_tm6-3.exe -> [2009/06/07 11:01:57 | 025,083,936 | ---- | C] ()
 hpzids01.dll -> C:\WINDOWS\System32\hpzids01.dll -> [2009/05/11 12:14:45 | 000,077,824 | R--- | C] ()
 epenilek.ini -> C:\WINDOWS\System32\epenilek.ini -> [2009/04/11 18:17:50 | 001,403,901 | -HS- | C] ()
 xvidvfw.dll -> C:\WINDOWS\System32\xvidvfw.dll -> [2009/01/25 15:10:48 | 000,179,200 | ---- | C] ()
 xvidcore.dll -> C:\WINDOWS\System32\xvidcore.dll -> [2009/01/08 17:01:22 | 000,629,760 | ---- | C] ()
 XEMTAJjl.ini -> C:\WINDOWS\System32\XEMTAJjl.ini -> [2008/11/30 20:08:46 | 000,907,380 | -HS- | C] ()
 XEMTAJjl.ini2 -> C:\WINDOWS\System32\XEMTAJjl.ini2 -> [2008/11/30 20:08:46 | 000,907,313 | -HS- | C] ()
 GuiStyle.exe -> C:\Program Files\GuiStyle.exe -> [2008/10/18 16:49:28 | 000,343,235 | ---- | C] ()
 atid.ini -> C:\WINDOWS\atid.ini -> [2008/10/03 18:58:00 | 000,000,021 | ---- | C] ()
 d3d8caps.dat -> C:\WINDOWS\System32\d3d8caps.dat -> [2008/06/19 18:24:40 | 000,000,552 | ---- | C] ()
 Textart.INI -> C:\WINDOWS\Textart.INI -> [2008/02/15 15:50:48 | 000,000,000 | ---- | C] ()
 iplayer.INI -> C:\WINDOWS\iplayer.INI -> [2007/11/20 18:20:31 | 000,000,000 | ---- | C] ()
 SIERRA.INI -> C:\WINDOWS\SIERRA.INI -> [2007/07/15 09:11:12 | 000,000,044 | ---- | C] ()
 mr320exd.dll -> C:\WINDOWS\System32\mr320exd.dll -> [2007/04/10 12:40:22 | 000,028,672 | ---- | C] ()
 mr320exv.dll -> C:\WINDOWS\System32\mr320exv.dll -> [2007/04/03 17:45:36 | 000,049,152 | ---- | C] ()
 RipIt4Me.zip -> C:\Program Files\RipIt4Me.zip -> [2007/03/24 13:25:58 | 000,202,071 | ---- | C] ()
 mozver.dat -> C:\WINDOWS\mozver.dat -> [2007/01/21 07:48:08 | 000,001,168 | ---- | C] ()
 Unwise32.exe -> C:\WINDOWS\Unwise32.exe -> [2006/10/04 15:06:42 | 000,128,000 | ---- | C] ()
 1CA448C43D.sys -> C:\WINDOWS\System32\1CA448C43D.sys -> [2006/09/17 09:54:55 | 000,000,088 | RHS- | C] ()
 QTSBandwidthCache -> C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache -> [2006/08/27 08:18:14 | 000,001,755 | ---- | C] ()
 superman_ss_osx.sit.hqx -> C:\Program Files\superman_ss_osx.sit.hqx -> [2006/07/10 13:05:45 | 004,445,923 | ---- | C] ()
 LEXSTAT.INI -> C:\WINDOWS\LEXSTAT.INI -> [2006/07/03 17:06:06 | 000,000,108 | ---- | C] ()
 d3dx.dat -> C:\WINDOWS\d3dx.dat -> [2006/06/23 15:16:55 | 000,004,096 | ---- | C] ()
 msgr75us.exe -> C:\Program Files\msgr75us.exe -> [2006/06/13 11:19:41 | 000,398,376 | ---- | C] ()
 popcinfo.dat -> C:\WINDOWS\popcinfo.dat -> [2006/06/12 16:12:26 | 000,000,024 | ---- | C] ()
 ka.ini -> C:\WINDOWS\ka.ini -> [2006/06/07 12:34:45 | 000,000,000 | ---- | C] ()
 SetupDVDDecrypter_3.5.4.0.exe -> C:\Program Files\SetupDVDDecrypter_3.5.4.0.exe -> [2006/05/25 17:02:57 | 000,899,414 | ---- | C] ()
 Classic_0.91.7.zip -> C:\Program Files\Classic_0.91.7.zip -> [2006/05/25 17:02:26 | 000,793,583 | ---- | C] ()
 dvdshrink32setup.zip -> C:\Program Files\dvdshrink32setup.zip -> [2006/05/25 16:48:38 | 001,094,021 | ---- | C] ()
 123freesolitaire.exe -> C:\Program Files\123freesolitaire.exe -> [2006/04/30 14:30:17 | 003,645,968 | ---- | C] ()
 KGyGaAvL.sys -> C:\WINDOWS\System32\KGyGaAvL.sys -> [2006/03/05 17:17:02 | 000,006,686 | ---- | C] ()
 3DC448A41C.sys -> C:\WINDOWS\System32\3DC448A41C.sys -> [2006/03/05 17:17:02 | 000,000,152 | RHS- | C] ()
 PFP120JPR.{PB -> C:\Documents and Settings\Carolyn\Application Data\PFP120JPR.{PB -> [2006/02/26 06:55:23 | 000,061,678 | ---- | C] ()
 PFP120JCM.{PB -> C:\Documents and Settings\Carolyn\Application Data\PFP120JCM.{PB -> [2006/02/26 06:55:23 | 000,012,358 | ---- | C] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2006/02/20 22:03:25 | 000,019,456 | ---- | C] ()
 fusioncache.dat -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\fusioncache.dat -> [2006/02/20 17:55:02 | 000,000,130 | ---- | C] ()
 smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2006/02/16 00:50:02 | 000,000,061 | ---- | C] ()
 UNWISE.EXE -> C:\WINDOWS\UNWISE.EXE -> [2006/02/16 00:41:32 | 000,149,504 | ---- | C] ()
 wininit.ini -> C:\WINDOWS\wininit.ini -> [2006/02/16 00:37:56 | 000,000,556 | ---- | C] ()
 nsreg.dat -> C:\WINDOWS\nsreg.dat -> [2006/02/16 00:36:44 | 000,000,335 | ---- | C] ()
 setpwrcg.exe -> C:\WINDOWS\setpwrcg.exe -> [2006/02/16 00:12:58 | 000,049,152 | ---- | C] ()
 atiicdxx.dat -> C:\WINDOWS\System32\atiicdxx.dat -> [2006/02/16 00:12:54 | 000,095,617 | ---- | C] ()
 OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2006/02/16 00:12:26 | 000,000,392 | ---- | C] ()
 bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2005/08/16 04:48:31 | 000,002,048 | --S- | C] ()
 emptyregdb.dat -> C:\WINDOWS\System32\emptyregdb.dat -> [2005/08/16 04:38:45 | 000,021,640 | ---- | C] ()
 fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2005/08/16 04:37:24 | 000,001,793 | ---- | C] ()
 ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2005/08/16 04:33:38 | 000,004,161 | ---- | C] ()
 FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2005/08/16 04:27:59 | 000,372,080 | ---- | C] ()
 secupd.dat -> C:\WINDOWS\System32\secupd.dat -> [2005/08/16 04:18:35 | 000,004,569 | ---- | C] ()
 perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2005/08/16 04:18:33 | 000,445,798 | ---- | C] ()
 perfi009.dat -> C:\WINDOWS\System32\perfi009.dat -> [2005/08/16 04:18:33 | 000,272,128 | ---- | C] ()
 perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2005/08/16 04:18:33 | 000,073,004 | ---- | C] ()
 perfd009.dat -> C:\WINDOWS\System32\perfd009.dat -> [2005/08/16 04:18:33 | 000,028,626 | ---- | C] ()
 oembios.dat -> C:\WINDOWS\System32\oembios.dat -> [2005/08/16 04:18:32 | 000,004,627 | ---- | C] ()
 oembios.bin -> C:\WINDOWS\System32\oembios.bin -> [2005/08/16 04:18:30 | 013,107,200 | ---- | C] ()
 noise.dat -> C:\WINDOWS\System32\noise.dat -> [2005/08/16 04:18:28 | 000,000,741 | ---- | C] ()
 mlang.dat -> C:\WINDOWS\System32\mlang.dat -> [2005/08/16 04:18:23 | 000,673,088 | ---- | C] ()
 mib.bin -> C:\WINDOWS\System32\mib.bin -> [2005/08/16 04:18:23 | 000,046,258 | ---- | C] ()
 dssec.dat -> C:\WINDOWS\System32\dssec.dat -> [2005/08/16 04:18:15 | 000,218,003 | ---- | C] ()
 dcache.bin -> C:\WINDOWS\System32\dcache.bin -> [2005/08/16 04:18:08 | 000,001,804 | ---- | C] ()
 psisdecd.dll -> C:\WINDOWS\System32\psisdecd.dll -> [2005/08/05 14:01:54 | 000,235,008 | ---- | C] ()
 px.ini -> C:\WINDOWS\System32\px.ini -> [2005/06/22 13:37:46 | 000,000,000 | ---- | C] ()
 unrar.dll -> C:\WINDOWS\System32\unrar.dll -> [2002/10/15 16:54:04 | 000,153,088 | ---- | C] ()
 hptcpmon.ini -> C:\WINDOWS\System32\hptcpmon.ini -> [2001/07/06 15:30:00 | 000,003,399 | ---- | C] ()
 
[File - Lop Check]
 !SASCORE -> C:\Documents and Settings\All Users\Application Data\!SASCORE -> [2011/08/04 21:20:43 | 000,000,000 | ---D | M]
 2ACA5CC3-0F83-453D-A079-1076FE1A8B65 -> C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 -> [2009/03/30 18:55:59 | 000,000,000 | ---D | M]
 Alwil Software -> C:\Documents and Settings\All Users\Application Data\Alwil Software -> [2010/02/13 17:45:52 | 000,000,000 | ---D | M]
 boost_interprocess -> C:\Documents and Settings\All Users\Application Data\boost_interprocess -> [2011/12/06 06:48:14 | 000,000,000 | ---D | M]
 CanonIJEGV -> C:\Documents and Settings\All Users\Application Data\CanonIJEGV -> [2010/11/08 18:19:45 | 000,000,000 | -H-D | M]
 CanonIJPLM -> C:\Documents and Settings\All Users\Application Data\CanonIJPLM -> [2011/06/11 19:59:44 | 000,000,000 | ---D | M]
 CanonIJScan -> C:\Documents and Settings\All Users\Application Data\CanonIJScan -> [2011/04/16 21:18:58 | 000,000,000 | -H-D | M]
 CanonIJSetup000 -> C:\Documents and Settings\All Users\Application Data\CanonIJSetup000 -> [2010/06/16 18:49:45 | 000,000,000 | ---D | M]
 CanonIJSetup001 -> C:\Documents and Settings\All Users\Application Data\CanonIJSetup001 -> [2010/06/16 18:49:50 | 000,000,000 | ---D | M]
 CanonIJSetup002 -> C:\Documents and Settings\All Users\Application Data\CanonIJSetup002 -> [2010/06/16 18:49:53 | 000,000,000 | ---D | M]
 CanonIJSetup003 -> C:\Documents and Settings\All Users\Application Data\CanonIJSetup003 -> [2010/06/16 18:49:55 | 000,000,000 | ---D | M]
 Dictionaries -> C:\Documents and Settings\All Users\Application Data\Dictionaries -> [2009/12/25 18:47:37 | 000,000,000 | ---D | M]
 EA -> C:\Documents and Settings\All Users\Application Data\EA -> [2008/07/16 07:18:47 | 000,000,000 | ---D | M]
 EnterNHelp -> C:\Documents and Settings\All Users\Application Data\EnterNHelp -> [2009/12/25 18:47:37 | 000,000,000 | ---D | M]
 Graboid Inc -> C:\Documents and Settings\All Users\Application Data\Graboid Inc -> [2009/03/29 14:05:16 | 000,000,000 | ---D | M]
 HipSoft -> C:\Documents and Settings\All Users\Application Data\HipSoft -> [2007/11/30 10:47:09 | 000,000,000 | ---D | M]
 n7-89-o9-3r-4t-r9 -> C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9 -> [2007/11/30 11:16:25 | 000,000,000 | ---D | M]
 Nikon -> C:\Documents and Settings\All Users\Application Data\Nikon -> [2009/12/25 18:48:11 | 000,000,000 | ---D | M]
 PlayFirst -> C:\Documents and Settings\All Users\Application Data\PlayFirst -> [2007/11/30 12:05:42 | 000,000,000 | ---D | M]
 PopCap Games -> C:\Documents and Settings\All Users\Application Data\PopCap Games -> [2009/11/10 08:14:10 | 000,000,000 | ---D | M]
 Qwest -> C:\Documents and Settings\All Users\Application Data\Qwest -> [2010/06/08 16:19:25 | 000,000,000 | ---D | M]
 Sandlot Games -> C:\Documents and Settings\All Users\Application Data\Sandlot Games -> [2006/07/14 09:13:25 | 000,000,000 | ---D | M]
 SupportSoft -> C:\Documents and Settings\All Users\Application Data\SupportSoft -> [2008/02/02 16:31:31 | 000,000,000 | ---D | M]
 TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2011/12/15 03:16:41 | 000,000,000 | ---D | M]
 Ultima_T15 -> C:\Documents and Settings\All Users\Application Data\Ultima_T15 -> [2009/12/25 18:47:37 | 000,000,000 | ---D | M]
 Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [2009/07/03 08:49:25 | 000,000,000 | ---D | M]
 Visan -> C:\Documents and Settings\All Users\Application Data\Visan -> [2011/04/22 17:27:53 | 000,000,000 | ---D | M]
 Vivendi Universal Games -> C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games -> [2006/06/07 12:32:26 | 000,000,000 | ---D | M]
 WeCareReminder -> C:\Documents and Settings\All Users\Application Data\WeCareReminder -> [2011/06/04 22:21:24 | 000,000,000 | ---D | M]
 WildTangent -> C:\Documents and Settings\All Users\Application Data\WildTangent -> [2006/12/21 21:36:11 | 000,000,000 | ---D | M]
 ZangoSA -> C:\Documents and Settings\All Users\Application Data\ZangoSA -> [2009/03/30 18:55:59 | 000,000,000 | ---D | M]
 Zylom -> C:\Documents and Settings\All Users\Application Data\Zylom -> [2008/10/04 14:56:01 | 000,000,000 | ---D | M]
 {429CAD59-35B1-4DBC-BB6D-1DB246563521} -> C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} -> [2011/02/12 08:57:53 | 000,000,000 | ---D | M]
 Canon -> C:\Documents and Settings\Carolyn\Application Data\Canon -> [2011/04/16 21:21:21 | 000,000,000 | ---D | M]
 Catalina Marketing Corp -> C:\Documents and Settings\Carolyn\Application Data\Catalina Marketing Corp -> [2011/04/22 05:50:10 | 000,000,000 | ---D | M]
 EA -> C:\Documents and Settings\Carolyn\Application Data\EA -> [2006/03/27 11:40:36 | 000,000,000 | ---D | M]
 eMusic -> C:\Documents and Settings\Carolyn\Application Data\eMusic -> [2011/02/27 09:22:13 | 000,000,000 | ---D | M]
 FrostWire -> C:\Documents and Settings\Carolyn\Application Data\FrostWire -> [2011/07/26 08:54:52 | 000,000,000 | ---D | M]
 GameHouse -> C:\Documents and Settings\Carolyn\Application Data\GameHouse -> [2007/11/30 11:16:16 | 000,000,000 | ---D | M]
 GetModule -> C:\Documents and Settings\Carolyn\Application Data\GetModule -> [2008/11/30 20:04:16 | 000,000,000 | ---D | M]
 Graboid Inc -> C:\Documents and Settings\Carolyn\Application Data\Graboid Inc -> [2009/03/30 18:44:07 | 000,000,000 | ---D | M]
 Image Zone Express -> C:\Documents and Settings\Carolyn\Application Data\Image Zone Express -> [2010/04/16 18:53:25 | 000,000,000 | ---D | M]
 Inbox Toolbar -> C:\Documents and Settings\Carolyn\Application Data\Inbox Toolbar -> [2011/09/30 11:06:23 | 000,000,000 | ---D | M]
 Jane s Hotel -> C:\Documents and Settings\Carolyn\Application Data\Jane s Hotel -> [2008/07/11 19:04:08 | 000,000,000 | ---D | M]
 Leadertech -> C:\Documents and Settings\Carolyn\Application Data\Leadertech -> [2006/02/26 06:52:51 | 000,000,000 | ---D | M]
 Nikon -> C:\Documents and Settings\Carolyn\Application Data\Nikon -> [2009/12/25 18:58:09 | 000,000,000 | ---D | M]
 OpenCandy -> C:\Documents and Settings\Carolyn\Application Data\OpenCandy -> [2011/05/28 10:56:14 | 000,000,000 | ---D | M]
 OpenOffice.org -> C:\Documents and Settings\Carolyn\Application Data\OpenOffice.org -> [2011/10/05 17:28:39 | 000,000,000 | ---D | M]
 Opera -> C:\Documents and Settings\Carolyn\Application Data\Opera -> [2008/09/18 20:50:43 | 000,000,000 | ---D | M]
 PCToolsFirewallPlus -> C:\Documents and Settings\Carolyn\Application Data\PCToolsFirewallPlus -> [2008/12/02 17:52:11 | 000,000,000 | ---D | M]
 Philips -> C:\Documents and Settings\Carolyn\Application Data\Philips -> [2010/09/16 04:57:51 | 000,000,000 | ---D | M]
 Philips-Songbird -> C:\Documents and Settings\Carolyn\Application Data\Philips-Songbird -> [2010/09/16 04:53:21 | 000,000,000 | ---D | M]
 PlayFirst -> C:\Documents and Settings\Carolyn\Application Data\PlayFirst -> [2008/08/08 17:16:06 | 000,000,000 | ---D | M]
 PreCast -> C:\Documents and Settings\Carolyn\Application Data\PreCast -> [2011/07/11 10:41:32 | 000,000,000 | ---D | M]
 QQ Games -> C:\Documents and Settings\Carolyn\Application Data\QQ Games -> [2008/10/04 15:14:23 | 000,000,000 | ---D | M]
 QQ Games Plugin -> C:\Documents and Settings\Carolyn\Application Data\QQ Games Plugin -> [2008/10/03 18:59:14 | 000,000,000 | ---D | M]
 ri4mupdater -> C:\Documents and Settings\Carolyn\Application Data\ri4mupdater -> [2007/04/22 14:39:34 | 000,000,000 | ---D | M]
 RipIt4Me -> C:\Documents and Settings\Carolyn\Application Data\RipIt4Me -> [2010/07/29 16:42:46 | 000,000,000 | ---D | M]
 ScamBlocker -> C:\Documents and Settings\Carolyn\Application Data\ScamBlocker -> [2006/12/21 21:20:44 | 000,000,000 | ---D | M]
 Simple Star -> C:\Documents and Settings\Carolyn\Application Data\Simple Star -> [2007/11/23 14:44:37 | 000,000,000 | ---D | M]
 Terrapin -> C:\Documents and Settings\Carolyn\Application Data\Terrapin -> [2009/01/10 11:49:27 | 000,000,000 | ---D | M]
 Uniblue -> C:\Documents and Settings\Carolyn\Application Data\Uniblue -> [2008/10/14 16:59:23 | 000,000,000 | ---D | M]
 Viewpoint -> C:\Documents and Settings\Carolyn\Application Data\Viewpoint -> [2008/09/12 17:03:10 | 000,000,000 | ---D | M]
 Visan -> C:\Documents and Settings\Carolyn\Application Data\Visan -> [2011/04/22 17:27:53 | 000,000,000 | ---D | M]
 W Photo Studio -> C:\Documents and Settings\Carolyn\Application Data\W Photo Studio -> [2009/11/21 16:11:00 | 000,000,000 | ---D | M]
 W Photo Studio Viewer -> C:\Documents and Settings\Carolyn\Application Data\W Photo Studio Viewer -> [2009/11/21 16:14:54 | 000,000,000 | ---D | M]
 Walgreens -> C:\Documents and Settings\Carolyn\Application Data\Walgreens -> [2009/09/07 07:23:49 | 000,000,000 | ---D | M]
 WebRenderer -> C:\Documents and Settings\Carolyn\Application Data\WebRenderer -> [2006/07/03 18:14:53 | 000,000,000 | ---D | M]
 Wildfire -> C:\Documents and Settings\Carolyn\Application Data\Wildfire -> [2006/07/01 08:49:16 | 000,000,000 | ---D | M]
 MP Scheduled Scan.job -> C:\WINDOWS\Tasks\MP Scheduled Scan.job -> [2011/12/15 03:21:54 | 000,000,424 | -H-- | M] ()
 Scheduled Update for Ask Toolbar.job -> C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job -> [2011/12/15 11:01:00 | 000,000,238 | ---- | M] ()
 
[File - Purity Scan]
 
 
[Alternate Data Streams]
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E36F5B57
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80B291A7
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3A6BC948
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C202A457
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C5A35877
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:680DD2F1
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27EEEB5C
< End of report >

  • 0

#15
huggster26

huggster26

    Member

  • Topic Starter
  • Member
  • PipPip
  • 77 posts
from extras.txt:
OTL Extras logfile created on: 12/14/2011 11:25:03 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Carolyn\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.07 Mb Total Physical Memory | 147.39 Mb Available Physical Memory | 14.42% Memory free
2.40 Gb Paging File | 1.23 Gb Available in Paging File | 51.08% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 109.72 Gb Free Space | 76.03% Space Free | Partition Type: NTFS

Computer Name: HIGGINS | User Name: Carolyn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"UPDATESDISABLENOTIFY" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM
"C:\Documents and Settings\Princess\Application Data\MySpace\IM\bin\MySpaceIM.exe" = C:\Documents and Settings\Princess\Application Data\MySpace\IM\bin\MySpaceIM.exe:*:Disabled:MySpace Instant Messenger -- ()
"C:\Program Files\Graboid\GraboidVideo\1.4.0.0\DLManager\GraboidDLManager.exe" = C:\Program Files\Graboid\GraboidVideo\1.4.0.0\DLManager\GraboidDLManager.exe:*:Enabled:SABnzbd-0.2.5
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer -- (LimeWire)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire
"C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe" = C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP Device Setup -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe" = C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Network Communicator -- (Hewlett-Packard Co.)
"C:\Program Files\FrostWire 5\FrostWire.exe" = C:\Program Files\FrostWire 5\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{15D43B60-DAED-435D-894E-E58947A5CCC8}" = Tango
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83216015F0}" = Java™ 6 Update 15
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{34910BCD-F6D8-4FDD-BB2F-4622ED2DD132}" = Vantage Point Report Viewer
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Google AFE
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E79A62F-7A2D-4058-BCE0-94E6B9E2F162}" = USB Disk Win98 Driver
"{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1" = RebateInformer
"{4F7177E9-2B54-48B4-AAFD-03FA1F87A542}" = Bing Bar Platform
"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6DA93E66-5FA8-44ED-9CCA-40773444C10D}" = HP Deskjet 3050 J610 series Basic Device Software
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A62A068-3FD6-495A-9F66-26FE94F32EC9}" = Rhapsody Player Engine
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F4ECB4A-AFD9-4E9F-8DF2-1E339AF8F2CF}" = ASPCA Tri Reminder by We-Care.com v4.0.7.5
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio module
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B8C2A83F-20B0-49D9-BA2B-6495DD8639ED}" = EarthLink Toolbar
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{C057F6D0-0E4C-4B18-B645-9D0804FCFAFD}" = EarthLink Common Authentication
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}" = Opera 9.52
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire 4.0
"3A63F898C880C6A38C1D6D6E3E2300FF28E59320" = Windows Driver Package - OEM (mr97320) Image (04/20/2007 1.0.0.0)
"3DGroove" = OTOY
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AskTBar Uninstall" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"COMODO Internet Security" = COMODO Internet Security
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"FrostWire 5" = FrostWire 5.1.5
"HP Photo Creations" = HP Photo Creations
"HyperStudio 4 iPreview" = HyperStudio 4 iPreview
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"InterActual Player" = InterActual Player
"LimeWire" = LimeWire 5.1.2
"LivingPlay" = LivingPlay
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Owl and Mouse Africa Map Puzzle" = Owl and Mouse Africa Map Puzzle
"PhotoShow Express" = PhotoShow Express
"PreCast" = Ocucom PreCast 1.6
"PROSet" = Intel® PRO Network Connections Drivers
"Pyware 3D Performer's Practice Tools" = Pyware 3D Performer's Practice Tools
"QQ Games" = QQ Games
"QQ Pool" = QQ Pool
"RealPlayer 6.0" = RealPlayer Basic
"Sandlot Games Client Services_is1" = Sandlot Games Client Services
"SelectRebatesUninstall" = ShopAtHome SelectRebates
"StreetPlugin" = Learn2 Player (Uninstall Only)
"UnityWebPlayer" = Unity Web Player
"ViewpointMediaPlayer" = Viewpoint Media Player
"Virtools3DLifePlayer" = Virtools 3D Life Player
"VobSub" = VobSub v2.23 (Remove Only)
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Searchqu Toolbar" = Windows iLivid Toolbar
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YTdetect" = Yahoo! Detect

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4E002314-9999-4402-9823-1CB9E6098849}_is1" = Shopping InContext
"GabPath" = GabPath
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

Error: Unable to start EventLog service!

< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP