searchqu! how can I permanently delete? [Closed] - Geeks to Go Forums

Jump to content

Log in Register Register Malware removal guide How it works

searchqu! how can I permanently delete? [Closed]

#6 huggster26

  • Group: Member
  • Posts: 65
  • Joined: 01-December 08

Posted 14 December 2011 - 01:54 PM

results from aswmbr.txt:

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-12-14 13:49:47
-----------------------------
13:49:47.640 OS Version: Windows 5.1.2600 Service Pack 3
13:49:47.640 Number of processors: 2 586 0x403
13:49:47.640 ComputerName: HIGGINS UserName: Carolyn
13:50:06.187 Initialize success
13:50:46.078 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
13:50:46.078 Disk 0 Vendor: WDC_WD1600JS-75NCB1 10.02E01 Size: 152587MB BusType: 3
13:50:48.109 Disk 0 MBR read successfully
13:50:48.125 Disk 0 MBR scan
13:50:48.125 Disk 0 unknown MBR code
13:50:48.171 Disk 0 scanning sectors +312496380
13:50:48.375 Disk 0 scanning C:\WINDOWS\system32\drivers
13:51:06.593 Service scanning
13:51:08.156 Service MpKslc929e47f c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D19A23CA-4E58-414F-BB90-691B33579F81}\MpKslc929e47f.sys **LOCKED** 32
13:51:08.890 Modules scanning
13:51:13.796 Disk 0 trace - called modules:
13:51:13.812 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
13:51:13.812 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8977bab8]
13:51:13.812 3 CLASSPNP.SYS[f7652fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x89764b00]
13:51:13.812 Scan finished successfully
13:56:30.437 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Carolyn\Desktop\MBR.dat"
13:56:30.437 The log file has been saved successfully to "C:\Documents and Settings\Carolyn\Desktop\aswMBR.txt"

#7 havredave

  • Group: Malware Removal
  • Posts: 802
  • Joined: 25-March 10

Posted 14 December 2011 - 03:57 PM

Ok, that log looks good to me. Let's go one step further on your MBR and double-check it:

Please visit VirScan.org.

Click the Browse button near the top of the page, and paste the following into the File name box:

C:\Documents and Settings\Carolyn\Desktop\MBR.dat


Click Open, then press the Upload button.

It won't take very long to upload, as the file is very small. If VirScan reports that the file has already been scanned, click the See Result button. Otherwise, press the Scan button.

When VirScan shows you a result page, please copy the URL (should be similar to http://r.virscan.org...bcd6bf135f7ef32), and paste it in your next response.



I'm still going to need a good scan output too, so I'd like you to try OTL one more time; pay attention to the lower-left-hand corner of the OTL window. That's where it indicates what it's doing. It should change now and again, sometimes rapidly and sometimes not. If it stops and does nothing, can you let me know what it said down there?

If OTL fails again, I'll ask you to use a few different scanners instead.

#8 havredave

  • Group: Malware Removal
  • Posts: 802
  • Joined: 25-March 10

Posted 14 December 2011 - 04:27 PM

Actually, I'd like to post an addendum to my last; if VirScan says it's already scanned that file, please tell it to scan it again, as it most definitely has not seen your exact MBR before.

Sorry for that. I use canned responses where I can, for accuracy, and sometimes that 'accuracy' comes back to bite me. :whistling:

#9 huggster26

  • Group: Member
  • Posts: 65
  • Joined: 01-December 08

Posted 14 December 2011 - 11:19 PM

http://r.virscan.org...2b37181c06.html

when I ran the OTL program it ran through all the files....I'll try 1 more time. I got it to run the other day but just ran a quick scan. Not sure but I kept the settings the same as what you had asked....

#10 huggster26

  • Group: Member
  • Posts: 65
  • Joined: 01-December 08

Posted 14 December 2011 - 11:54 PM

OTL ran again and no output file. I have boxes LOP check, Purity check and under 'extra registry' use safe list selected. It starts out scanning windows programs and it looks like it is going through the files. What am I missing? I just tried to look at it again and in the box it is white - I have the hourglass but nothing on that page.
:/

#11 havredave

  • Group: Malware Removal
  • Posts: 802
  • Joined: 25-March 10

Posted 15 December 2011 - 10:19 AM

Quite interesting, but this isn't a game-ender.

What sort of response did you get back from VirScan, on your MBR.dat file?

Let's use a different utility to get a scan, if we can:

Download OTS to your Desktop and double-click on it to run it
  • Make sure you close all other programs and don't use the PC while the scan runs.
  • Put marks in the following boxes in the "Additional Scans" box:
    • Reg - Ext
    • Reg - IE Explorer Bars
    • Reg - NetSvcs
    • Reg - Protocol Filters
    • Reg - Protocol Handlers
    • Reg - Winsock2 Catalogs
    • Reg - Uninstall List
    • Evnt - EventViewer Logs (Last 10 Errors)
    • File - Lop Check
    • File - Purity Scan

  • Next, please paste the following into the "Custom Scans" box:
    netsvcs
%SYSTEMDRIVE%\*.exe
%USERPROFILE%\..|smtmp;true;true;true /FP
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
volsnap.*
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
CREATERESTOREPOINT

  • Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

Use the Add Reply button and post the information back here in an attachment. I will review it when it comes in. The last line is < End of Report >, so make sure that is the last line in the attached report.


Make sure you attach the report in your reply. If it is too big to upload, then zip the text file and upload it that way

#12 huggster26

  • Group: Member
  • Posts: 65
  • Joined: 01-December 08

Posted 15 December 2011 - 01:22 PM

sorry to say I ran this OTS and I am not getting a report on this in notepad either....what is the deal? I have not changed any settings except for what you have told me. and yes, notepad is an app in my computer. LOL

#13 havredave

  • Group: Malware Removal
  • Posts: 802
  • Joined: 25-March 10

Posted 15 December 2011 - 01:49 PM

Actually - can you try to open notepad for me, just to make sure it isn't messed up? There's also a possibility that notepad isn't set as your default .txt file handler. I could tell you what your default is, but I'd need a scan. ;)

Let's try this:

Please look on your desktop, where OTL and OTS are sitting, and look for an OTL.txt, Extras.txt, and OTS.txt file. While they may not have opened, it's possible they were still created.

If you can find them, please attach them to your next post, or if you can get them to open with something, copy/paste their contents in a post as you did the very first post.

I'll see about getting an alternative ready if they're not there. :)

#14 huggster26

  • Group: Member
  • Posts: 65
  • Joined: 01-December 08

Posted 15 December 2011 - 10:53 PM

from OTS.txt:
OTS logfile created on: 12/15/2011 11:29:07 AM - Run 1
OTS by OldTimer - Version 3.1.46.0     Folder = C:\Documents and Settings\Carolyn\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1,022.00 Mb Total Physical Memory | 394.00 Mb Available Physical Memory | 39.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 61.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 109.57 Gb Free Space | 75.93% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 15.39 Gb Total Space | 10.46 Gb Free Space | 67.96% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: HIGGINS
Current User Name: Carolyn
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
 
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Carolyn\My Documents\Downloads\OTS.exe -> [2011/12/15 11:28:19 | 000,646,144 | ---- | M] (OldTimer Tools)
chrome.exe -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\chrome.exe -> [2011/11/14 23:39:56 | 001,036,344 | ---- | M] (Google Inc.)
superantispyware.exe -> C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE -> [2011/11/12 23:48:52 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com)
datamn~1.exe -> C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe -> [2011/11/09 04:42:38 | 001,694,608 | ---- | M] (Bandoo Media, inc)
googlecrashhandler.exe -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\GoogleCrashHandler.exe -> [2011/10/15 22:11:17 | 000,140,952 | ---- | M] (Google Inc.)
sascore.exe -> C:\Program Files\SUPERAntiSpyware\SASCore.exe -> [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com)
msseces.exe -> C:\Program Files\Microsoft Security Client\msseces.exe -> [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation)
msmpeng.exe -> c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation)
cfp.exe -> C:\Program Files\COMODO\COMODO Internet Security\cfp.exe -> [2010/01/28 21:26:17 | 001,800,464 | ---- | M] (COMODO)
cmdagent.exe -> C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -> [2010/01/28 21:26:15 | 000,723,632 | ---- | M] (COMODO)
soffice.bin -> C:\Program Files\OpenOffice.org 3\program\soffice.bin -> [2009/04/23 05:29:18 | 007,418,368 | ---- | M] (OpenOffice.org)
soffice.exe -> C:\Program Files\OpenOffice.org 3\program\soffice.exe -> [2009/04/23 05:29:14 | 007,424,000 | ---- | M] (OpenOffice.org)
ijplmsvc.exe -> C:\Program Files\Canon\IJPLM\ijplmsvc.exe -> [2009/02/10 10:01:49 | 000,116,104 | ---- | M] ()
searchprotection.exe -> C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe -> [2009/02/03 07:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc)
tftray.exe -> C:\Program Files\ThreatFire\TFTray.exe -> [2008/11/17 13:04:58 | 000,263,456 | ---- | M] (PC Tools)
tfservice.exe -> C:\Program Files\ThreatFire\TFService.exe -> [2008/11/17 13:04:54 | 000,070,944 | ---- | M] (PC Tools)
yahooauservice.exe -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.)
nkmonitor.exe -> C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe -> [2008/09/30 14:06:50 | 000,485,208 | ---- | M] (Nikon Corporation)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
tmon.exe -> C:\Program Files\Ocucom\PreCast\tmon.exe -> [2008/02/12 11:24:26 | 001,811,120 | ---- | M] ()
dsagnt.exe -> C:\Program Files\DellSupport\DSAgnt.exe -> [2007/03/15 10:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.)
viewpointservice.exe -> C:\Program Files\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation)
sbupdate.exe -> C:\Program Files\EarthLink\Toolbar\SBUpdate.exe -> [2006/10/11 16:25:56 | 000,087,832 | ---- | M] (EarthLink, Inc.)
realplay.exe -> C:\Program Files\Real\RealPlayer\realplay.exe -> [2006/02/16 00:37:31 | 000,026,112 | ---- | M] (RealNetworks, Inc.)
mediadetect.exe -> C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe -> [2006/02/09 16:34:54 | 000,106,496 | ---- | M] (Corel, Inc.)
res.exe -> C:\Program Files\USB Disk Win98 Driver\Res.exe -> [2005/09/14 20:44:14 | 000,065,536 | ---- | M] (ali)
stsystra.exe -> C:\WINDOWS\stsystra.exe -> [2005/03/23 00:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.)
hpzipm12.exe -> C:\WINDOWS\system32\HPZipm12.exe -> [2005/03/14 11:05:02 | 000,069,632 | ---- | M] (HP)
mssysmgr.exe -> C:\Program Files\Simple Star\PhotoShow Deluxe 3\data\Xtras\mssysmgr.exe -> [2005/01/21 18:04:42 | 000,163,840 | ---- | M] (Simple Star, Inc.)
 
[Modules - No Company Name]
sd10006.dll -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll -> [2011/12/15 06:34:52 | 000,063,488 | ---- | M] ()
sd10007.dll -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll -> [2011/12/15 06:34:52 | 000,052,736 | ---- | M] ()
ppgooglenaclpluginchrome.dll -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll -> [2011/11/14 23:39:54 | 000,420,920 | ---- | M] ()
pdf.dll -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll -> [2011/11/14 23:39:53 | 003,702,840 | ---- | M] ()
avutil-51.dll -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avutil-51.dll -> [2011/11/14 23:38:16 | 000,122,952 | ---- | M] ()
avformat-53.dll -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avformat-53.dll -> [2011/11/14 23:38:15 | 000,222,280 | ---- | M] ()
avcodec-53.dll -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avcodec-53.dll -> [2011/11/14 23:38:14 | 001,746,504 | ---- | M] ()
gcswf32.dll -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll -> [2011/11/14 20:36:18 | 008,593,056 | ---- | M] ()
zlib1.dll -> C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll -> [2011/09/27 06:23:00 | 000,087,912 | ---- | M] ()
libxml2.dll -> C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll -> [2011/09/27 06:22:40 | 001,242,472 | ---- | M] ()
uirepair.dll -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL -> [2011/08/20 00:04:15 | 000,117,760 | ---- | M] ()
sd10005.dll -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll -> [2011/08/20 00:04:15 | 000,052,224 | ---- | M] ()
sbe.dll -> C:\WINDOWS\system32\sbe.dll -> [2011/02/04 17:48:30 | 000,291,840 | ---- | M] ()
quartz.dll -> C:\WINDOWS\system32\quartz.dll -> [2010/02/05 12:27:45 | 001,291,776 | ---- | M] ()
mach32.dll -> C:\Program Files\COMODO\COMODO Internet Security\scanners\mach32.dll -> [2010/01/28 21:26:40 | 001,143,056 | ---- | M] ()
libxml2.dll -> C:\Program Files\OpenOffice.org 3\program\libxml2.dll -> [2009/04/16 12:02:16 | 000,970,752 | ---- | M] ()
ijplmsvc.exe -> C:\Program Files\Canon\IJPLM\ijplmsvc.exe -> [2009/02/10 10:01:49 | 000,116,104 | ---- | M] ()
script.cav -> C:\Program Files\COMODO\COMODO Internet Security\scanners\script.cav -> [2008/12/02 22:06:43 | 000,028,672 | ---- | M] ()
msdmo.dll -> C:\WINDOWS\system32\msdmo.dll -> [2008/04/13 18:11:59 | 000,014,336 | ---- | M] ()
devenum.dll -> C:\WINDOWS\system32\devenum.dll -> [2008/04/13 18:11:51 | 000,059,904 | ---- | M] ()
tmon.exe -> C:\Program Files\Ocucom\PreCast\tmon.exe -> [2008/02/12 11:24:26 | 001,811,120 | ---- | M] ()
 
[Win32 Services - Safe List]
(!SASCORE) SAS Core Service [Unknown | Running] -> C:\Program Files\SUPERAntiSpyware\SASCore.exe -> [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com)
(MsMpSvc) Microsoft Antimalware Service [Unknown | Running] -> c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation)
(cmdAgent) COMODO Internet Security Helper Service [Unknown | Running] -> C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -> [2010/01/28 21:26:15 | 000,723,632 | ---- | M] (COMODO)
(IJPLMSVC) Canon Inkjet Printer/Scanner/Fax Extended Survey Program [Unknown | Running] -> C:\Program Files\Canon\IJPLM\ijplmsvc.exe -> [2009/02/10 10:01:49 | 000,116,104 | ---- | M] ()
(ThreatFire) ThreatFire [Unknown | Running] -> C:\Program Files\ThreatFire\TFService.exe -> [2008/11/17 13:04:54 | 000,070,944 | ---- | M] (PC Tools)
(YahooAUService) Yahoo! Updater [Unknown | Running] -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.)
(DSBrokerService) DSBrokerService [Unknown | Stopped] -> C:\Program Files\DellSupport\brkrsvc.exe -> [2007/03/07 14:47:46 | 000,076,848 | ---- | M] ()
(Viewpoint Manager Service) Viewpoint Manager Service [Unknown | Running] -> C:\Program Files\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation)
(Pml Driver HPZ12) Pml Driver HPZ12 [Unknown | Running] -> C:\WINDOWS\system32\HPZipm12.exe -> [2005/03/14 11:05:02 | 000,069,632 | ---- | M] (HP)
 
[Driver Services - Safe List]
(MpKsl201c01c3) MpKsl201c01c3 [Kernel | Unknown | Running] -> c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D19A23CA-4E58-414F-BB90-691B33579F81}\MpKsl201c01c3.sys -> [2011/12/15 03:16:54 | 000,029,904 | ---- | M] (Microsoft Corporation)
(SASDIFSV) SASDIFSV [Kernel | Unknown | Running] -> C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -> [2011/07/22 10:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASKUTIL) SASKUTIL [Kernel | Unknown | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -> [2011/07/12 15:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(cmdGuard) COMODO Internet Security Sandbox Driver [File_System | Unknown | Running] -> C:\WINDOWS\system32\drivers\cmdguard.sys -> [2010/02/07 10:01:34 | 000,134,344 | ---- | M] (COMODO)
(Inspect) COMODO Internet Security Firewall Driver [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\inspect.sys -> [2010/01/28 21:26:25 | 000,087,104 | ---- | M] (COMODO)
(cmdHlp) COMODO Internet Security Helper Driver [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\cmdhlp.sys -> [2010/01/28 21:26:24 | 000,025,160 | ---- | M] (COMODO)
(TfSysMon) TfSysMon [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\TfSysMon.sys -> [2008/11/17 13:05:14 | 000,039,200 | ---- | M] (PC Tools)
(TfNetMon) TfNetMon [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\TfNetMon.sys -> [2008/11/17 13:05:12 | 000,033,056 | ---- | M] (PC Tools)
(TfFsMon) TfFsMon [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\TfFsMon.sys -> [2008/11/17 13:05:08 | 000,051,488 | ---- | M] (PC Tools)
(NwlnkIpx) NWLink IPX/SPX/NetBIOS Compatible Transport Protocol [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\nwlnkipx.sys -> [2008/04/13 12:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation)
(mr97320) PC-Camera [Kernel | Unknown | Stopped] -> C:\WINDOWS\system32\drivers\mr97320.sys -> [2007/04/20 16:44:08 | 000,069,248 | ---- | M] (Mars Semiconductor Corp.)
(dsunidrv) DellSupport UniDriver [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\dsunidrv.sys -> [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.)
(DSproct) DSproct [Kernel | Unknown | Running] -> C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -> [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.)
(ASCTRM) ASCTRM [Kernel | Unknown | Running] -> C:\WINDOWS\System32\drivers\asctrm.sys -> [2006/02/16 00:37:34 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider)
(ati2mtag) ati2mtag [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\ati2mtag.sys -> [2005/08/04 04:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.)
(STHDA) High Definition Audio Driver (WDM) - SigmaTel CODEC [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2005/06/14 22:40:08 | 000,180,864 | ---- | M] (SigmaTel, Inc.)
(NwlnkNb) NWLink NetBIOS [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\nwlnknb.sys -> [2004/08/10 05:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation)
(NwlnkSpx) NWLink SPX/SPXII Protocol [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\nwlnkspx.sys -> [2004/08/10 05:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation)
(IntelC53) IntelC53 [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\IntelC53.sys -> [2004/06/16 03:52:40 | 000,061,157 | ---- | M] (Intel Corporation)
(IntelC52) IntelC52 [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\IntelC52.sys -> [2004/03/06 04:15:34 | 000,647,929 | ---- | M] (Intel Corporation)
(IntelC51) IntelC51 [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\IntelC51.sys -> [2004/03/06 04:14:42 | 001,233,525 | ---- | M] (Intel Corporation)
(mohfilt) mohfilt [Kernel | Unknown | Running] -> C:\WINDOWS\system32\drivers\mohfilt.sys -> [2004/03/06 04:13:38 | 000,037,048 | ---- | M] (Intel Corporation)
(netrcacm) RCA USB Digital Cable Modem Driver [Kernel | Unknown | Stopped] -> C:\WINDOWS\system32\drivers\netrcacm.sys -> [2003/01/20 12:50:36 | 000,020,648 | ---- | M] (Thomson Inc.)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Secondary Start Pages" -> http://news.yahoo.com [binary data] -> 
HKEY_LOCAL_MACHINE\: Search\\"CustomSearch" -> http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html -> 
HKEY_LOCAL_MACHINE\: Search\\"Default_Page_URL" -> http://www.google.com/ig/dell?hl=en -> 
HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.com/ie -> 
HKEY_LOCAL_MACHINE\: Search\\"Start Page" -> http://www.google.com/ig/dell?hl=en -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\"Default_Page_URL" -> http://www.yahoo.com/?fr=fp-yie8 -> 
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com -> 
HKEY_CURRENT_USER\: Main\\"SearchDefaultBranded" -> 1 -> 
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Google -> 
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 -> 
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.yahoo.com/ -> 
HKEY_CURRENT_USER\: Main\\"Start Page Restore" -> http://www.yahoo.com/?fr=fp-yie8 -> 
HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://www.google.com/ie -> 
HKEY_CURRENT_USER\: SearchURL\\"" -> http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com -> 
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> 
HKEY_CURRENT_USER\: "ProxyOverride" -> *.mchsd.com;*.local -> 
HKEY_CURRENT_USER\: "ProxyServer" -> walledgarden.mchsd.com:8000 -> 
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\prefs.js -> 
browser.search.defaultengine -> "Ask.com" ->
browser.search.defaultenginename -> "Search Results" ->
browser.search.defaultthis.engineName -> "Radio TV 1 Customized Web Search" ->
browser.search.defaulturl -> "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=13&q=" ->
browser.search.order.1 -> "Search Results" ->
browser.search.selectedEngine -> "Search Results" ->
browser.search.useDBForOrder -> true ->
browser.startup.homepage -> "http://www.searchqu.com/406" ->
extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 ->
extensions.enabledItems -> {c2f863cd-0429-48c7-bb54-db756a951760}:5.21.1.1 ->
extensions.enabledItems -> {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5 ->
extensions.enabledItems -> piclens@cooliris.com:1.12.0.36949 ->
extensions.enabledItems -> facepad@lazyrussian.com:0.8.2 ->
extensions.enabledItems -> jqs@sun.com:1.0 ->
extensions.enabledItems -> moveplayer@movenetworks.com:7 ->
extensions.enabledItems -> {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.2 ->
extensions.enabledItems -> personas@christopher.beard:1.6.1 ->
extensions.enabledItems -> {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313 ->
extensions.enabledItems -> plugin@yontoo.com:1.03.01 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 ->
extensions.enabledItems -> {23ec984e-464c-4a0c-a8df-f80cb8c090e1}:2.7.2.0 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 ->
extensions.enabledItems -> searchtoolbar@zugo.com:1.2 ->
extensions.enabledItems -> {f29557fd-78aa-40e6-aba8-9fa219764018}:3.3.0.19 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 ->
keyword.URL -> "http://dts.search-results.com/sr?src=ffb&appid=113&systemid=406&sr=0&q=" ->
network.proxy.ftp -> "walledgarden.mchsd.com" ->
network.proxy.ftp_port -> 8000 ->
network.proxy.gopher -> "walledgarden.mchsd.com" ->
network.proxy.gopher_port -> 8000 ->
network.proxy.http -> "walledgarden.mchsd.com" ->
network.proxy.http_port -> 8000 ->
network.proxy.no_proxies_on -> "*.mchsd.com" ->
network.proxy.share_proxy_settings -> true ->
network.proxy.socks -> "walledgarden.mchsd.com" ->
network.proxy.socks_port -> 8000 ->
network.proxy.ssl -> "walledgarden.mchsd.com" ->
network.proxy.ssl_port -> 8000 ->
< FireFox Settings [User.js] > -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\user.js -> 
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com -> C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\Firefox [C:\PROGRAM FILES\MSN TOOLBAR\PLATFORM\5.0.1449.0\FIREFOX] -> [2011/04/21 11:35:55 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502} -> C:\PROGRAM FILES\MICROSOFT\SEARCH ENHANCEMENT PACK\SEARCH HELPER\FIREFOXEXTENSION\SEARCHHELPEREXTENSION\ [C:\PROGRAM FILES\MICROSOFT\SEARCH ENHANCEMENT PACK\SEARCH HELPER\FIREFOXEXTENSION\SEARCHHELPEREXTENSION\] -> [2011/04/22 02:03:29 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 7.0.1\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011/12/06 15:29:47 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2011/11/04 15:47:21 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
  -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions -> [2011/12/05 07:09:58 | 000,000,000 | ---D | M]
  -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions\mozswing@mozswing.org -> [2009/05/02 15:23:35 | 000,000,000 | ---D | M]
  -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions\songbird@songbirdnest.com -> [2010/09/16 04:53:54 | 000,000,000 | ---D | M]
  -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions -> [2011/12/05 07:09:17 | 000,000,000 | ---D | M]
Aero Fox   -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66} -> [2009/04/11 10:36:45 | 000,000,000 | ---D | M]
Searchqu Toolbar   -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} -> [2011/12/05 07:09:18 | 000,000,000 | ---D | M]
  -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\chromifox@altmusictv.com -> [2009/05/27 17:50:27 | 000,000,000 | ---D | M]
< FireFox SearchPlugins [User Folders] > -> 
 aim-search.xml -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\searchplugins\aim-search.xml -> [2009/07/03 09:11:37 | 000,004,207 | ---- | M] ()
 askcom.xml -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\searchplugins\askcom.xml -> [2010/02/07 17:00:41 | 000,002,425 | ---- | M] ()
 bing-zugo.xml -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\searchplugins\bing-zugo.xml -> [2010/11/29 07:10:42 | 000,001,919 | ---- | M] ()
 conduit.xml -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\searchplugins\conduit.xml -> [2010/12/30 17:21:42 | 000,000,923 | ---- | M] ()
 mypoints-search.xml -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\searchplugins\mypoints-search.xml -> [2011/11/30 19:01:39 | 000,001,672 | ---- | M] ()
 Search_Results.xml -> C:\Documents and Settings\Carolyn\Application Data\Mozilla\FireFox\Profiles\mzu3msnt.default\searchplugins\Search_Results.xml -> [2011/12/05 07:08:36 | 000,002,519 | ---- | M] ()
< FireFox Extensions [Program Folders] > -> 
  -> C:\Program Files\Mozilla Firefox\extensions -> [2011/12/06 15:29:47 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} -> [2011/10/29 06:37:48 | 000,000,000 | ---D | M]
No name found -> C:\DOCUMENTS AND SETTINGS\CAROLYN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZU3MSNT.DEFAULT\EXTENSIONS\AMZNUWL2@AMAZON.COM.XPI -> ()
< HOSTS File > ([2009/04/11 18:18:07 | 000,001,070 | ---- | M] - 27 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> 
First 25 entries...
Reset Hosts
127.0.0.1	localhost
82.98.231.89	browser-security.microsoft.com
82.98.231.89	best-click-scanner.info
82.98.231.89	antivirus-xp-pro-2009.com
82.98.231.89	microsoft.infosecuritycenter.com
82.98.231.89	microsoft.softwaresecurityhelp.com
82.98.231.89	onlinenotifyq.net
82.98.231.89	antivirusxp-pro-2009.com
82.98.231.89	microsoft.browser-security-center.com
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{00000000-0000-0000-0000-000000000002} [HKLM] -> C:\Program Files\EarthLink\Toolbar\EScamBlk.dll [ElnkBhoGuard Class] -> [2006/10/11 16:25:46 | 000,198,424 | ---- | M] (EarthLink, Inc.)
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [&Yahoo! Toolbar Helper] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{15F4D456-5BAA-4076-8486-EECB38CD3E57} [HKLM] -> C:\Program Files\EarthLink\Toolbar\EScamBlk.dll [ElnkScamBHO Class] -> [2006/10/11 16:25:46 | 000,198,424 | ---- | M] (EarthLink, Inc.)
{2220F2A2-672E-4EF4-AE44-B802D4E38795} [HKLM] ->  [Reg Error: Value error.] -> File not found
{512ACF1B-64D9-4928-B382-A80556F28DB4} [HKLM] -> C:\Program Files\EarthLink\Toolbar\ElnkPuB.dll [ElnkPubBHO Class] -> [2006/10/11 16:25:46 | 000,206,616 | ---- | M] (EarthLink, Inc.)
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007/12/12 16:09:42 | 000,222,448 | ---- | M] (Yahoo! Inc.)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> [2005/05/31 04:33:00 | 000,118,844 | ---- | M] (Sonic Solutions)
{9579D574-D4D8-4335-9560-FE8641A013BD} [HKLM] -> C:\Program Files\EarthLink\Toolbar\ProtctIE.dll [ElnkProtectionBHO Class] -> [2006/10/11 16:25:50 | 000,251,672 | ---- | M] (EarthLink, Inc.)
{99079a25-328f-4bd4-be04-00955acaa0a7} [HKLM] ->  [Searchqu Toolbar] -> File not found
{9D717F81-9148-4f12-8568-69135F087DB0} [HKLM] -> C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll [DataMngr] -> [2011/11/09 04:42:46 | 000,101,272 | ---- | M] (Bandoo Media, inc)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> c:\Program Files\GoogleAFE\GoogleAE.dll [CBrowserHelperObject Object] -> [2005/12/08 14:00:34 | 000,090,112 | ---- | M] (Google)
{D4027C7F-154A-4066-A1AD-4243D8127440} [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [FrostWire Toolbar] -> [2011/02/01 18:17:24 | 001,487,240 | ---- | M] (Ask)
{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} [HKLM] -> C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll [WeCareReminder Class] -> [2011/04/22 07:13:36 | 000,359,936 | ---- | M] (We-Care.com)
{E713904C-DF05-4C79-BBAD-02DB923253BE} [HKLM] -> C:\Program Files\EarthLink\Toolbar\uninsttb.dll [ElnkLegacyUninstBHO Class] -> [2006/10/11 16:25:54 | 000,096,024 | ---- | M] (EarthLink, Inc.)
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\YTSingleInstance.dll [SingleInstance Class] -> [2010/01/21 23:25:08 | 000,158,520 | ---- | M] (Yahoo! Inc)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{98279C38-DE4B-4bcf-93C9-8EC26069D6F4}" [HKLM] ->  [ShopAtHome Toolbar] -> File not found
"{99079a25-328f-4bd4-be04-00955acaa0a7}" [HKLM] ->  [Searchqu Toolbar] -> File not found
"{C7768536-96F8-4001-B1A2-90EE21279187}" [HKLM] -> C:\Program Files\EarthLink\Toolbar\Toolbar.dll [EarthLink Toolbar] -> [2006/10/11 16:25:52 | 000,247,576 | ---- | M] (EarthLink, Inc.)
"{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [FrostWire Toolbar] -> [2011/02/01 18:17:24 | 001,487,240 | ---- | M] (Ask)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [Yahoo! Toolbar] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
"10" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{C7768536-96F8-4001-B1A2-90EE21279187}" [HKLM] -> C:\Program Files\EarthLink\Toolbar\Toolbar.dll [EarthLink Toolbar] -> [2006/10/11 16:25:52 | 000,247,576 | ---- | M] (EarthLink, Inc.)
WebBrowser\\"{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [FrostWire Toolbar] -> [2011/02/01 18:17:24 | 001,487,240 | ---- | M] (Ask)
WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [Yahoo! Toolbar] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
WebBrowser\\"{FE063DB9-4EC0-403E-8DD8-394C54984B2C}" [HKLM] ->  [Ask Toolbar] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"" ->  [] -> File not found
"APSDaemon" -> C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe ["C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"] -> [2011/09/27 06:22:28 | 000,059,240 | ---- | M] (Apple Inc.)
"COMODO Internet Security" -> C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ["C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h] -> [2010/01/28 21:26:17 | 001,800,464 | ---- | M] (COMODO)
"Corel Photo Downloader" -> C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe [C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe] -> [2006/02/09 16:34:54 | 000,106,496 | ---- | M] (Corel, Inc.)
"DATAMNGR" -> C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE] -> [2011/11/09 04:42:38 | 001,694,608 | ---- | M] (Bandoo Media, inc)
"MSC" -> c:\Program Files\Microsoft Security Client\msseces.exe ["c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey] -> [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation)
"Nikon Transfer Monitor" -> C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe] -> [2008/09/30 14:06:50 | 000,485,208 | ---- | M] (Nikon Corporation)
"RealTray" -> C:\Program Files\Real\RealPlayer\RealPlay.exe [C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER] -> [2006/02/16 00:37:31 | 000,026,112 | ---- | M] (RealNetworks, Inc.)
"SigmatelSysTrayApp" -> C:\WINDOWS\stsystra.exe [stsystra.exe] -> [2005/03/23 00:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.)
"ThreatFire" -> C:\Program Files\ThreatFire\TFTray.exe [C:\Program Files\ThreatFire\TFTray.exe] -> [2008/11/17 13:04:58 | 000,263,456 | ---- | M] (PC Tools)
"USB Storage Toolbox" -> C:\Program Files\USB Disk Win98 Driver\Res.exe [C:\Program Files\USB Disk Win98 Driver\Res.EXE] -> [2005/09/14 20:44:14 | 000,065,536 | ---- | M] (ali)
"YSearchProtection" -> C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe ["C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"] -> [2009/02/03 07:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"DellSupport" -> C:\Program Files\DellSupport\DSAgnt.exe ["C:\Program Files\DellSupport\DSAgnt.exe" /startup] -> [2007/03/15 10:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.)
"MsnMsgr" ->  ["C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background] -> File not found
"PhotoShow Deluxe Media Manager" -> C:\Program Files\Simple Star\PhotoShow Deluxe 3\data\Xtras\mssysmgr.exe [C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe] -> [2005/01/21 18:04:42 | 000,163,840 | ---- | M] (Simple Star, Inc.)
"RebateInformer" ->  [C:\PROGRA~1\REBATE~1\REBATE~1.EXE /STARTUP] -> File not found
"Search Protection" -> C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe] -> [2009/02/03 07:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc)
"SUPERAntiSpyware" -> C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> [2011/11/12 23:48:52 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com)
"updateMgr" -> C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe ["C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1] -> [2006/03/30 15:45:08 | 000,313,472 | R--- | M] (Adobe Systems Incorporated)
"YSearchProtection" -> C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe] -> [2009/02/03 07:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> [2005/09/23 21:05:26 | 000,029,696 | ---- | M] (Adobe Systems Incorporated)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PreCast Monitor.lnk -> C:\Program Files\Ocucom\PreCast\tmon.exe -> [2008/02/12 11:24:26 | 001,811,120 | ---- | M] ()
< Carolyn Startup Folder > -> C:\Documents and Settings\Carolyn\Start Menu\Programs\Startup -> 
C:\Documents and Settings\Carolyn\Start Menu\Programs\Startup\IMVU.lnk ->  -> File not found
C:\Documents and Settings\Carolyn\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe -> [2009/04/16 13:14:14 | 000,384,000 | ---- | M] ()
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" ->  [1] -> File not found
\\"NoCDBurning" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"InstallVisualStyle" -> C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> [2004/08/10 03:39:00 | 001,347,728 | ---- | M] (Microsoft)
\\"InstallTheme" -> C:\WINDOWS\Resources\Themes\Royale.Theme [C:\WINDOWS\Resources\Themes\Royale.theme] -> [2004/07/28 02:03:28 | 000,001,293 | ---- | M] ()
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
\\"NoDriveAutoRun" ->  [-1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 
&Search ->  [http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKfox000] -> File not found
E&xport to Microsoft Excel ->  [res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000] -> File not found
EarthLink Yahoo Search -> C:\Program Files\EarthLink\Toolbar\SearchUI.dll [res://C:\Program Files\EarthLink\Toolbar\SearchUI.dll/search.html] -> [2006/10/11 16:25:52 | 000,243,480 | ---- | M] (EarthLink, Inc.)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}:{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Button: Yahoo! Services] -> [2007/12/12 16:09:42 | 000,222,448 | ---- | M] (Yahoo! Inc.)
{d9288080-1baa-4bc4-9cf8-a92d743db949}:Exec [HKLM] -> C:\Documents and Settings\Carolyn\Start Menu\Programs\IMVU\Run IMVU.lnk [Button: Run IMVU] -> [2008/07/16 07:37:06 | 000,001,540 | ---- | M] ()
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4945 domain(s) found. -> 
objects_aol.com [*] -> Out of zone range - ( 5 ) -> 
play_toontown.com [http] -> Trusted sites -> 
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] -> 
{17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab [Windows Genuine Advantage Validation Tool] -> 
{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} [HKLM] -> http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/MyFunCardsFWBInitialSetup1.0.0.15-3.cab [Reg Error: Key error.] -> 
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] -> 
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} [HKLM] -> C:\Program Files\Yahoo!\Common\Yinsthelper.dll [Installation Support] -> 
{77E32299-629F-43C6-AB77-6A1E6D7663F6} [HKLM] -> http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab [Groove Control] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab [Java Plug-in 1.6.0_29] -> 
{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} [HKLM] -> http://aolsvc.aol.com/onlinegames/free-trial-yahtzee/zylomplayer.cab [Zylom Games Player] -> 
{C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} [HKLM] -> http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe [Virtools WebPlayer Class] -> 
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab [Java Plug-in 1.6.0_29] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab [Java Plug-in 1.6.0_29] -> 
{D4323BF2-006A-4440-A2F5-27E3E7AB25F8} [HKLM] -> http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe [Virtools WebPlayer Class] -> 
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 192.168.0.1 205.171.3.25 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{CD8535B6-108A-4252-832F-6F25B82A4B65}\\DhcpNameServer -> 192.168.0.1 205.171.3.25   (Intel(R) PRO/100 VE Network Connection) -> 
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> 
C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll -> C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll -> [2011/11/09 04:42:41 | 001,236,368 | ---- | M] (Bandoo Media, inc)
C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll -> C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll -> [2011/11/09 04:42:43 | 001,233,816 | ---- | M] (Bandoo Media, inc)
yhbxys.dll ->  -> File not found
c:\windows\system32\latadeti.dll ->  -> File not found
C:\WINDOWS\system32\guard32.dll -> C:\WINDOWS\system32\guard32.dll -> [2010/02/07 10:01:37 | 000,171,552 | ---- | M] (COMODO)
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\WINDOWS\system32\userinit.exe -> C:\WINDOWS\system32\userinit.exe -> [2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
!SASWinLogon -> C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL -> [2011/05/04 11:54:14 | 000,551,296 | ---- | M] (SUPERAntiSpyware.com)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [] -> [2011/07/18 18:02:18 | 000,113,024 | ---- | M] (SuperAdBlocker.com)
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
*SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
digeste.dll ->  -> File not found
*MultiFile Done* -> -> 
< LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 
*LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 
nwprovau -> C:\WINDOWS\System32\nwprovau.dll -> [2008/04/13 18:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation)
C:\WINDOWS\system32\ljJATMEX ->  -> File not found
*MultiFile Done* -> -> 
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"C:\Program Files\America Online 9.0\waol.exe" ->  [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\MSN Messenger\livecall.exe" ->  [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" ->  [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> File not found
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"C:\Documents and Settings\Princess\Application Data\MySpace\IM\bin\MySpaceIM.exe" -> C:\Documents and Settings\Princess\Application Data\MySpace\IM\bin\MySpaceIM.exe [C:\Documents and Settings\Princess\Application Data\MySpace\IM\bin\MySpaceIM.exe:*:Disabled:MySpace Instant Messenger] -> [2008/12/12 12:46:08 | 009,555,968 | ---- | M] ()
"C:\Program Files\AIM6\aim6.exe" ->  [C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM] -> File not found
"C:\Program Files\America Online 9.0\waol.exe" ->  [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" -> C:\Program Files\Common Files\AOL\Loader\aolload.exe [C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader] -> [2006/11/03 01:17:27 | 000,010,800 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" -> C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe [C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit] -> [2011/09/27 06:22:50 | 000,014,184 | ---- | M] (Apple Inc.)
"C:\Program Files\FrostWire 5\FrostWire.exe" -> C:\Program Files\FrostWire 5\FrostWire.exe [C:\Program Files\FrostWire 5\FrostWire.exe:*:Enabled:FrostWire] -> [2011/07/15 15:24:42 | 000,466,944 | ---- | M] (FrostWire Group)
"C:\Program Files\FrostWire\FrostWire.exe" ->  [C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire] -> File not found
"C:\Program Files\Graboid\GraboidVideo\1.4.0.0\DLManager\GraboidDLManager.exe" ->  [C:\Program Files\Graboid\GraboidVideo\1.4.0.0\DLManager\GraboidDLManager.exe:*:Enabled:SABnzbd-0.2.5] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" ->  [C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" ->  [C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe] -> File not found
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" ->  [C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe] -> File not found
"C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe" -> C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe [C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP Device Setup] -> [2010/06/14 15:07:50 | 006,758,248 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe" -> C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe [C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Network Communicator] -> [2010/06/14 15:03:46 | 000,391,528 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2009/03/10 14:10:51 | 000,139,776 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\MSN Messenger\livecall.exe" ->  [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" ->  [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> File not found
"C:\Program Files\Skype\Phone\Skype.exe" ->  [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> File not found
"C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" -> C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe [C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker] -> [2011/10/31 07:37:30 | 000,094,168 | ---- | M] (Visicom Media Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" ->  [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" ->  [C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server] -> File not found
"C:\StubInstaller.exe" -> C:\StubInstaller.exe [C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer] -> [2005/10/31 09:56:00 | 000,700,416 | ---- | M] (LimeWire)
"C:\WINDOWS\explorer.exe" -> C:\WINDOWS\explorer.exe [C:\WINDOWS\explorer.exe:*:Enabled:Explorer] -> [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
"C:\WINDOWS\system32\mmc.exe" -> C:\WINDOWS\System32\mmc.exe [C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console] -> [2008/04/13 18:12:25 | 001,414,656 | ---- | M] (Microsoft Corporation)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  -> 
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2005/08/16 04:43:04 | 000,000,000 | ---- | M] ()
F:\autorun.inf [[AutoRun] | icon=launcher.exe,0 | action=Coby Media Manager | shellexecute=launcher.exe | shell\Auto\command=launcher.exe | shell\Auto=Coby &Media Manager | shell=Auto | ] -> F:\autorun.inf [ FAT32 ] -> [2010/01/04 10:30:42 | 000,000,163 | R--- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell
\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun
\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun\command
\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun\command\\"" ->  [F:\setup.exe -a] -> File not found
\{361ac05d-0e0d-11da-9aa9-806d6172696f}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell
\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun
\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\\"" ->  [Auto&Play] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command
\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command\\"" ->  [E:\setup.exe] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
 
[Registry - Additional Scans - Safe List]
< Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> 
{00ba0ab2-09c6-450d-b5c6-334f22153f18} [HKLM] -> C:\Documents and Settings\All Users\Application Data\HP Photo Creations\RLPNUpload.dll [CRLPNUpld Object] -> [2011/04/22 17:22:41 | 000,141,480 | ---- | M] (RocketLife)
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [&Yahoo! Toolbar Helper] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{0291E591-EA41-4c82-8106-3DC6CE7F7664} [HKLM] -> C:\Program Files\Yahoo!\Common\YInstHelper.dll [Installation Support] -> [2007/11/28 15:55:58 | 000,211,744 | ---- | M] (Yahoo! Inc.)
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2011/10/24 14:30:12 | 000,796,520 | ---- | M] (Apple Inc.)
{03F998B2-0E00-11D3-A498-00104B6EB52E} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll [MetaStreamCtl Class] -> [2008/02/06 18:58:48 | 000,262,214 | ---- | M] (Viewpoint Corporation)
{0566A191-D675-4911-9C7E-50EDBEF90F32} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{12a0d4c1-4d44-4fb6-bdba-a7aabfda7e75} [HKLM] -> C:\Documents and Settings\All Users\Application Data\HP Photo Creations\RocketEngine.dll [CFXEngine Object] -> [2011/04/22 17:22:41 | 001,231,016 | ---- | M] (Visan inc.)
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Director\SwDir.dll [Shockwave ActiveX Control] -> [2007/08/07 16:20:44 | 000,182,248 | ---- | M] (Adobe Systems, Inc.)
{1B00725B-C455-4DE6-BFB6-AD540AD427CD} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll [MetaStreamCtl Class] -> [2008/02/06 18:58:48 | 000,262,214 | ---- | M] (Viewpoint Corporation)
{1C58E5DD-0EE7-4F86-9F73-54653137E5F2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\WINDOWS\system32\Macromed\Director\SwDir.dll [Shockwave ActiveX Control] -> [2007/08/07 16:20:44 | 000,182,248 | ---- | M] (Adobe Systems, Inc.)
{30528230-99F7-4BB4-88D8-FA1D4F56A2AB} [HKLM] -> C:\Program Files\Yahoo!\Common\YInstHelper.dll [Installation Support] -> [2007/11/28 15:55:58 | 000,211,744 | ---- | M] (Yahoo! Inc.)
{347B0667-C7ED-429B-BDE3-CC8D3BACAA31} [HKLM] -> C:\Program Files\Yahoo!\Common\YInstHelper.dll [Installation Support] -> [2007/11/28 15:55:58 | 000,211,744 | ---- | M] (Yahoo! Inc.)
{3788E535-897B-463d-B6D6-FEE5B86EC144} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{3EEEBC9A-580F-46EF-81D9-55510266413D} [HKLM] -> C:\Documents and Settings\All Users\Application Data\HP Photo Creations\ContentMan.dll [CRecord Object] -> [2011/04/22 17:22:39 | 000,194,728 | ---- | M] (RocketLife)
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2011/10/24 14:30:12 | 000,796,520 | ---- | M] (Apple Inc.)
{444785F1-DE89-4295-863A-D46C3A781394} [HKLM] -> C:\Program Files\Unity\WebPlayer\loader\UnityWebPluginAX.ocx [UnityWebPlayer Control] -> [2008/07/17 19:51:56 | 000,508,656 | ---- | M] (Unity Technologies ApS)
{444785F1-DE89-4295-863A-D46C3A781394} [HKCU] -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Unity\WebPlayer\loader\UnityWebPluginAX.ocx [UnityWebPlayer Control] -> [2010/11/29 10:26:14 | 000,173,528 | ---- | M] (Unity Technologies ApS)
{5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2011/10/03 04:06:06 | 000,112,416 | ---- | M] (Sun Microsystems, Inc.)
{5dcf3f4a-fda4-46a9-9129-47dd0cc8243f} [HKLM] -> C:\Documents and Settings\All Users\Application Data\HP Photo Creations\ContentMan.dll [CCMan Object] -> [2011/04/22 17:22:39 | 000,194,728 | ---- | M] (RocketLife)
{69725738-CD68-4f36-8D02-8C43722EE5DA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{6E1D8C13-B506-495A-995C-BE98117A7D3F} [HKLM] ->  [WebActivater Control] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{83453071-3F9C-4ab0-BE30-EDA368D7976D} [HKLM] -> C:\Program Files\AskTBar\bar\1.bin\A5POPSWT.DLL [PopSwatter Settings Class] -> [2007/03/18 07:38:38 | 000,118,784 | ---- | M] (Ask.com)
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_29.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:11 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.)
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{A17E30C4-A9BA-11D4-8673-60DB54C10000} [HKLM] -> C:\Program Files\Yahoo!\Common\YMMAPI.dll [Yahoo! MailTo] -> [2007/06/28 15:41:00 | 000,285,464 | ---- | M] (Yahoo! Inc.)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2006/11/27 10:25:38 | 000,292,488 | ---- | M] (Adobe Systems, Inc.)
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_02] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_02] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_02] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_03] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_03] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_03] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_15] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_15] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_15] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_29.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:11 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_29.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:11 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_29.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:11 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deployJava1.dll [Deployment Toolkit] -> [2011/10/03 04:06:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deployJava1.dll [Deployment Toolkit] -> [2011/10/03 04:06:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [Behavior Object] -> [2011/10/24 14:30:12 | 000,796,520 | ---- | M] (Apple Inc.)
{CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> C:\WINDOWS\system32\rmoc3260.dll [RealPlayer G2 Control] -> [2006/02/16 00:37:35 | 000,157,696 | ---- | M] (RealNetworks)
{D02818A3-BD90-4369-951D-464336725225} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash11e.ocx [Shockwave Flash Object] -> [2011/12/13 11:30:13 | 008,632,480 | R--- | M] (Adobe Systems, Inc.)
{D3D233D5-9F6D-436C-B6C7-E63F77503B30} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D3F940EA-4E87-423b-9091-934E1E4FCEAE} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2011/06/10 00:13:12 | 000,111,904 | ---- | M] (Apple Inc.)
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} [HKLM] -> Reg Error: Key error. [&Inbox Toolbar] -> File not found
{DFEAF541-F3E1-4c24-ACAC-99C30715084A} [HKLM] -> c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll [Microsoft Silverlight] -> [2011/08/30 15:48:52 | 001,025,864 | ---- | M] ( Microsoft Corporation)
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [Yahoo! Toolbar] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{FE063DBB-4EC0-403e-8DD8-394C54984B2C} [HKLM] ->  [Ask Toolbar Settings] -> File not found
< Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> 
{00000000-0000-0000-0000-000000000002} [HKLM] -> C:\Program Files\EarthLink\Toolbar\EScamBlk.dll [ElnkBhoGuard Class] -> [2006/10/11 16:25:46 | 000,198,424 | ---- | M] (EarthLink, Inc.)
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [&Yahoo! Toolbar Helper] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{15F4D456-5BAA-4076-8486-EECB38CD3E57} [HKLM] -> C:\Program Files\EarthLink\Toolbar\EScamBlk.dll [ElnkScamBHO Class] -> [2006/10/11 16:25:46 | 000,198,424 | ---- | M] (EarthLink, Inc.)
{21347690-EC41-4F9A-8887-1F4AEE672439} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{30528230-99F7-4BB4-88D8-FA1D4F56A2AB} [HKLM] -> C:\Program Files\Yahoo!\Common\YInstHelper.dll [Installation Support] -> [2007/11/28 15:55:58 | 000,211,744 | ---- | M] (Yahoo! Inc.)
{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{4A368E80-174F-4872-96B5-0B27DDD11DB2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{512ACF1B-64D9-4928-B382-A80556F28DB4} [HKLM] -> C:\Program Files\EarthLink\Toolbar\ElnkPuB.dll [ElnkPubBHO Class] -> [2006/10/11 16:25:46 | 000,206,616 | ---- | M] (EarthLink, Inc.)
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007/12/12 16:09:42 | 000,222,448 | ---- | M] (Yahoo! Inc.)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> [2005/05/31 04:33:00 | 000,118,844 | ---- | M] (Sonic Solutions)
{61539ECD-CC67-4437-A03C-9AACCBD14326} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9579D574-D4D8-4335-9560-FE8641A013BD} [HKLM] -> C:\Program Files\EarthLink\Toolbar\ProtctIE.dll [ElnkProtectionBHO Class] -> [2006/10/11 16:25:50 | 000,251,672 | ---- | M] (EarthLink, Inc.)
{99079A25-328F-4BD4-BE04-00955ACAA0A7}, [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9D425283-D487-4337-BAB6-AB8354A81457} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9D717F81-9148-4F12-8568-69135F087DB0} [HKLM] -> C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll [DataMngr] -> [2011/11/09 04:42:46 | 000,101,272 | ---- | M] (Bandoo Media, inc)
{9D717F81-9148-4f12-8568-69135F087DB0}, [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{B0CDA128-B425-4EEF-A174-61A11AC5DBF8} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BDD307C3-7BC0-4542-9F8F-A9611FE6C1BF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C7768536-96F8-4001-B1A2-90EE21279187} [HKLM] -> C:\Program Files\EarthLink\Toolbar\Toolbar.dll [EarthLink Toolbar] -> [2006/10/11 16:25:52 | 000,247,576 | ---- | M] (EarthLink, Inc.)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> c:\Program Files\GoogleAFE\GoogleAE.dll [CBrowserHelperObject Object] -> [2005/12/08 14:00:34 | 000,090,112 | ---- | M] (Google)
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash11e.ocx [Shockwave Flash Object] -> [2011/12/13 11:30:13 | 008,632,480 | R--- | M] (Adobe Systems, Inc.)
{D4027C7F-154A-4066-A1AD-4243D8127440} [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [FrostWire Toolbar] -> [2011/02/01 18:17:24 | 001,487,240 | ---- | M] (Ask)
{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} [HKLM] -> C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll [WeCareReminder Class] -> [2011/04/22 07:13:36 | 000,359,936 | ---- | M] (We-Care.com)
{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{E713904C-DF05-4C79-BBAD-02DB923253BE} [HKLM] -> C:\Program Files\EarthLink\Toolbar\uninsttb.dll [ElnkLegacyUninstBHO Class] -> [2006/10/11 16:25:54 | 000,096,024 | ---- | M] (EarthLink, Inc.)
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [Yahoo! Toolbar] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\YTSingleInstance.dll [SingleInstance Class] -> [2010/01/21 23:25:08 | 000,158,520 | ---- | M] (Yahoo! Inc)
< Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> 
{00000000-0000-0000-0000-000000000002} [HKLM] -> C:\Program Files\EarthLink\Toolbar\EScamBlk.dll [ElnkBhoGuard Class] -> [2006/10/11 16:25:46 | 000,198,424 | ---- | M] (EarthLink, Inc.)
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [&Yahoo! Toolbar Helper] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2011/10/24 14:30:12 | 000,796,520 | ---- | M] (Apple Inc.)
{03402F96-3DC7-4285-BC50-9E81FEFAFE43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{03F998B2-0E00-11D3-A498-00104B6EB52E} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll [MetaStreamCtl Class] -> [2008/02/06 18:58:48 | 000,262,214 | ---- | M] (Viewpoint Corporation)
{042DA63B-0933-403D-9395-B49307691690} [HKLM] -> Reg Error: Key error. [] -> File not found
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/12/18 03:16:42 | 000,059,032 | ---- | M] (Adobe Systems Incorporated)
{07B18EAB-A523-4961-B6BB-170DE4475CCA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found
{0B83C99C-1EFA-4259-858F-BCB33E007A5B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{14EC1DDF-9B08-4D73-8D98-A984BF0DEE7C} [HKLM] -> C:\Program Files\MTV Networks\URGE\UrgeLaunch.dll [CUrgeLaunchCls Object] -> [2007/03/21 14:30:58 | 000,124,432 | ---- | M] (MTV Networks)
{15F4D456-5BAA-4076-8486-EECB38CD3E57} [HKLM] -> C:\Program Files\EarthLink\Toolbar\EScamBlk.dll [ElnkScamBHO Class] -> [2006/10/11 16:25:46 | 000,198,424 | ---- | M] (EarthLink, Inc.)
{1B00725B-C455-4DE6-BFB6-AD540AD427CD} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll [MetaStreamCtl Class] -> [2008/02/06 18:58:48 | 000,262,214 | ---- | M] (Viewpoint Corporation)
{1C58E5DD-0EE7-4F86-9F73-54653137E5F2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{21347690-EC41-4F9A-8887-1F4AEE672439} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{2220F2A2-672E-4EF4-AE44-B802D4E38795} [HKLM] ->  [Reg Error: Value error.] -> File not found
{22BF413B-C6D2-4D91-82A9-A0F997BA588C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\WINDOWS\system32\Macromed\Director\SwDir.dll [Shockwave ActiveX Control] -> [2007/08/07 16:20:44 | 000,182,248 | ---- | M] (Adobe Systems, Inc.)
{30528230-99F7-4BB4-88D8-FA1D4F56A2AB} [HKLM] -> C:\Program Files\Yahoo!\Common\YInstHelper.dll [Installation Support] -> [2007/11/28 15:55:58 | 000,211,744 | ---- | M] (Yahoo! Inc.)
{3107C2A8-9F0B-4404-A58B-21BD85268FBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{3369AF0D-62E9-4BDA-8103-B4C75499B578} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{38EEBABB-01E5-46B8-A737-FA2318DCCF1C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{39FD89BF-D3F1-45B6-BB56-3582CCF489E1} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2011/10/24 14:30:12 | 000,796,520 | ---- | M] (Apple Inc.)
{41293422-93FD-443C-B848-E07EDBF866C3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{41D68ED8-4CFF-4115-88A6-6EBB8AF19000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{444785F1-DE89-4295-863A-D46C3A781394} [HKLM] -> C:\Program Files\Unity\WebPlayer\loader\UnityWebPluginAX.ocx [UnityWebPlayer Control] -> [2008/07/17 19:51:56 | 000,508,656 | ---- | M] (Unity Technologies ApS)
{444785F1-DE89-4295-863A-D46C3A781394} [HKCU] -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Unity\WebPlayer\loader\UnityWebPluginAX.ocx [UnityWebPlayer Control] -> [2010/11/29 10:26:14 | 000,173,528 | ---- | M] (Unity Technologies ApS)
{4A368E80-174F-4872-96B5-0B27DDD11DB2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{4F878398-E58A-11D3-BEE9-00C04FA0D6BA} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\GbDetect.dll [Glassbook Detecter Class] -> [2004/12/14 01:15:42 | 000,067,192 | ---- | M] (Adobe Systems Incorporated)
{512ACF1B-64D9-4928-B382-A80556F28DB4} [HKLM] -> C:\Program Files\EarthLink\Toolbar\ElnkPuB.dll [ElnkPubBHO Class] -> [2006/10/11 16:25:46 | 000,206,616 | ---- | M] (EarthLink, Inc.)
{5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2011/10/03 04:06:06 | 000,112,416 | ---- | M] (Sun Microsystems, Inc.)
{5B7524C8-2446-40E9-9474-94A779DBA224} [HKLM] -> C:\WINDOWS\Downloaded Program Files\isusweb.dll [InstallShield Update Service Agent] -> [2005/06/10 10:44:02 | 000,417,792 | ---- | M] ()
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007/12/12 16:09:42 | 000,222,448 | ---- | M] (Yahoo! Inc.)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\system32\dla\tfswshx.dll [DriveLetterAccess] -> [2005/05/31 04:33:00 | 000,118,844 | ---- | M] (Sonic Solutions)
{61539ECD-CC67-4437-A03C-9AACCBD14326} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{6FD5151B-A94A-4F6E-96FA-CD471AD4AA30} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{77E32299-629F-43C6-AB77-6A1E6D7663F6} [HKLM] -> C:\WINDOWS\Downloaded Program Files\OTOYAX.dll [Groove Control] -> [2005/10/21 15:38:02 | 000,510,136 | ---- | M] ()
{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8736C681-37A0-40C6-A0F0-4C083409151C} [HKLM] -> Reg Error: Key error. [] -> File not found
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_29.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:11 | 000,141,088 | ---- | M] (Sun Microsystems, Inc.)
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKCU] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_29] -> [2011/10/03 04:06:05 | 000,108,320 | ---- | M] ()
{92277284-D839-45C7-B806-82BE1E86FEBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{93EFDAB8-8800-4896-B428-76F943140E1B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9522B3FB-7A2B-4646-8AF6-36E7F593073C} [HKLM] -> C:\WINDOWS\CouponPrinter.ocx [cpbrkpie Control] -> [2009/11/19 15:16:27 | 000,068,824 | ---- | M] ()
{9579D574-D4D8-4335-9560-FE8641A013BD} [HKLM] -> C:\Program Files\EarthLink\Toolbar\ProtctIE.dll [ElnkProtectionBHO Class] -> [2006/10/11 16:25:50 | 000,251,672 | ---- | M] (EarthLink, Inc.)
{98279C38-DE4B-4BCF-93C9-8EC26069D6F4} [HKLM] ->  [ShopAtHome Toolbar] -> File not found
{99079A25-328F-4BD4-BE04-00955ACAA0A7} [HKLM] ->  [Searchqu Toolbar] -> File not found
{9D717F81-9148-4F12-8568-69135F087DB0} [HKLM] -> C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll [DataMngr] -> [2011/11/09 04:42:46 | 000,101,272 | ---- | M] (Bandoo Media, inc)
{9FF05104-B030-46FC-94B8-81276E4E27DF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{A8FA393E-7CD7-4046-9686-881CC8155709} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\WINDOWS\system32\msnetobj.dll [RMGetLicense Class] -> [2009/01/30 19:33:54 | 000,179,712 | ---- | M] (Microsoft Corporation)
{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} [HKLM] -> C:\WINDOWS\wt\webdriver\4.1.1\wthostctl.dll [WTHoster Class] -> [2004/04/26 15:19:34 | 000,057,344 | ---- | M] (WildTangent)
{B0CDA128-B425-4EEF-A174-61A11AC5DBF8} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BA52B914-B692-46C4-B683-905236F6F655} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} [HKLM] -> C:\WINDOWS\Downloaded Program Files\zylomgamesplayer.dll [Zylom Games Player] -> [2006/08/29 13:17:22 | 000,161,976 | ---- | M] ()
{C02226EB-A5D7-4B1F-BD7E-635E46C2288D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} [HKCU] -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll [Google Update Plugin] -> [2011/10/15 22:11:18 | 000,239,256 | ---- | M] (Google Inc.)
{C442AC41-9200-4770-8CC0-7CDB4F245C55} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C442AC41-9200-4770-8CC0-7CDB4F245C55} [HKCU] -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll [Google Update Plugin] -> [2011/10/15 22:11:18 | 000,239,256 | ---- | M] (Google Inc.)
{C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} [HKLM] -> C:\Program Files\Virtools\3D Life Player\WebPlayer.ocx [Virtools WebPlayer Class] -> [2007/09/04 15:48:34 | 000,300,344 | ---- | M] (Virtools SA)
{C7768536-96F8-4001-B1A2-90EE21279187} [HKLM] -> C:\Program Files\EarthLink\Toolbar\Toolbar.dll [EarthLink Toolbar] -> [2006/10/11 16:25:52 | 000,247,576 | ---- | M] (EarthLink, Inc.)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> c:\Program Files\GoogleAFE\GoogleAE.dll [CBrowserHelperObject Object] -> [2005/12/08 14:00:34 | 000,090,112 | ---- | M] (Google)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2006/11/27 10:25:38 | 000,292,488 | ---- | M] (Adobe Systems, Inc.)
{CD67F990-D8E9-11D2-98FE-00C0F0318AFE} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [HKLM] -> C:\WINDOWS\system32\rmoc3260.dll [RealPlayer G2 Control] -> [2006/02/16 00:37:35 | 000,157,696 | ---- | M] (RealNetworks)
{D02818A3-BD90-4369-951D-464336725225} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash11e.ocx [Shockwave Flash Object] -> [2011/12/13 11:30:13 | 008,632,480 | R--- | M] (Adobe Systems, Inc.)
{D4027C7F-154A-4066-A1AD-4243D8127440} [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [FrostWire Toolbar] -> [2011/02/01 18:17:24 | 001,487,240 | ---- | M] (Ask)
{D4323BF2-006A-4440-A2F5-27E3E7AB25F8} [HKLM] -> C:\Program Files\Virtools\3D Life Player\WebPlayer.ocx [Virtools WebPlayer Class] -> [2007/09/04 15:48:34 | 000,300,344 | ---- | M] (Virtools SA)
{D62D1B36-253D-4218-B033-5ACE0B42B8BF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D62D1B36-253D-4218-B033-5ACE0B42B8BF} [HKCU] -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\InContext Solutions\Shopping InContext\InContextU31.dll [IEWebGameCtrl Class] -> [2011/01/11 14:18:42 | 000,144,360 | ---- | M] (InContext Solutions, LLC)
{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} [HKLM] -> C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll [WeCareReminder Class] -> [2011/04/22 07:13:36 | 000,359,936 | ---- | M] (We-Care.com)
{D9288080-1BAA-4BC4-9CF8-A92D743DB949} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} [HKLM] ->  [MessengerChecker Class] -> File not found
{DA80E089-4648-43D5-93B4-7F37917084E6} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} [HKLM] -> C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx [QuickTimeCheck Class] -> [2011/10/24 14:30:12 | 000,137,064 | ---- | M] (Apple Inc.)
{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{DF780F87-FF2B-4DF8-92D0-73DB16A1543A} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} [HKLM] -> c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll [Microsoft Silverlight] -> [2011/08/30 15:48:52 | 001,025,864 | ---- | M] ( Microsoft Corporation)
{E2E2DD38-D088-4134-82B7-F2BA38496583} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{e3e02f12-2adb-478c-8742-5f0819f9f0f4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{e3e02f12-2adb-478c-8742-5f0819f9f0f4} [HKCU] -> C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll [] -> [2009/10/11 19:49:21 | 004,183,416 | ---- | M] (Move Networks)
{e473a65c-8087-49a3-affd-c5bc4a10669b} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{e473a65c-8087-49a3-affd-c5bc4a10669b} [HKCU] -> C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll [] -> [2009/10/11 19:49:21 | 004,183,416 | ---- | M] (Move Networks)
{E713904C-DF05-4C79-BBAD-02DB923253BE} [HKLM] -> C:\Program Files\EarthLink\Toolbar\uninsttb.dll [ElnkLegacyUninstBHO Class] -> [2006/10/11 16:25:54 | 000,096,024 | ---- | M] (EarthLink, Inc.)
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll [Yahoo! Toolbar] -> [2010/01/21 23:25:06 | 001,158,456 | ---- | M] (Yahoo! Inc.)
{FB5F1910-F110-11D2-BB9E-00C04F795683} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{fc345d4c-b8f4-4674-bff7-3c37d2e535ee} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{fc345d4c-b8f4-4674-bff7-3c37d2e535ee} [HKCU] -> C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll [] -> [2009/10/11 19:49:21 | 004,183,416 | ---- | M] (Move Networks)
{fd6484ed-ebe3-4c3d-938a-8238003b41b7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{fd6484ed-ebe3-4c3d-938a-8238003b41b7} [HKCU] -> C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll [] -> [2009/10/11 19:49:21 | 004,183,416 | ---- | M] (Move Networks)
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn7\YTSingleInstance.dll [SingleInstance Class] -> [2010/01/21 23:25:08 | 000,158,520 | ---- | M] (Yahoo! Inc)
{FE063DB1-4EC0-403E-8DD8-394C54984B2C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{FE063DB9-4EC0-403E-8DD8-394C54984B2C} [HKLM] ->  [Ask Toolbar] -> File not found
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
6to4 ->  -> File not found
Ias ->  -> File not found
Iprip ->  -> File not found
Irmon ->  -> File not found
Nwsapagent ->  -> File not found
WmdmPmSp ->  -> File not found
*MultiFile Done* -> -> 
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
inbox:{37540F19-DD4C-478B-B2DF-C19281BCAF27} [HKLM] -> Reg Error: Key error.[] -> File not found
rebinfo:{AF808758-C780-404C-A4EE-4526323FD9B6} [HKLM] -> Reg Error: Key error.[] -> File not found
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> 
NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] -> C:\WINDOWS\system32\nwprovau.dll -> [2008/04/13 18:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000005 [mdnsNSP] -> C:\Program Files\Bonjour\mdnsNSP.dll -> [2011/08/30 22:05:02 | 000,121,704 | ---- | M] (Apple Inc.)
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
{05BFB060-4F22-4710-B0A2-2801A1B606C5} -> Microsoft Antimalware
{06E6E30D-B498-442F-A943-07DE41D7F785} -> Microsoft Search Enhancement Pack
{075473F5-846A-448B-BCB3-104AA1760205} -> Sonic RecordNow Data
{08234a0d-cf39-4dca-99f0-0c5cb496da81} -> Bing Bar
{0840B4D6-7DD1-4187-8523-E6FC0007EFB7} -> Windows Live ID Sign-in Assistant
{0BEDBD4E-2D34-47B5-9973-57E62B29307C} -> ATI Control Panel
{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B} -> Microsoft Plus! Photo Story 2 LE
{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -> Sonic DLA
{15D43B60-DAED-435D-894E-E58947A5CCC8} -> Tango
{1A15507A-8551-4626-915D-3D5FA095CC1B} -> Corel Paint Shop Pro X
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{21657574-BD54-48A2-9450-EB03B2C7FC29} -> Sonic MyDVD LE
{237CD223-1B9D-47E8-A76C-E478B83CCEA2} -> File Uploader
{23B35809-5E4A-4F14-8332-1CDEDDFAC089} -> CP_Package_Variety2
{26A24AE4-039D-4CA4-87B4-2F83216013FF} -> Java(TM) 6 Update 29
{26A24AE4-039D-4CA4-87B4-2F83216015F0} -> Java(TM) 6 Update 15
{29ED20C9-5E15-4969-9279-25BF3727A3DA} -> iTunes
{30465B6C-B53F-49A1-9EBA-A3F187AD502E} -> Sonic Update Manager
{3248F0A8-6813-11D6-A77B-00B0D0150060} -> J2SE Runtime Environment 5.0 Update 6
{3248F0A8-6813-11D6-A77B-00B0D0150090} -> J2SE Runtime Environment 5.0 Update 9
{3248F0A8-6813-11D6-A77B-00B0D0150100} -> J2SE Runtime Environment 5.0 Update 10
{3248F0A8-6813-11D6-A77B-00B0D0160010} -> Java(TM) SE Runtime Environment 6 Update 1
{3248F0A8-6813-11D6-A77B-00B0D0160020} -> Java(TM) 6 Update 2
{3248F0A8-6813-11D6-A77B-00B0D0160030} -> Java(TM) 6 Update 3
{33BB4982-DC52-4886-A03B-F4C5C80BEE89} -> Windows Media Player 10
{34910BCD-F6D8-4FDD-BB2F-4622ED2DD132} -> Vantage Point Report Viewer
{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{352310C3-E46B-42D3-8F32-54721FDD72D9} -> NetZeroInstallers
{3EE33958-7381-4E7B-A4F3-6E43098E9E9C} -> Google AFE
{3F92ABBB-6BBF-11D5-B229-002078017FBF} -> Modem On Hold
{4667B940-BB01-428B-986E-A0CC46497BF7} -> ELIcon
{4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
{4E79A62F-7A2D-4058-BCE0-94E6B9E2F162} -> USB Disk Win98 Driver
{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1 -> RebateInformer
{4F7177E9-2B54-48B4-AAFD-03FA1F87A542} -> Bing Bar Platform
{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1} -> CP_Package_Variety1
{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B} -> Microsoft Security Client
{5905F42D-3F5F-4916-ADA6-94A3646AEE76} -> Dell Driver Reset Tool
{612AD33D-9824-4E87-8396-92374E91C4BB}_is1 -> Inbox Toolbar
{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C} -> AOLIcon
{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} -> Windows Genuine Advantage v1.3.0254.0
{6811CAA0-BF12-11D4-9EA1-0050BAE317E1} -> PowerDVD 5.5
{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} -> Windows Media Player Firefox Plugin
{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33} -> Digital Content Portal
{6DA93E66-5FA8-44ED-9CCA-40773444C10D} -> HP Deskjet 3050 J610 series Basic Device Software
{6E45BA47-383C-4C1E-8ED0-0D4845C293D7} -> Microsoft Plus! Digital Media Edition Installer
{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} -> Microsoft Visual C++ 2005 Redistributable
{7148F0A8-6813-11D6-A77B-00B0D0142030} -> Java 2 Runtime Environment, SE v1.4.2_03
{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE} -> EarthLink setup files
{74F7662C-B1DB-489E-A8AC-07A06B24978B} -> Dell System Restore
{770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
{787D1A33-A97B-4245-87C0-7174609A540C} -> HP Update
{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} -> Apple Software Update
{79155F2B-9895-49D7-8612-D92580E0DE5B} -> Bonjour
{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68} -> Modem Event Monitor
{7BE15435-2D3E-4B58-867F-9C75BED0208C} -> QuickTime
{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D} -> DellSupport
{7F142D56-3326-11D5-B229-002078017FBF} -> Modem Helper
{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA} -> Intel(R) PROSet for Wired Connections
{86CE85E6-DBAC-3FFD-B977-E4B79F83C909} -> Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
{86D4B82A-ABED-442A-BE86-96357B70F4FE} -> Ask Toolbar
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{8A62A068-3FD6-495A-9F66-26FE94F32EC9} -> Rhapsody Player Engine
{8A9B8148-DDD7-448F-BD6C-358386D32354} -> Corel Photo Album 6
{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF} -> URGE
{95120000-00B9-0409-0000-0000000FF1CE} -> Microsoft Application Error Reporting
{9941F0AA-B903-4AF4-A055-83A9815CC011} -> Sonic Encoders
{9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
{9BE518E6-ECC6-35A9-88E4-87755C07200F} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
{9F4ECB4A-AFD9-4E9F-8DF2-1E339AF8F2CF} -> ASPCA Tri Reminder by We-Care.com v4.0.7.5
{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21} -> Apple Mobile Device Support
{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} -> Microsoft .NET Framework 3.0 Service Pack 2
{A83279FD-CA4B-4206-9535-90974DE76654} -> Apple Application Support
{AB708C9B-97C8-4AC9-899B-DBF226AC9382} -> Sonic Audio module
{AC76BA86-7AD7-1033-7B44-A70900000002} -> Adobe Reader 7.0.9
{AF19F291-F22F-4798-9662-525305AE9E48} -> WordPerfect Office 12
{B12665F4-4E93-4AB4-B7FC-37053B524629} -> Sonic RecordNow Copy
{B57F2FF0-5A25-4332-B503-4592B370C02F} -> CP_Package_Variety3
{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE} -> Microsoft XML Parser
{B8C2A83F-20B0-49D9-BA2B-6495DD8639ED} -> EarthLink Toolbar
{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120} -> Microsoft Default Manager
{C057F6D0-0E4C-4B18-B645-9D0804FCFAFD} -> EarthLink Common Authentication
{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} -> Microsoft .NET Framework 2.0 Service Pack 2
{C4124E95-5061-4776-8D5D-E3D931C778E1} -> Microsoft VC9 runtime libraries
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1
{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1
{D2988E9B-C73F-422C-AD4B-A66EBE257120} -> MCU
{D2FCC1AE-6311-47C5-8130-C6C66D77DD71} -> Nikon Message Center
{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7} -> Opera 9.52
{E6B87DC4-2B3D-4483-ADFF-E483BF718991} -> OpenOffice.org 3.1
{E93E5EF6-D361-481E-849D-F16EF5C78EBC} -> Musicmatch for Windows Media Player
{E9757890-7EC5-46C8-99AB-B00F07B6525C} -> Nikon Transfer
{F7632A9B-661E-4FD9-B1A4-3B86BC99847F} -> HP Deskjet 3050 J610 series Help
3554AA4B-9B0B-451a-A269-2B5F53982209_is1 -> ThreatFire 4.0
3A63F898C880C6A38C1D6D6E3E2300FF28E59320 -> Windows Driver Package - OEM (mr97320) Image  (04/20/2007 1.0.0.0)
3DGroove -> OTOY
Adobe Flash Player ActiveX -> Adobe Flash Player 11 ActiveX
Adobe Flash Player Plugin -> Adobe Flash Player 11 Plugin
Adobe Shockwave Player -> Adobe Shockwave Player
AskTBar Uninstall -> Ask Toolbar
ATI Display Driver -> ATI Display Driver
B3EE3001-DC24-4cd1-8743-5692C716659F -> Otto
CANONIJPLM100 -> Canon Inkjet Printer/Scanner/Fax Extended Survey Program
COMODO Internet Security -> COMODO Internet Security
Coupon Printer for Windows5.0.0.0 -> Coupon Printer for Windows
Dell Digital Jukebox Driver -> Dell Digital Jukebox Driver
DVD Decrypter -> DVD Decrypter (Remove Only)
DVD Shrink_is1 -> DVD Shrink 3.2
EmeraldQFE2 -> Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
FrostWire 5 -> FrostWire 5.1.5
HP Photo Creations -> HP Photo Creations
HyperStudio 4 iPreview -> HyperStudio 4 iPreview
IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs
ie7 -> Windows Internet Explorer 7
ie8 -> Windows Internet Explorer 8
Intel(R) 537EP V9x DF PCI Modem -> Intel(R) 537EP V9x DF PCI Modem
InterActual Player -> InterActual Player
LimeWire -> LimeWire 5.1.2
LivingPlay -> LivingPlay
Microsoft .NET Framework 1.1  (1033) -> Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1
Microsoft Security Client -> Microsoft Security Essentials
Mozilla Firefox 7.0.1 (x86 en-US) -> Mozilla Firefox 7.0.1 (x86 en-US)
MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP
MSNINST -> MSN
NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs
Owl and Mouse Africa Map Puzzle -> Owl and Mouse Africa Map Puzzle
PhotoShow Express -> PhotoShow Express
PreCast -> Ocucom PreCast 1.6
PROSet -> Intel(R) PRO Network Connections Drivers
Pyware 3D Performer's Practice Tools -> Pyware 3D Performer's Practice Tools
QQ Games -> QQ Games
QQ Pool -> QQ Pool
RealPlayer 6.0 -> RealPlayer Basic
Sandlot Games Client Services_is1 -> Sandlot Games Client Services
SelectRebatesUninstall -> ShopAtHome SelectRebates
StreetPlugin -> Learn2 Player (Uninstall Only)
UnityWebPlayer -> Unity Web Player
ViewpointMediaPlayer -> Viewpoint Media Player
Virtools3DLifePlayer -> Virtools 3D Life Player
VobSub -> VobSub v2.23 (Remove Only)
WebCyberCoach_wtrb -> WebCyberCoach 3.2 Dell
WildTangent CDA -> WildTangent Web Driver
Windows Media Format Runtime -> Windows Media Format 11 runtime
Windows Media Player -> Windows Media Player 11
Windows Searchqu Toolbar -> Windows iLivid Toolbar
Windows XP Service Pack -> Windows XP Service Pack 3
WMFDist11 -> Windows Media Format 11 runtime
wmp11 -> Windows Media Player 11
Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0
XviD MPEG4 Video Codec -> XviD MPEG4 Video Codec (remove only)
Yahoo! Companion -> Yahoo! Toolbar
Yahoo! Extras -> Yahoo! Browser Services
Yahoo! Search Defender -> Yahoo! Search Protection
Yahoo! Software Update -> Yahoo! Software Update
YTdetect -> Yahoo! Detect
< Uninstall List [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
{4E002314-9999-4402-9823-1CB9E6098849}_is1 -> Shopping InContext
GabPath -> GabPath
Google Chrome -> Google Chrome
Move Media Player -> Move Media Player
UnityWebPlayer -> Unity Web Player
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Error: Unable to start EventLog service!
 
[Files/Folders - Created Within 30 Days]
 cpnprt2.cid -> C:\WINDOWS\System32\cpnprt2.cid -> [2011/12/14 07:04:43 | 000,398,760 | R--- | C] (Coupons, Inc.)
 AppData -> C:\Documents and Settings\Carolyn\AppData -> [2011/12/06 15:25:24 | 000,000,000 | ---D | C]
 Ilivid Player -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\Ilivid Player -> [2011/12/05 07:13:25 | 000,000,000 | ---D | C]
 boost_interprocess -> C:\Documents and Settings\All Users\Application Data\boost_interprocess -> [2011/12/05 07:08:37 | 000,000,000 | ---D | C]
 Windows iLivid Toolbar -> C:\Program Files\Windows iLivid Toolbar -> [2011/12/05 07:08:34 | 000,000,000 | ---D | C]
 PackageAware -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\PackageAware -> [2011/12/05 07:07:12 | 000,000,000 | ---D | C]
 SUPERAntiSpyware.exe -> C:\Program Files\SUPERAntiSpyware.exe -> [2011/08/20 00:00:26 | 012,495,296 | ---- | C] (SUPERAntiSpyware.com)
 PPTWinInstall.3.0.7.exe -> C:\Program Files\PPTWinInstall.3.0.7.exe -> [2011/08/19 08:00:26 | 048,267,960 | ---- | C] (Flexera Software)
 ChromeSetup.exe -> C:\Program Files\ChromeSetup.exe -> [2011/07/19 21:55:04 | 000,589,664 | ---- | C] (Google Inc.)
 PSRViewerSetup.exe -> C:\Program Files\PSRViewerSetup.exe -> [2010/11/24 14:48:06 | 005,389,804 | ---- | C] (Pipkins, Inc.                                               )
 LimeWireWin(2).exe -> C:\Program Files\LimeWireWin(2).exe -> [2010/10/17 17:03:02 | 030,164,216 | ---- | C] (Lime Wire LLC)
 jxpiinstall(3).exe -> C:\Program Files\jxpiinstall(3).exe -> [2010/10/05 06:27:47 | 000,874,272 | ---- | C] (Sun Microsystems, Inc.)
 jxpiinstall(2).exe -> C:\Program Files\jxpiinstall(2).exe -> [2010/10/05 06:20:41 | 000,714,528 | ---- | C] (Sun Microsystems, Inc.)
 autoupdater(2).exe -> C:\Program Files\autoupdater(2).exe -> [2010/09/17 05:30:48 | 002,320,763 | ---- | C] (InstallShield Software Corporation)
 CouponPrinter.exe -> C:\Program Files\CouponPrinter.exe -> [2010/06/26 10:52:32 | 001,068,544 | ---- | C] (Coupons.com Incorporated)
 spywareblastersetup43.exe -> C:\Program Files\spywareblastersetup43.exe -> [2010/05/25 11:45:24 | 003,103,640 | ---- | C] (Javacool Software LLC                                       )
 DivXWebPlayerInstaller.exe -> C:\Program Files\DivXWebPlayerInstaller.exe -> [2010/02/24 19:08:09 | 006,667,584 | ---- | C] (DivX, Inc.)
 TFC.exe -> C:\Program Files\TFC.exe -> [2009/12/25 20:07:32 | 000,410,624 | ---- | C] (OldTimer Tools)
 wmp11-windowsxp-x86-enu.exe -> C:\Program Files\wmp11-windowsxp-x86-enu.exe -> [2009/12/05 04:53:59 | 025,740,144 | ---- | C] (Microsoft Corporation)
 Shockwave_Installer_Slim(2).exe -> C:\Program Files\Shockwave_Installer_Slim(2).exe -> [2009/10/30 20:21:40 | 004,301,928 | ---- | C] (Adobe Systems Inc.)
 jxpiinstall.exe -> C:\Program Files\jxpiinstall.exe -> [2009/10/30 20:18:23 | 000,714,528 | ---- | C] (Sun Microsystems, Inc.)
 install_flash_player.exe -> C:\Program Files\install_flash_player.exe -> [2009/10/29 16:39:46 | 001,925,024 | ---- | C] (Adobe Systems Incorporated)
 Shockwave_Installer_Slim.exe -> C:\Program Files\Shockwave_Installer_Slim.exe -> [2009/05/28 20:02:17 | 003,500,808 | ---- | C] (Adobe Systems Inc.)
 LimeWireWin.exe -> C:\Program Files\LimeWireWin.exe -> [2009/05/02 15:18:50 | 016,509,288 | ---- | C] (Lime Wire LLC)
 PrecastSetup.exe -> C:\Program Files\PrecastSetup.exe -> [2009/01/10 11:46:22 | 006,479,282 | ---- | C] (Ocucom)
 ezvideos.exe -> C:\Program Files\ezvideos.exe -> [2008/12/03 19:36:45 | 004,283,512 | ---- | C] (W3i, LLC)
 CIS_Setup_3.5.55810.432_XP_Vista_x32.exe -> C:\Program Files\CIS_Setup_3.5.55810.432_XP_Vista_x32.exe -> [2008/12/02 22:05:19 | 027,206,408 | ---- | C] (COMODO)
 Firefox Setup 2.0.0.1.exe -> C:\Program Files\Firefox Setup 2.0.0.1.exe -> [2007/01/20 12:50:31 | 005,971,432 | ---- | C] (Mozilla)
 DVDFabDecrypter29.exe -> C:\Program Files\DVDFabDecrypter29.exe -> [2006/05/25 17:24:18 | 001,320,111 | ---- | C] (Fengtao Software Inc.                                       )
 
[Files/Folders - Modified Within 30 Days]
 GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005UA.job -> [2011/12/15 11:16:00 | 000,000,986 | ---- | M] ()
 Scheduled Update for Ask Toolbar.job -> C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job -> [2011/12/15 11:01:00 | 000,000,238 | ---- | M] ()
 wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2011/12/15 06:32:18 | 000,002,206 | ---- | M] ()
 MP Scheduled Scan.job -> C:\WINDOWS\tasks\MP Scheduled Scan.job -> [2011/12/15 03:21:54 | 000,000,424 | -H-- | M] ()
 bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2011/12/15 03:15:55 | 000,002,048 | --S- | M] ()
 FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2011/12/15 03:15:51 | 000,372,080 | ---- | M] ()
 imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2011/12/15 00:19:30 | 000,001,393 | ---- | M] ()
 GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005Core.job -> [2011/12/14 23:16:00 | 000,000,934 | ---- | M] ()
 KGyGaAvL.sys -> C:\WINDOWS\System32\KGyGaAvL.sys -> [2011/12/14 17:44:37 | 000,006,686 | ---- | M] ()
 3DC448A41C.sys -> C:\WINDOWS\System32\3DC448A41C.sys -> [2011/12/14 17:44:37 | 000,000,152 | RHS- | M] ()
 WordPerfect.lnk -> C:\Documents and Settings\Carolyn\Desktop\WordPerfect.lnk -> [2011/12/14 17:44:28 | 000,002,429 | ---- | M] ()
 PKP_DLdu.DAT -> C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT -> [2011/12/14 17:03:31 | 000,000,020 | -H-- | M] ()
 MBR.dat -> C:\Documents and Settings\Carolyn\Desktop\MBR.dat -> [2011/12/14 13:56:30 | 000,000,512 | ---- | M] ()
 cpnprt2.cid -> C:\WINDOWS\System32\cpnprt2.cid -> [2011/12/14 07:04:43 | 000,398,760 | R--- | M] (Coupons, Inc.)
 FlashPlayerCPLApp.cpl -> C:\WINDOWS\System32\FlashPlayerCPLApp.cpl -> [2011/12/13 11:30:15 | 000,414,368 | ---- | M] (Adobe Systems Incorporated)
 AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2011/12/09 15:40:12 | 000,000,284 | ---- | M] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> [2011/12/06 15:30:12 | 000,000,742 | ---- | M] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk -> [2011/12/06 15:30:12 | 000,000,724 | ---- | M] ()
 win32k.sys -> C:\WINDOWS\System32\win32k.sys -> [2011/11/23 07:25:32 | 001,859,584 | ---- | M] (Microsoft Corporation)
 win32k.sys -> C:\WINDOWS\System32\dllcache\win32k.sys -> [2011/11/23 07:25:32 | 001,859,584 | ---- | M] (Microsoft Corporation)
 Google Chrome.lnk -> C:\Documents and Settings\Carolyn\Desktop\Google Chrome.lnk -> [2011/11/18 11:18:11 | 000,002,300 | ---- | M] ()
 Google Chrome.lnk -> C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> [2011/11/18 11:18:11 | 000,002,278 | ---- | M] ()
 2 C:\Documents and Settings\Carolyn\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Carolyn\Local Settings\Temp\*.tmp -> 
 
[Files - No Company Name]
 WordPerfect.lnk -> C:\Documents and Settings\Carolyn\Desktop\WordPerfect.lnk -> [2011/12/14 15:42:29 | 000,002,429 | ---- | C] ()
 MBR.dat -> C:\Documents and Settings\Carolyn\Desktop\MBR.dat -> [2011/12/14 13:56:30 | 000,000,512 | ---- | C] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> [2011/12/06 15:30:12 | 000,000,742 | ---- | C] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk -> [2011/12/06 15:30:12 | 000,000,730 | ---- | C] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk -> [2011/12/06 15:30:12 | 000,000,724 | ---- | C] ()
 Win98Driver.exe -> C:\WINDOWS\Win98Driver.exe -> [2011/01/05 18:22:42 | 001,892,352 | ---- | C] ()
 avira_antivir_personal_en.exe -> C:\Program Files\avira_antivir_personal_en.exe -> [2010/07/24 07:03:36 | 044,089,904 | ---- | C] ()
 setup_av_free(2).exe -> C:\Program Files\setup_av_free(2).exe -> [2010/06/23 16:45:56 | 052,566,928 | ---- | C] ()
 spywareguardsetup.exe -> C:\Program Files\spywareguardsetup.exe -> [2010/05/25 11:42:42 | 002,062,665 | ---- | C] ()
 setup_av_free.exe -> C:\Program Files\setup_av_free.exe -> [2010/04/24 21:58:13 | 048,417,032 | ---- | C] ()
 d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2010/04/09 06:19:23 | 000,000,664 | ---- | C] ()
 AutoGK.ini -> C:\Documents and Settings\Carolyn\Application Data\AutoGK.ini -> [2010/03/27 16:33:26 | 000,000,540 | ---- | C] ()
 AutoGordianKnot.2.55.Setup.exe -> C:\Program Files\AutoGordianKnot.2.55.Setup.exe -> [2010/03/27 16:22:29 | 012,341,641 | ---- | C] ()
 IowaWeatherMap.jpg -> C:\Program Files\IowaWeatherMap.jpg -> [2010/02/21 20:28:00 | 000,057,086 | ---- | C] ()
 Perl -> C:\Documents and Settings\All Users\Application Data\Perl -> [2009/12/25 18:47:37 | 000,000,268 | RH-- | C] ()
 PageLibraries -> C:\Documents and Settings\Carolyn\Application Data\PageLibraries -> [2009/12/25 18:47:37 | 000,000,268 | RH-- | C] ()
 PKP_DLdu.DAT -> C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT -> [2009/12/25 18:47:37 | 000,000,020 | -H-- | C] ()
 msoffice.ini -> C:\WINDOWS\msoffice.ini -> [2009/12/25 09:03:20 | 000,000,002 | ---- | C] ()
 FixVTS.ini -> C:\Documents and Settings\Carolyn\Application Data\FixVTS.ini -> [2009/12/19 19:34:16 | 000,000,120 | ---- | C] ()
 FixVTS1.603.zip -> C:\Program Files\FixVTS1.603.zip -> [2009/12/19 18:44:45 | 000,032,944 | ---- | C] ()
 yahoomailuploader_0.5.exe -> C:\Program Files\yahoomailuploader_0.5.exe -> [2009/12/15 20:31:07 | 001,089,840 | ---- | C] ()
 RADTools19q.exe -> C:\Program Files\RADTools19q.exe -> [2009/12/02 18:02:18 | 001,320,837 | ---- | C] ()
 vlc-1.0.3-win32.exe -> C:\Program Files\vlc-1.0.3-win32.exe -> [2009/12/02 17:50:56 | 018,030,130 | ---- | C] ()
 yahoo_cinematycoon2_tm6-3.exe -> C:\Program Files\yahoo_cinematycoon2_tm6-3.exe -> [2009/11/15 15:34:40 | 032,770,344 | ---- | C] ()
 popcinfot.dat -> C:\WINDOWS\popcinfot.dat -> [2009/11/10 08:09:34 | 000,000,044 | ---- | C] ()
 popcreg.dat -> C:\WINDOWS\popcreg.dat -> [2009/11/10 08:09:34 | 000,000,000 | ---- | C] ()
 gp.xpi -> C:\Program Files\gp.xpi -> [2009/10/29 16:39:16 | 000,465,778 | ---- | C] ()
 videoimp.ini -> C:\WINDOWS\videoimp.ini -> [2009/10/04 07:35:46 | 000,000,593 | ---- | C] ()
 vidx16.dll -> C:\WINDOWS\System32\vidx16.dll -> [2009/10/04 07:35:22 | 000,010,240 | ---- | C] ()
 marscam.ini -> C:\WINDOWS\marscam.ini -> [2009/10/04 07:30:55 | 000,000,042 | ---- | C] ()
 PopCapPluginInstaller_v2_en.exe -> C:\Program Files\PopCapPluginInstaller_v2_en.exe -> [2009/08/18 09:17:07 | 000,284,184 | ---- | C] ()
 BWAVol2Setup_1_1.exe -> C:\Program Files\BWAVol2Setup_1_1.exe -> [2009/08/18 09:14:34 | 057,604,344 | ---- | C] ()
 Genevieve Jr Miss Louisa County.jpg -> C:\Program Files\Genevieve Jr Miss Louisa County.jpg -> [2009/06/12 14:38:22 | 001,104,331 | ---- | C] ()
 myspace_cube.pdf -> C:\Program Files\myspace_cube.pdf -> [2009/06/08 08:32:36 | 000,291,180 | ---- | C] ()
 myspace_calendar.pdf -> C:\Program Files\myspace_calendar.pdf -> [2009/06/08 08:30:56 | 000,404,712 | ---- | C] ()
 yahoo_annasicecream_tm6-3.exe -> C:\Program Files\yahoo_annasicecream_tm6-3.exe -> [2009/06/07 11:01:57 | 025,083,936 | ---- | C] ()
 hpzids01.dll -> C:\WINDOWS\System32\hpzids01.dll -> [2009/05/11 12:14:45 | 000,077,824 | R--- | C] ()
 epenilek.ini -> C:\WINDOWS\System32\epenilek.ini -> [2009/04/11 18:17:50 | 001,403,901 | -HS- | C] ()
 xvidvfw.dll -> C:\WINDOWS\System32\xvidvfw.dll -> [2009/01/25 15:10:48 | 000,179,200 | ---- | C] ()
 xvidcore.dll -> C:\WINDOWS\System32\xvidcore.dll -> [2009/01/08 17:01:22 | 000,629,760 | ---- | C] ()
 XEMTAJjl.ini -> C:\WINDOWS\System32\XEMTAJjl.ini -> [2008/11/30 20:08:46 | 000,907,380 | -HS- | C] ()
 XEMTAJjl.ini2 -> C:\WINDOWS\System32\XEMTAJjl.ini2 -> [2008/11/30 20:08:46 | 000,907,313 | -HS- | C] ()
 GuiStyle.exe -> C:\Program Files\GuiStyle.exe -> [2008/10/18 16:49:28 | 000,343,235 | ---- | C] ()
 atid.ini -> C:\WINDOWS\atid.ini -> [2008/10/03 18:58:00 | 000,000,021 | ---- | C] ()
 d3d8caps.dat -> C:\WINDOWS\System32\d3d8caps.dat -> [2008/06/19 18:24:40 | 000,000,552 | ---- | C] ()
 Textart.INI -> C:\WINDOWS\Textart.INI -> [2008/02/15 15:50:48 | 000,000,000 | ---- | C] ()
 iplayer.INI -> C:\WINDOWS\iplayer.INI -> [2007/11/20 18:20:31 | 000,000,000 | ---- | C] ()
 SIERRA.INI -> C:\WINDOWS\SIERRA.INI -> [2007/07/15 09:11:12 | 000,000,044 | ---- | C] ()
 mr320exd.dll -> C:\WINDOWS\System32\mr320exd.dll -> [2007/04/10 12:40:22 | 000,028,672 | ---- | C] ()
 mr320exv.dll -> C:\WINDOWS\System32\mr320exv.dll -> [2007/04/03 17:45:36 | 000,049,152 | ---- | C] ()
 RipIt4Me.zip -> C:\Program Files\RipIt4Me.zip -> [2007/03/24 13:25:58 | 000,202,071 | ---- | C] ()
 mozver.dat -> C:\WINDOWS\mozver.dat -> [2007/01/21 07:48:08 | 000,001,168 | ---- | C] ()
 Unwise32.exe -> C:\WINDOWS\Unwise32.exe -> [2006/10/04 15:06:42 | 000,128,000 | ---- | C] ()
 1CA448C43D.sys -> C:\WINDOWS\System32\1CA448C43D.sys -> [2006/09/17 09:54:55 | 000,000,088 | RHS- | C] ()
 QTSBandwidthCache -> C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache -> [2006/08/27 08:18:14 | 000,001,755 | ---- | C] ()
 superman_ss_osx.sit.hqx -> C:\Program Files\superman_ss_osx.sit.hqx -> [2006/07/10 13:05:45 | 004,445,923 | ---- | C] ()
 LEXSTAT.INI -> C:\WINDOWS\LEXSTAT.INI -> [2006/07/03 17:06:06 | 000,000,108 | ---- | C] ()
 d3dx.dat -> C:\WINDOWS\d3dx.dat -> [2006/06/23 15:16:55 | 000,004,096 | ---- | C] ()
 msgr75us.exe -> C:\Program Files\msgr75us.exe -> [2006/06/13 11:19:41 | 000,398,376 | ---- | C] ()
 popcinfo.dat -> C:\WINDOWS\popcinfo.dat -> [2006/06/12 16:12:26 | 000,000,024 | ---- | C] ()
 ka.ini -> C:\WINDOWS\ka.ini -> [2006/06/07 12:34:45 | 000,000,000 | ---- | C] ()
 SetupDVDDecrypter_3.5.4.0.exe -> C:\Program Files\SetupDVDDecrypter_3.5.4.0.exe -> [2006/05/25 17:02:57 | 000,899,414 | ---- | C] ()
 Classic_0.91.7.zip -> C:\Program Files\Classic_0.91.7.zip -> [2006/05/25 17:02:26 | 000,793,583 | ---- | C] ()
 dvdshrink32setup.zip -> C:\Program Files\dvdshrink32setup.zip -> [2006/05/25 16:48:38 | 001,094,021 | ---- | C] ()
 123freesolitaire.exe -> C:\Program Files\123freesolitaire.exe -> [2006/04/30 14:30:17 | 003,645,968 | ---- | C] ()
 KGyGaAvL.sys -> C:\WINDOWS\System32\KGyGaAvL.sys -> [2006/03/05 17:17:02 | 000,006,686 | ---- | C] ()
 3DC448A41C.sys -> C:\WINDOWS\System32\3DC448A41C.sys -> [2006/03/05 17:17:02 | 000,000,152 | RHS- | C] ()
 PFP120JPR.{PB -> C:\Documents and Settings\Carolyn\Application Data\PFP120JPR.{PB -> [2006/02/26 06:55:23 | 000,061,678 | ---- | C] ()
 PFP120JCM.{PB -> C:\Documents and Settings\Carolyn\Application Data\PFP120JCM.{PB -> [2006/02/26 06:55:23 | 000,012,358 | ---- | C] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2006/02/20 22:03:25 | 000,019,456 | ---- | C] ()
 fusioncache.dat -> C:\Documents and Settings\Carolyn\Local Settings\Application Data\fusioncache.dat -> [2006/02/20 17:55:02 | 000,000,130 | ---- | C] ()
 smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2006/02/16 00:50:02 | 000,000,061 | ---- | C] ()
 UNWISE.EXE -> C:\WINDOWS\UNWISE.EXE -> [2006/02/16 00:41:32 | 000,149,504 | ---- | C] ()
 wininit.ini -> C:\WINDOWS\wininit.ini -> [2006/02/16 00:37:56 | 000,000,556 | ---- | C] ()
 nsreg.dat -> C:\WINDOWS\nsreg.dat -> [2006/02/16 00:36:44 | 000,000,335 | ---- | C] ()
 setpwrcg.exe -> C:\WINDOWS\setpwrcg.exe -> [2006/02/16 00:12:58 | 000,049,152 | ---- | C] ()
 atiicdxx.dat -> C:\WINDOWS\System32\atiicdxx.dat -> [2006/02/16 00:12:54 | 000,095,617 | ---- | C] ()
 OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2006/02/16 00:12:26 | 000,000,392 | ---- | C] ()
 bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2005/08/16 04:48:31 | 000,002,048 | --S- | C] ()
 emptyregdb.dat -> C:\WINDOWS\System32\emptyregdb.dat -> [2005/08/16 04:38:45 | 000,021,640 | ---- | C] ()
 fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2005/08/16 04:37:24 | 000,001,793 | ---- | C] ()
 ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2005/08/16 04:33:38 | 000,004,161 | ---- | C] ()
 FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2005/08/16 04:27:59 | 000,372,080 | ---- | C] ()
 secupd.dat -> C:\WINDOWS\System32\secupd.dat -> [2005/08/16 04:18:35 | 000,004,569 | ---- | C] ()
 perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2005/08/16 04:18:33 | 000,445,798 | ---- | C] ()
 perfi009.dat -> C:\WINDOWS\System32\perfi009.dat -> [2005/08/16 04:18:33 | 000,272,128 | ---- | C] ()
 perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2005/08/16 04:18:33 | 000,073,004 | ---- | C] ()
 perfd009.dat -> C:\WINDOWS\System32\perfd009.dat -> [2005/08/16 04:18:33 | 000,028,626 | ---- | C] ()
 oembios.dat -> C:\WINDOWS\System32\oembios.dat -> [2005/08/16 04:18:32 | 000,004,627 | ---- | C] ()
 oembios.bin -> C:\WINDOWS\System32\oembios.bin -> [2005/08/16 04:18:30 | 013,107,200 | ---- | C] ()
 noise.dat -> C:\WINDOWS\System32\noise.dat -> [2005/08/16 04:18:28 | 000,000,741 | ---- | C] ()
 mlang.dat -> C:\WINDOWS\System32\mlang.dat -> [2005/08/16 04:18:23 | 000,673,088 | ---- | C] ()
 mib.bin -> C:\WINDOWS\System32\mib.bin -> [2005/08/16 04:18:23 | 000,046,258 | ---- | C] ()
 dssec.dat -> C:\WINDOWS\System32\dssec.dat -> [2005/08/16 04:18:15 | 000,218,003 | ---- | C] ()
 dcache.bin -> C:\WINDOWS\System32\dcache.bin -> [2005/08/16 04:18:08 | 000,001,804 | ---- | C] ()
 psisdecd.dll -> C:\WINDOWS\System32\psisdecd.dll -> [2005/08/05 14:01:54 | 000,235,008 | ---- | C] ()
 px.ini -> C:\WINDOWS\System32\px.ini -> [2005/06/22 13:37:46 | 000,000,000 | ---- | C] ()
 unrar.dll -> C:\WINDOWS\System32\unrar.dll -> [2002/10/15 16:54:04 | 000,153,088 | ---- | C] ()
 hptcpmon.ini -> C:\WINDOWS\System32\hptcpmon.ini -> [2001/07/06 15:30:00 | 000,003,399 | ---- | C] ()
 
[File - Lop Check]
 !SASCORE -> C:\Documents and Settings\All Users\Application Data\!SASCORE -> [2011/08/04 21:20:43 | 000,000,000 | ---D | M]
 2ACA5CC3-0F83-453D-A079-1076FE1A8B65 -> C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 -> [2009/03/30 18:55:59 | 000,000,000 | ---D | M]
 Alwil Software -> C:\Documents and Settings\All Users\Application Data\Alwil Software -> [2010/02/13 17:45:52 | 000,000,000 | ---D | M]
 boost_interprocess -> C:\Documents and Settings\All Users\Application Data\boost_interprocess -> [2011/12/06 06:48:14 | 000,000,000 | ---D | M]
 CanonIJEGV -> C:\Documents and Settings\All Users\Application Data\CanonIJEGV -> [2010/11/08 18:19:45 | 000,000,000 | -H-D | M]
 CanonIJPLM -> C:\Documents and Settings\All Users\Application Data\CanonIJPLM -> [2011/06/11 19:59:44 | 000,000,000 | ---D | M]
 CanonIJScan -> C:\Documents and Settings\All Users\Application Data\CanonIJScan -> [2011/04/16 21:18:58 | 000,000,000 | -H-D | M]
 CanonIJSetup000 -> C:\Documents and Settings\All Users\Application Data\CanonIJSetup000 -> [2010/06/16 18:49:45 | 000,000,000 | ---D | M]
 CanonIJSetup001 -> C:\Documents and Settings\All Users\Application Data\CanonIJSetup001 -> [2010/06/16 18:49:50 | 000,000,000 | ---D | M]
 CanonIJSetup002 -> C:\Documents and Settings\All Users\Application Data\CanonIJSetup002 -> [2010/06/16 18:49:53 | 000,000,000 | ---D | M]
 CanonIJSetup003 -> C:\Documents and Settings\All Users\Application Data\CanonIJSetup003 -> [2010/06/16 18:49:55 | 000,000,000 | ---D | M]
 Dictionaries -> C:\Documents and Settings\All Users\Application Data\Dictionaries -> [2009/12/25 18:47:37 | 000,000,000 | ---D | M]
 EA -> C:\Documents and Settings\All Users\Application Data\EA -> [2008/07/16 07:18:47 | 000,000,000 | ---D | M]
 EnterNHelp -> C:\Documents and Settings\All Users\Application Data\EnterNHelp -> [2009/12/25 18:47:37 | 000,000,000 | ---D | M]
 Graboid Inc -> C:\Documents and Settings\All Users\Application Data\Graboid Inc -> [2009/03/29 14:05:16 | 000,000,000 | ---D | M]
 HipSoft -> C:\Documents and Settings\All Users\Application Data\HipSoft -> [2007/11/30 10:47:09 | 000,000,000 | ---D | M]
 n7-89-o9-3r-4t-r9 -> C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9 -> [2007/11/30 11:16:25 | 000,000,000 | ---D | M]
 Nikon -> C:\Documents and Settings\All Users\Application Data\Nikon -> [2009/12/25 18:48:11 | 000,000,000 | ---D | M]
 PlayFirst -> C:\Documents and Settings\All Users\Application Data\PlayFirst -> [2007/11/30 12:05:42 | 000,000,000 | ---D | M]
 PopCap Games -> C:\Documents and Settings\All Users\Application Data\PopCap Games -> [2009/11/10 08:14:10 | 000,000,000 | ---D | M]
 Qwest -> C:\Documents and Settings\All Users\Application Data\Qwest -> [2010/06/08 16:19:25 | 000,000,000 | ---D | M]
 Sandlot Games -> C:\Documents and Settings\All Users\Application Data\Sandlot Games -> [2006/07/14 09:13:25 | 000,000,000 | ---D | M]
 SupportSoft -> C:\Documents and Settings\All Users\Application Data\SupportSoft -> [2008/02/02 16:31:31 | 000,000,000 | ---D | M]
 TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2011/12/15 03:16:41 | 000,000,000 | ---D | M]
 Ultima_T15 -> C:\Documents and Settings\All Users\Application Data\Ultima_T15 -> [2009/12/25 18:47:37 | 000,000,000 | ---D | M]
 Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [2009/07/03 08:49:25 | 000,000,000 | ---D | M]
 Visan -> C:\Documents and Settings\All Users\Application Data\Visan -> [2011/04/22 17:27:53 | 000,000,000 | ---D | M]
 Vivendi Universal Games -> C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games -> [2006/06/07 12:32:26 | 000,000,000 | ---D | M]
 WeCareReminder -> C:\Documents and Settings\All Users\Application Data\WeCareReminder -> [2011/06/04 22:21:24 | 000,000,000 | ---D | M]
 WildTangent -> C:\Documents and Settings\All Users\Application Data\WildTangent -> [2006/12/21 21:36:11 | 000,000,000 | ---D | M]
 ZangoSA -> C:\Documents and Settings\All Users\Application Data\ZangoSA -> [2009/03/30 18:55:59 | 000,000,000 | ---D | M]
 Zylom -> C:\Documents and Settings\All Users\Application Data\Zylom -> [2008/10/04 14:56:01 | 000,000,000 | ---D | M]
 {429CAD59-35B1-4DBC-BB6D-1DB246563521} -> C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} -> [2011/02/12 08:57:53 | 000,000,000 | ---D | M]
 Canon -> C:\Documents and Settings\Carolyn\Application Data\Canon -> [2011/04/16 21:21:21 | 000,000,000 | ---D | M]
 Catalina Marketing Corp -> C:\Documents and Settings\Carolyn\Application Data\Catalina Marketing Corp -> [2011/04/22 05:50:10 | 000,000,000 | ---D | M]
 EA -> C:\Documents and Settings\Carolyn\Application Data\EA -> [2006/03/27 11:40:36 | 000,000,000 | ---D | M]
 eMusic -> C:\Documents and Settings\Carolyn\Application Data\eMusic -> [2011/02/27 09:22:13 | 000,000,000 | ---D | M]
 FrostWire -> C:\Documents and Settings\Carolyn\Application Data\FrostWire -> [2011/07/26 08:54:52 | 000,000,000 | ---D | M]
 GameHouse -> C:\Documents and Settings\Carolyn\Application Data\GameHouse -> [2007/11/30 11:16:16 | 000,000,000 | ---D | M]
 GetModule -> C:\Documents and Settings\Carolyn\Application Data\GetModule -> [2008/11/30 20:04:16 | 000,000,000 | ---D | M]
 Graboid Inc -> C:\Documents and Settings\Carolyn\Application Data\Graboid Inc -> [2009/03/30 18:44:07 | 000,000,000 | ---D | M]
 Image Zone Express -> C:\Documents and Settings\Carolyn\Application Data\Image Zone Express -> [2010/04/16 18:53:25 | 000,000,000 | ---D | M]
 Inbox Toolbar -> C:\Documents and Settings\Carolyn\Application Data\Inbox Toolbar -> [2011/09/30 11:06:23 | 000,000,000 | ---D | M]
 Jane s Hotel -> C:\Documents and Settings\Carolyn\Application Data\Jane s Hotel -> [2008/07/11 19:04:08 | 000,000,000 | ---D | M]
 Leadertech -> C:\Documents and Settings\Carolyn\Application Data\Leadertech -> [2006/02/26 06:52:51 | 000,000,000 | ---D | M]
 Nikon -> C:\Documents and Settings\Carolyn\Application Data\Nikon -> [2009/12/25 18:58:09 | 000,000,000 | ---D | M]
 OpenCandy -> C:\Documents and Settings\Carolyn\Application Data\OpenCandy -> [2011/05/28 10:56:14 | 000,000,000 | ---D | M]
 OpenOffice.org -> C:\Documents and Settings\Carolyn\Application Data\OpenOffice.org -> [2011/10/05 17:28:39 | 000,000,000 | ---D | M]
 Opera -> C:\Documents and Settings\Carolyn\Application Data\Opera -> [2008/09/18 20:50:43 | 000,000,000 | ---D | M]
 PCToolsFirewallPlus -> C:\Documents and Settings\Carolyn\Application Data\PCToolsFirewallPlus -> [2008/12/02 17:52:11 | 000,000,000 | ---D | M]
 Philips -> C:\Documents and Settings\Carolyn\Application Data\Philips -> [2010/09/16 04:57:51 | 000,000,000 | ---D | M]
 Philips-Songbird -> C:\Documents and Settings\Carolyn\Application Data\Philips-Songbird -> [2010/09/16 04:53:21 | 000,000,000 | ---D | M]
 PlayFirst -> C:\Documents and Settings\Carolyn\Application Data\PlayFirst -> [2008/08/08 17:16:06 | 000,000,000 | ---D | M]
 PreCast -> C:\Documents and Settings\Carolyn\Application Data\PreCast -> [2011/07/11 10:41:32 | 000,000,000 | ---D | M]
 QQ Games -> C:\Documents and Settings\Carolyn\Application Data\QQ Games -> [2008/10/04 15:14:23 | 000,000,000 | ---D | M]
 QQ Games Plugin -> C:\Documents and Settings\Carolyn\Application Data\QQ Games Plugin -> [2008/10/03 18:59:14 | 000,000,000 | ---D | M]
 ri4mupdater -> C:\Documents and Settings\Carolyn\Application Data\ri4mupdater -> [2007/04/22 14:39:34 | 000,000,000 | ---D | M]
 RipIt4Me -> C:\Documents and Settings\Carolyn\Application Data\RipIt4Me -> [2010/07/29 16:42:46 | 000,000,000 | ---D | M]
 ScamBlocker -> C:\Documents and Settings\Carolyn\Application Data\ScamBlocker -> [2006/12/21 21:20:44 | 000,000,000 | ---D | M]
 Simple Star -> C:\Documents and Settings\Carolyn\Application Data\Simple Star -> [2007/11/23 14:44:37 | 000,000,000 | ---D | M]
 Terrapin -> C:\Documents and Settings\Carolyn\Application Data\Terrapin -> [2009/01/10 11:49:27 | 000,000,000 | ---D | M]
 Uniblue -> C:\Documents and Settings\Carolyn\Application Data\Uniblue -> [2008/10/14 16:59:23 | 000,000,000 | ---D | M]
 Viewpoint -> C:\Documents and Settings\Carolyn\Application Data\Viewpoint -> [2008/09/12 17:03:10 | 000,000,000 | ---D | M]
 Visan -> C:\Documents and Settings\Carolyn\Application Data\Visan -> [2011/04/22 17:27:53 | 000,000,000 | ---D | M]
 W Photo Studio -> C:\Documents and Settings\Carolyn\Application Data\W Photo Studio -> [2009/11/21 16:11:00 | 000,000,000 | ---D | M]
 W Photo Studio Viewer -> C:\Documents and Settings\Carolyn\Application Data\W Photo Studio Viewer -> [2009/11/21 16:14:54 | 000,000,000 | ---D | M]
 Walgreens -> C:\Documents and Settings\Carolyn\Application Data\Walgreens -> [2009/09/07 07:23:49 | 000,000,000 | ---D | M]
 WebRenderer -> C:\Documents and Settings\Carolyn\Application Data\WebRenderer -> [2006/07/03 18:14:53 | 000,000,000 | ---D | M]
 Wildfire -> C:\Documents and Settings\Carolyn\Application Data\Wildfire -> [2006/07/01 08:49:16 | 000,000,000 | ---D | M]
 MP Scheduled Scan.job -> C:\WINDOWS\Tasks\MP Scheduled Scan.job -> [2011/12/15 03:21:54 | 000,000,424 | -H-- | M] ()
 Scheduled Update for Ask Toolbar.job -> C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job -> [2011/12/15 11:01:00 | 000,000,238 | ---- | M] ()
 
[File - Purity Scan]
 
 
[Alternate Data Streams]
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E36F5B57
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80B291A7
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3A6BC948
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C202A457
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C5A35877
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:680DD2F1
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27EEEB5C
< End of report >

#15 huggster26

  • Group: Member
  • Posts: 65
  • Joined: 01-December 08

Posted 15 December 2011 - 10:54 PM

from extras.txt:
OTL Extras logfile created on: 12/14/2011 11:25:03 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Carolyn\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.07 Mb Total Physical Memory | 147.39 Mb Available Physical Memory | 14.42% Memory free
2.40 Gb Paging File | 1.23 Gb Available in Paging File | 51.08% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 109.72 Gb Free Space | 76.03% Space Free | Partition Type: NTFS

Computer Name: HIGGINS | User Name: Carolyn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"UPDATESDISABLENOTIFY" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM
"C:\Documents and Settings\Princess\Application Data\MySpace\IM\bin\MySpaceIM.exe" = C:\Documents and Settings\Princess\Application Data\MySpace\IM\bin\MySpaceIM.exe:*:Disabled:MySpace Instant Messenger -- ()
"C:\Program Files\Graboid\GraboidVideo\1.4.0.0\DLManager\GraboidDLManager.exe" = C:\Program Files\Graboid\GraboidVideo\1.4.0.0\DLManager\GraboidDLManager.exe:*:Enabled:SABnzbd-0.2.5
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer -- (LimeWire)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire
"C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe" = C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP Device Setup -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe" = C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Network Communicator -- (Hewlett-Packard Co.)
"C:\Program Files\FrostWire 5\FrostWire.exe" = C:\Program Files\FrostWire 5\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{15D43B60-DAED-435D-894E-E58947A5CCC8}" = Tango
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83216015F0}" = Java™ 6 Update 15
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{34910BCD-F6D8-4FDD-BB2F-4622ED2DD132}" = Vantage Point Report Viewer
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Google AFE
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E79A62F-7A2D-4058-BCE0-94E6B9E2F162}" = USB Disk Win98 Driver
"{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1" = RebateInformer
"{4F7177E9-2B54-48B4-AAFD-03FA1F87A542}" = Bing Bar Platform
"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6DA93E66-5FA8-44ED-9CCA-40773444C10D}" = HP Deskjet 3050 J610 series Basic Device Software
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A62A068-3FD6-495A-9F66-26FE94F32EC9}" = Rhapsody Player Engine
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F4ECB4A-AFD9-4E9F-8DF2-1E339AF8F2CF}" = ASPCA Tri Reminder by We-Care.com v4.0.7.5
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio module
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B8C2A83F-20B0-49D9-BA2B-6495DD8639ED}" = EarthLink Toolbar
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{C057F6D0-0E4C-4B18-B645-9D0804FCFAFD}" = EarthLink Common Authentication
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}" = Opera 9.52
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire 4.0
"3A63F898C880C6A38C1D6D6E3E2300FF28E59320" = Windows Driver Package - OEM (mr97320) Image (04/20/2007 1.0.0.0)
"3DGroove" = OTOY
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AskTBar Uninstall" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"COMODO Internet Security" = COMODO Internet Security
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"FrostWire 5" = FrostWire 5.1.5
"HP Photo Creations" = HP Photo Creations
"HyperStudio 4 iPreview" = HyperStudio 4 iPreview
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"InterActual Player" = InterActual Player
"LimeWire" = LimeWire 5.1.2
"LivingPlay" = LivingPlay
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Owl and Mouse Africa Map Puzzle" = Owl and Mouse Africa Map Puzzle
"PhotoShow Express" = PhotoShow Express
"PreCast" = Ocucom PreCast 1.6
"PROSet" = Intel® PRO Network Connections Drivers
"Pyware 3D Performer's Practice Tools" = Pyware 3D Performer's Practice Tools
"QQ Games" = QQ Games
"QQ Pool" = QQ Pool
"RealPlayer 6.0" = RealPlayer Basic
"Sandlot Games Client Services_is1" = Sandlot Games Client Services
"SelectRebatesUninstall" = ShopAtHome SelectRebates
"StreetPlugin" = Learn2 Player (Uninstall Only)
"UnityWebPlayer" = Unity Web Player
"ViewpointMediaPlayer" = Viewpoint Media Player
"Virtools3DLifePlayer" = Virtools 3D Life Player
"VobSub" = VobSub v2.23 (Remove Only)
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Searchqu Toolbar" = Windows iLivid Toolbar
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YTdetect" = Yahoo! Detect

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4E002314-9999-4402-9823-1CB9E6098849}_is1" = Shopping InContext
"GabPath" = GabPath
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

Error: Unable to start EventLog service!

< End of report >

#16 huggster26

  • Group: Member
  • Posts: 65
  • Joined: 01-December 08

Posted 15 December 2011 - 10:56 PM

from OTL.txt:
OTL logfile created on: 12/14/2011 11:25:03 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Carolyn\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.07 Mb Total Physical Memory | 147.39 Mb Available Physical Memory | 14.42% Memory free
2.40 Gb Paging File | 1.23 Gb Available in Paging File | 51.08% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 109.72 Gb Free Space | 76.03% Space Free | Partition Type: NTFS

Computer Name: HIGGINS | User Name: Carolyn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/14 23:24:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Carolyn\My Documents\Downloads\OTL (2).exe
PRC - [2011/11/14 23:39:56 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/11/12 23:48:52 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/11/09 04:42:38 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/10/15 22:11:17 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/01/28 21:26:17 | 001,800,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010/01/28 21:26:15 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2009/04/23 05:29:18 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/04/23 05:29:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/02/10 10:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009/02/03 07:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/17 13:04:58 | 000,263,456 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFTray.exe
PRC - [2008/11/17 13:04:54 | 000,070,944 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/09/30 14:06:50 | 000,485,208 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/12 11:24:26 | 001,811,120 | ---- | M] () -- C:\Program Files\Ocucom\PreCast\tmon.exe
PRC - [2007/03/15 10:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/02/16 00:37:31 | 000,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2006/02/09 16:34:54 | 000,106,496 | ---- | M] (Corel, Inc.) -- C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
PRC - [2005/09/14 20:44:14 | 000,065,536 | ---- | M] (ali) -- C:\Program Files\USB Disk Win98 Driver\Res.exe
PRC - [2005/03/23 00:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/03/14 11:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2005/01/21 18:04:42 | 000,163,840 | ---- | M] (Simple Star, Inc.) -- C:\Program Files\Simple Star\PhotoShow Deluxe 3\data\Xtras\mssysmgr.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/14 15:42:46 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/12/14 15:42:44 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/11/14 23:39:54 | 000,420,920 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011/11/14 23:39:53 | 003,702,840 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011/11/14 23:38:16 | 000,122,952 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011/11/14 23:38:15 | 000,222,280 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011/11/14 23:38:14 | 001,746,504 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011/11/14 20:36:18 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/20 00:04:15 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/08/20 00:04:15 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/02/05 12:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2010/01/28 21:26:40 | 001,143,056 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\mach32.dll
MOD - [2009/04/23 23:33:48 | 000,139,264 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\nsldap32v50.dll
MOD - [2009/04/16 12:03:22 | 000,166,400 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\libxslt.dll
MOD - [2009/04/16 12:02:16 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009/02/10 10:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2008/12/02 22:06:43 | 000,028,672 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\script.cav
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/02/12 11:24:26 | 001,811,120 | ---- | M] () -- C:\Program Files\Ocucom\PreCast\tmon.exe


========== Win32 Services (SafeList) ==========

SRV - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Unknown | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/01/28 21:26:15 | 000,723,632 | ---- | M] (COMODO) [Unknown | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2009/02/10 10:01:49 | 000,116,104 | ---- | M] () [Unknown | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/11/17 13:04:54 | 000,070,944 | ---- | M] (PC Tools) [Unknown | Running] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Unknown | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [Unknown | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Unknown | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2005/03/14 11:05:02 | 000,069,632 | ---- | M] (HP) [Unknown | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011/12/14 15:39:13 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D19A23CA-4E58-414F-BB90-691B33579F81}\MpKsl31cffb6c.sys -- (MpKsl31cffb6c)
DRV - [2011/12/14 07:03:48 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D19A23CA-4E58-414F-BB90-691B33579F81}\MpKslc929e47f.sys -- (MpKslc929e47f)
DRV - [2011/07/22 10:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | Unknown | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 15:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | Unknown | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/07 10:01:34 | 000,134,344 | ---- | M] (COMODO) [File_System | Unknown | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2010/01/28 21:26:25 | 000,087,104 | ---- | M] (COMODO) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2010/01/28 21:26:24 | 000,025,160 | ---- | M] (COMODO) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2008/11/17 13:05:14 | 000,039,200 | ---- | M] (PC Tools) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2008/11/17 13:05:12 | 000,033,056 | ---- | M] (PC Tools) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2008/11/17 13:05:08 | 000,051,488 | ---- | M] (PC Tools) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2008/04/13 12:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007/04/20 16:44:08 | 000,069,248 | ---- | M] (Mars Semiconductor Corp.) [Kernel | Unknown | Stopped] -- C:\WINDOWS\system32\drivers\mr97320.sys -- (mr97320)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | Unknown | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/02/16 00:37:34 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Unknown | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/08/04 04:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/06/14 22:40:08 | 000,180,864 | ---- | M] (SigmaTel, Inc.) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/08/10 05:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 05:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/06/16 03:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/06 04:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 04:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 04:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | Unknown | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/01/20 12:50:36 | 000,020,648 | ---- | M] (Thomson Inc.) [Kernel | Unknown | Stopped] -- C:\WINDOWS\system32\drivers\netrcacm.sys -- (netrcacm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.tangosear...om/?useie5=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.mchsd.com;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = walledgarden.mchsd.com:8000

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaultthis.engineName: "Radio TV 1 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=13&q="
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.21.1.1
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36949
FF - prefs.js..extensions.enabledItems: facepad@lazyrussian.com:0.8.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.2
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.03.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {23ec984e-464c-4a0c-a8df-f80cb8c090e1}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: searchtoolbar@zugo.com:1.2
FF - prefs.js..extensions.enabledItems: {f29557fd-78aa-40e6-aba8-9fa219764018}:3.3.0.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=113&systemid=406&sr=0&q="
FF - prefs.js..network.proxy.ftp: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.ftp_port: 8000
FF - prefs.js..network.proxy.gopher: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.gopher_port: 8000
FF - prefs.js..network.proxy.http: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.http_port: 8000
FF - prefs.js..network.proxy.no_proxies_on: "*.mchsd.com"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.socks_port: 8000
FF - prefs.js..network.proxy.ssl: "walledgarden.mchsd.com"
FF - prefs.js..network.proxy.ssl_port: 8000


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug2;version=2.0.0.0: C:\Program Files\RealArcade\npracplug2.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\Carolyn\Application Data\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\Firefox [2011/04/21 11:35:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/04/22 02:03:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/06 15:29:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/04 15:47:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Documents and Settings\Carolyn\Application Data\Move Networks [2009/10/11 19:49:23 | 000,000,000 | ---D | M]

[2011/12/05 07:09:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions
[2009/05/02 15:23:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/09/16 04:53:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Extensions\songbird@songbirdnest.com
[2011/12/05 07:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions
[2009/04/11 10:36:45 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2011/12/05 07:09:18 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2009/05/27 17:50:27 | 000,000,000 | ---D | M] (Chromifox Basic) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\chromifox@altmusictv.com
[2009/07/03 09:11:37 | 000,004,207 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\aim-search.xml
[2010/02/07 17:00:41 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\askcom.xml
[2010/11/29 07:10:42 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\bing-zugo.xml
[2010/12/30 17:21:42 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\conduit.xml
[2011/11/30 19:01:39 | 000,001,672 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\mypoints-search.xml
[2011/12/05 07:08:36 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\searchplugins\Search_Results.xml
[2011/12/06 15:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/29 06:37:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\CAROLYN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZU3MSNT.DEFAULT\EXTENSIONS\AMZNUWL2@AMAZON.COM.XPI
[2011/09/29 00:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/22 05:49:56 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/04/22 05:49:57 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2009/11/19 15:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/12/19 06:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2009/11/19 15:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2007/04/16 11:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2011/09/28 18:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2009/09/27 11:42:12 | 000,003,700 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.png
[2009/09/27 11:42:12 | 000,001,963 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.xml
[2011/12/05 07:08:36 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml

========== Chrome ==========

CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-re...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPcol500.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Google Gadget Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Carolyn\Application Data\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
CHR - plugin: RealArcade20 Mozilla Plugin (Enabled) = C:\Program Files\RealArcade\npracplug2.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: Add to Amazon Wish List = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.7_0\
CHR - Extension: True Blood 2 = C:\Documents and Settings\Carolyn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kgpnfphdpgfhegonhjbmajnfcnajdceb\1_0\

O1 HOSTS File: ([2009/04/11 18:18:07 | 000,001,070 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 82.98.231.89 browser-security.microsoft.com
O1 - Hosts: 82.98.231.89 best-click-scanner.info
O1 - Hosts: 82.98.231.89 antivirus-xp-pro-2009.com
O1 - Hosts: 82.98.231.89 microsoft.infosecuritycenter.com
O1 - Hosts: 82.98.231.89 microsoft.softwaresecurityhelp.com
O1 - Hosts: 82.98.231.89 onlinenotifyq.net
O1 - Hosts: 82.98.231.89 antivirusxp-pro-2009.com
O1 - Hosts: 82.98.231.89 microsoft.browser-security-center.com
O2 - BHO: (ElnkBhoGuard Class) - {00000000-0000-0000-0000-000000000002} - C:\Program Files\EarthLink\Toolbar\EScamBlk.dll (EarthLink, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O2 - BHO: (ElnkScamBHO Class) - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - C:\Program Files\EarthLink\Toolbar\EScamBlk.dll (EarthLink, Inc.)
O2 - BHO: (Reg Error: Value error.) - {2220F2A2-672E-4EF4-AE44-B802D4E38795} - C:\WINDOWS\system32\ljJATMEX.dll File not found
O2 - BHO: (ElnkPubBHO Class) - {512ACF1B-64D9-4928-B382-A80556F28DB4} - C:\Program Files\EarthLink\Toolbar\ElnkPuB.dll (EarthLink, Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (ElnkProtectionBHO Class) - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\Program Files\EarthLink\Toolbar\ProtctIE.dll (EarthLink, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll (Google)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (ElnkLegacyUninstBHO Class) - {E713904C-DF05-4C79-BBAD-02DB923253BE} - C:\Program Files\EarthLink\Toolbar\uninsttb.dll (EarthLink, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (ShopAtHome Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (EarthLink Toolbar) - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files\EarthLink\Toolbar\Toolbar.dll (EarthLink, Inc.)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (EarthLink Toolbar) - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files\EarthLink\Toolbar\Toolbar.dll (EarthLink, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe (Corel, Inc.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.exe (ali)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background File not found
O4 - HKCU..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Simple Star\PhotoShow Deluxe 3\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
O4 - HKCU..\Run: [RebateInformer] C:\PROGRA~1\REBATE~1\REBATE~1.EXE /STARTUP File not found
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PreCast Monitor.lnk = C:\Program Files\Ocucom\PreCast\tmon.exe ()
O4 - Startup: C:\Documents and Settings\Carolyn\Start Menu\Programs\Startup\IMVU.lnk = File not found
O4 - Startup: C:\Documents and Settings\Carolyn\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = -1
O8 - Extra context menu item: &Search - http://edits.mywebse...html?p=ZKfox000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: EarthLink Yahoo Search - C:\Program Files\EarthLink\Toolbar\SearchUI.dll (EarthLink, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Carolyn\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: toontown.com ([play] http in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...p1.0.0.15-3.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://atv.disney.go...y/OTOYAX29b.cab (Groove Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://aolsvc.aol.co...zylomplayer.cab (Zylom Games Player)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} http://a532.g.akamai...0/Installer.exe (Virtools WebPlayer Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai...l/installer.exe (Virtools WebPlayer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD8535B6-108A-4252-832F-6F25B82A4B65}: DhcpNameServer = 192.168.0.1 205.171.3.25
O18 - Protocol\Handler\inbox - No CLSID value found
O18 - Protocol\Handler\rebinfo - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) -C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) -C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (yhbxys.dll) - File not found
O20 - AppInit_DLLs: (c:\windows\system32\latadeti.dll) - File not found
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) -C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 () - http://thumbp1.mail....f=505&fid=Inbox
O24 - Desktop Components:1 () - http://thumbp1.mail....f=505&fid=Inbox
O24 - Desktop Components:2 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Carolyn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (digeste.dll) - File not found
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\ljJATMEX) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 04:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell - "" = AutoRun
O33 - MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2ad7c3c2-c296-11e0-a054-00123fc22a9e}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/14 20:30:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/12/14 07:04:43 | 000,398,760 | R--- | C] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2011/12/06 15:25:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carolyn\AppData
[2011/12/05 07:13:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\Ilivid Player
[2011/12/05 07:08:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2011/12/05 07:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2011/12/05 07:07:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\PackageAware
[2011/08/20 00:00:26 | 012,495,296 | ---- | C] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware.exe
[2011/08/19 08:00:26 | 048,267,960 | ---- | C] (Flexera Software) -- C:\Program Files\PPTWinInstall.3.0.7.exe
[2011/07/19 21:55:04 | 000,589,664 | ---- | C] (Google Inc.) -- C:\Program Files\ChromeSetup.exe
[2010/11/24 14:48:06 | 005,389,804 | ---- | C] (Pipkins, Inc. ) -- C:\Program Files\PSRViewerSetup.exe
[2010/10/17 17:03:02 | 030,164,216 | ---- | C] (Lime Wire LLC) -- C:\Program Files\LimeWireWin(2).exe
[2010/10/05 06:27:47 | 000,874,272 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jxpiinstall(3).exe
[2010/10/05 06:20:41 | 000,714,528 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jxpiinstall(2).exe
[2010/09/17 05:30:48 | 002,320,763 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\autoupdater(2).exe
[2010/06/26 10:52:32 | 001,068,544 | ---- | C] (Coupons.com Incorporated) -- C:\Program Files\CouponPrinter.exe
[2010/05/25 11:45:24 | 003,103,640 | ---- | C] (Javacool Software LLC ) -- C:\Program Files\spywareblastersetup43.exe
[2010/02/24 19:08:09 | 006,667,584 | ---- | C] (DivX, Inc.) -- C:\Program Files\DivXWebPlayerInstaller.exe
[2009/12/25 20:07:32 | 000,410,624 | ---- | C] (OldTimer Tools) -- C:\Program Files\TFC.exe
[2009/12/05 04:53:59 | 025,740,144 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wmp11-windowsxp-x86-enu.exe
[2009/10/30 20:21:40 | 004,301,928 | ---- | C] (Adobe Systems Inc.) -- C:\Program Files\Shockwave_Installer_Slim(2).exe
[2009/10/30 20:18:23 | 000,714,528 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jxpiinstall.exe
[2009/10/29 16:39:46 | 001,925,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flash_player.exe
[2009/05/28 20:02:17 | 003,500,808 | ---- | C] (Adobe Systems Inc.) -- C:\Program Files\Shockwave_Installer_Slim.exe
[2009/05/02 15:18:50 | 016,509,288 | ---- | C] (Lime Wire LLC) -- C:\Program Files\LimeWireWin.exe
[2009/01/10 11:46:22 | 006,479,282 | ---- | C] (Ocucom) -- C:\Program Files\PrecastSetup.exe
[2008/12/03 19:36:45 | 004,283,512 | ---- | C] (W3i, LLC) -- C:\Program Files\ezvideos.exe
[2008/12/02 22:05:19 | 027,206,408 | ---- | C] (COMODO) -- C:\Program Files\CIS_Setup_3.5.55810.432_XP_Vista_x32.exe
[2007/01/20 12:50:31 | 005,971,432 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 2.0.0.1.exe
[2006/05/25 17:24:18 | 001,320,111 | ---- | C] (Fengtao Software Inc. ) -- C:\Program Files\DVDFabDecrypter29.exe

========== Files - Modified Within 30 Days ==========

[2011/12/14 23:16:01 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005UA.job
[2011/12/14 23:16:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1555933731-11304943-2770183423-1005Core.job
[2011/12/14 23:01:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/12/14 17:44:37 | 000,006,686 | ---- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2011/12/14 17:44:37 | 000,000,152 | RHS- | M] () -- C:\WINDOWS\System32\3DC448A41C.sys
[2011/12/14 17:44:28 | 000,002,429 | ---- | M] () -- C:\Documents and Settings\Carolyn\Desktop\WordPerfect.lnk
[2011/12/14 17:03:31 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2011/12/14 15:44:13 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/12/14 15:41:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/14 15:38:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/14 13:56:30 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Carolyn\Desktop\MBR.dat
[2011/12/14 07:04:43 | 000,398,760 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2011/12/13 11:30:15 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/12/09 15:40:12 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/12/06 15:30:12 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/06 15:30:12 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/11/18 11:18:11 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Carolyn\Desktop\Google Chrome.lnk
[2011/11/18 11:18:11 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2011/12/14 15:42:29 | 000,002,429 | ---- | C] () -- C:\Documents and Settings\Carolyn\Desktop\WordPerfect.lnk
[2011/12/14 13:56:30 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Carolyn\Desktop\MBR.dat
[2011/12/06 15:30:12 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/06 15:30:12 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/06 15:30:12 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/01/05 18:22:42 | 001,892,352 | ---- | C] () -- C:\WINDOWS\Win98Driver.exe
[2010/07/24 07:03:36 | 044,089,904 | ---- | C] () -- C:\Program Files\avira_antivir_personal_en.exe
[2010/06/23 16:45:56 | 052,566,928 | ---- | C] () -- C:\Program Files\setup_av_free(2).exe
[2010/05/25 11:42:42 | 002,062,665 | ---- | C] () -- C:\Program Files\spywareguardsetup.exe
[2010/04/24 21:58:13 | 048,417,032 | ---- | C] () -- C:\Program Files\setup_av_free.exe
[2010/04/09 06:19:23 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/27 16:33:26 | 000,000,540 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\AutoGK.ini
[2010/03/27 16:22:29 | 012,341,641 | ---- | C] () -- C:\Program Files\AutoGordianKnot.2.55.Setup.exe
[2010/02/21 20:28:00 | 000,057,086 | ---- | C] () -- C:\Program Files\IowaWeatherMap.jpg
[2009/12/25 18:47:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Perl
[2009/12/25 18:47:37 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Carolyn\Application Data\PageLibraries
[2009/12/25 18:47:37 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2009/12/25 09:03:20 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/12/19 19:34:16 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\FixVTS.ini
[2009/12/19 18:44:45 | 000,032,944 | ---- | C] () -- C:\Program Files\FixVTS1.603.zip
[2009/12/15 20:31:07 | 001,089,840 | ---- | C] () -- C:\Program Files\yahoomailuploader_0.5.exe
[2009/12/02 18:02:18 | 001,320,837 | ---- | C] () -- C:\Program Files\RADTools19q.exe
[2009/12/02 17:50:56 | 018,030,130 | ---- | C] () -- C:\Program Files\vlc-1.0.3-win32.exe
[2009/11/15 15:34:40 | 032,770,344 | ---- | C] () -- C:\Program Files\yahoo_cinematycoon2_tm6-3.exe
[2009/11/10 08:09:34 | 000,000,044 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2009/11/10 08:09:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2009/10/29 16:39:16 | 000,465,778 | ---- | C] () -- C:\Program Files\gp.xpi
[2009/10/04 07:35:46 | 000,000,593 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2009/10/04 07:35:22 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009/10/04 07:30:55 | 000,000,042 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2009/08/18 09:17:07 | 000,284,184 | ---- | C] () -- C:\Program Files\PopCapPluginInstaller_v2_en.exe
[2009/08/18 09:14:34 | 057,604,344 | ---- | C] () -- C:\Program Files\BWAVol2Setup_1_1.exe
[2009/06/12 14:38:22 | 001,104,331 | ---- | C] () -- C:\Program Files\Genevieve Jr Miss Louisa County.jpg
[2009/06/08 08:32:36 | 000,291,180 | ---- | C] () -- C:\Program Files\myspace_cube.pdf
[2009/06/08 08:30:56 | 000,404,712 | ---- | C] () -- C:\Program Files\myspace_calendar.pdf
[2009/06/07 11:01:57 | 025,083,936 | ---- | C] () -- C:\Program Files\yahoo_annasicecream_tm6-3.exe
[2009/05/11 12:14:45 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009/04/11 18:17:50 | 001,403,901 | -HS- | C] () -- C:\WINDOWS\System32\epenilek.ini
[2009/01/25 15:10:48 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/08 17:01:22 | 000,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/11/30 20:08:46 | 000,907,380 | -HS- | C] () -- C:\WINDOWS\System32\XEMTAJjl.ini
[2008/11/30 20:08:46 | 000,907,313 | -HS- | C] () -- C:\WINDOWS\System32\XEMTAJjl.ini2
[2008/10/18 16:49:28 | 000,343,235 | ---- | C] () -- C:\Program Files\GuiStyle.exe
[2008/10/03 18:58:00 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2008/06/19 18:24:40 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/02/15 15:50:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2007/11/20 18:20:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2007/07/15 09:11:12 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/04/10 12:40:22 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\mr320exd.dll
[2007/04/03 17:45:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\mr320exv.dll
[2007/03/24 13:25:58 | 000,202,071 | ---- | C] () -- C:\Program Files\RipIt4Me.zip
[2007/01/21 07:48:08 | 000,001,168 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/10/04 15:06:42 | 000,128,000 | ---- | C] () -- C:\WINDOWS\Unwise32.exe
[2006/09/17 09:54:55 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\1CA448C43D.sys
[2006/08/27 08:18:14 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/07/10 13:05:45 | 004,445,923 | ---- | C] () -- C:\Program Files\superman_ss_osx.sit.hqx
[2006/07/03 17:06:06 | 000,000,108 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2006/06/23 15:16:55 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2006/06/13 11:19:41 | 000,398,376 | ---- | C] () -- C:\Program Files\msgr75us.exe
[2006/06/12 16:12:26 | 000,000,024 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/06/07 12:34:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ka.ini
[2006/05/25 17:02:57 | 000,899,414 | ---- | C] () -- C:\Program Files\SetupDVDDecrypter_3.5.4.0.exe
[2006/05/25 17:02:26 | 000,793,583 | ---- | C] () -- C:\Program Files\Classic_0.91.7.zip
[2006/05/25 16:48:38 | 001,094,021 | ---- | C] () -- C:\Program Files\dvdshrink32setup.zip
[2006/04/30 14:30:17 | 003,645,968 | ---- | C] () -- C:\Program Files\123freesolitaire.exe
[2006/03/05 17:17:02 | 000,006,686 | ---- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/03/05 17:17:02 | 000,000,152 | RHS- | C] () -- C:\WINDOWS\System32\3DC448A41C.sys
[2006/02/26 06:55:23 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\PFP120JPR.{PB
[2006/02/26 06:55:23 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Carolyn\Application Data\PFP120JCM.{PB
[2006/02/20 22:03:25 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/02/20 17:55:02 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Carolyn\Local Settings\Application Data\fusioncache.dat
[2006/02/16 00:50:02 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/16 00:41:32 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/02/16 00:37:56 | 000,000,556 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/16 00:36:44 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/02/16 00:12:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/02/16 00:12:54 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/02/16 00:12:26 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 04:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 04:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 04:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 04:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 04:27:59 | 000,372,080 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 04:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 04:18:33 | 000,445,798 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 04:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 04:18:33 | 000,073,004 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 04:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 04:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 04:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 04:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 04:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 04:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 04:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 04:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/06/22 13:37:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/10/15 16:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2011/08/04 21:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\!SASCORE
[2009/03/30 18:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2010/02/13 17:45:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/12/06 06:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010/11/08 18:19:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2011/06/11 19:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2011/04/16 21:18:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2010/06/16 18:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSetup000
[2010/06/16 18:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSetup001
[2010/06/16 18:49:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSetup002
[2010/06/16 18:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSetup003
[2009/12/25 18:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dictionaries
[2008/07/16 07:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA
[2009/12/25 18:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2009/03/29 14:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc
[2007/11/30 10:47:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2007/11/30 11:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2009/12/25 18:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2007/11/30 12:05:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/11/10 08:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/06/08 16:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Qwest
[2006/07/14 09:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2008/02/02 16:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/12/14 15:39:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/25 18:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2009/07/03 08:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/04/22 17:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visan
[2006/06/07 12:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
[2011/06/04 22:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2006/12/21 21:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/03/30 18:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ZangoSA
[2008/10/04 14:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2011/02/12 08:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/04/16 21:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Canon
[2011/04/22 05:50:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Catalina Marketing Corp
[2006/03/27 11:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\EA
[2011/02/27 09:22:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\eMusic
[2011/07/26 08:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\FrostWire
[2007/11/30 11:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\GameHouse
[2008/11/30 20:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\GetModule
[2009/03/30 18:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Graboid Inc
[2010/04/16 18:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Image Zone Express
[2011/09/30 11:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Inbox Toolbar
[2008/07/11 19:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Jane s Hotel
[2006/02/26 06:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Leadertech
[2009/12/25 18:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Nikon
[2011/05/28 10:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\OpenCandy
[2011/10/05 17:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\OpenOffice.org
[2008/09/18 20:50:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Opera
[2008/12/02 17:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\PCToolsFirewallPlus
[2010/09/16 04:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Philips
[2010/09/16 04:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Philips-Songbird
[2008/08/08 17:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\PlayFirst
[2011/07/11 10:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\PreCast
[2008/10/04 15:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\QQ Games
[2008/10/03 18:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\QQ Games Plugin
[2007/04/22 14:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\ri4mupdater
[2010/07/29 16:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\RipIt4Me
[2006/12/21 21:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\ScamBlocker
[2007/11/23 14:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Simple Star
[2009/01/10 11:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Terrapin
[2008/10/14 16:59:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Uniblue
[2008/09/12 17:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Viewpoint
[2011/04/22 17:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Visan
[2009/11/21 16:11:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\W Photo Studio
[2009/11/21 16:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\W Photo Studio Viewer
[2009/09/07 07:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Walgreens
[2006/07/03 18:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\WebRenderer
[2006/07/01 08:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Carolyn\Application Data\Wildfire
[2011/12/14 15:44:13 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/12/14 23:01:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27EEEB5C
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:680DD2F1
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C5A35877
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C202A457
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3A6BC948
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80B291A7
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E36F5B57
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

#17 havredave

  • Group: Malware Removal
  • Posts: 802
  • Joined: 25-March 10

Posted 16 December 2011 - 10:28 AM

Fantastic, I was hoping that's what the problem would be. I'll be sure to help you fix the notepad issue as we progress.

Give me a bit of time to go through these logs, and I'll give you more to do. Hopefully this morning rather than later, but I help from work, so occasionally my time gets crunched pretty badly. I'm here with you for the duration though! :)

#18 huggster26

  • Group: Member
  • Posts: 65
  • Joined: 01-December 08

Posted 16 December 2011 - 10:43 AM

thanks! I appreciate any help you can give me....

#19 havredave

  • Group: Malware Removal
  • Posts: 802
  • Joined: 25-March 10

Posted 16 December 2011 - 01:37 PM

Ok, I have some cleaning for you this time. Take your time, and do each step carefully. Please stop and ask if you have any questions about what you're reading or what comes up on your machine during the process.

First

I see that you have several security-related programs installed. However, a few of them conflict with one another if configured improperly.

Comodo Internet Security has an antivirus component, and it will conflict with Microsoft Security Essentials. Please pick one of the two to remove, and keep the other. The choice is yours, as they are both legitimate.


Second

These programs I'd like you to remove from your machine. Click start, click control panel, then click Add/Remove Programs. Wait for the window to come up and for its list to fill, then look for these programs to remove by clicking on them, then hitting the remove button:

Windows iLivid Toolbar
Viewpoint Media Player
ShopAtHome SelectRebates
Microsoft Antimalware
Tango

I strongly recommend you remove LimeWire and Frostwire from your computer while you're at it. Not only is it illegal to download copywritten files such as music, this type of Peer to Peer sharing software is quite dangerous because you really can't be sure of where the file is coming from, and whether or not it's infected. It's quite a bit safer all around to avoid their use.

While the following programs aren't necessary to uninstall, they are also unnecessary for the use of your machine, and might help your machine regain some of its lost performance. If you happen to know you use any of them, feel free to leave them installed. The Java program in specific is quite useful, but you should only keep version 6 update 29 (or 30, whichever is latest today) unless you have software that requires older versions. If you are unsure about any of the programs in this list, leave them there.

  • Ask Toolbar
  • EarthLink Toolbar
  • ASPCA Tri Reminder by We-Care.com v4.0.7.5
  • Ask Toolbar
  • Inbox Toolbar
  • RebateInformer
  • Bing Bar Platform
  • NetZeroInstallers
  • Bing Bar
  • Coupon Printer for Windows
  • Java 2 Runtime Environment, SE v1.4.2_03
  • J2SE Runtime Environment 5.0 Update 6
  • J2SE Runtime Environment 5.0 Update 9
  • J2SE Runtime Environment 5.0 Update 10
  • Java™ SE Runtime Environment 6 Update 1
  • Java™ 6 Update 2
  • Java™ 6 Update 3
  • Java™ 6 Update 15


Lastly

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    :OTL
PRC - [2011/11/09 04:42:38 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.tangosear...om/?useie5=1&q=
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=13&q="
FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.2
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
[2011/12/05 07:09:18 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\Carolyn\Application Data\Mozilla\Firefox\Profiles\mzu3msnt.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
O2 - BHO: (Reg Error: Value error.) - {2220F2A2-672E-4EF4-AE44-B802D4E38795} - C:\WINDOWS\system32\ljJATMEX.dll File not found
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O3 - HKLM\..\Toolbar: (ShopAtHome Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - No CLSID value found.
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKCU..\Run: [RebateInformer] C:\PROGRA~1\REBATE~1\REBATE~1.EXE /STARTUP File not found
O4 - Startup: C:\Documents and Settings\Carolyn\Start Menu\Programs\Startup\IMVU.lnk = File not found
O8 - Extra context menu item: &Search - http://edits.mywebse...html?p=ZKfox000 File not found
O18 - Protocol\Handler\inbox - No CLSID value found
O18 - Protocol\Handler\rebinfo - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) -C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) -C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (yhbxys.dll) - File not found
O20 - AppInit_DLLs: (c:\windows\system32\latadeti.dll) - File not found
O29 - HKLM SecurityProviders - (digeste.dll) - File not found
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\ljJATMEX) - File not found

:Files
C:\Program Files\Windows iLivid Toolbar
C:\Documents and Settings\All Users\Application Data\Viewpoint

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" =-

:Commands
[resethosts]
[reboot]


  • Then click the Run Fix button at the top
  • Let the program run unhindered; it will reboot the PC when it is done.
  • After rebooting, OTL should run and show you a log file. Please include it in your next reply.
  • Open OTL again and paste the following into the Custom Scans/Fixes box:
    /md5start
notepad.*
/md5stop

  • Next, click the Quick Scan button. Post the log it produces in your next reply.




Please post back with the requested new OTL.txt file, the results from the OTL fix, and do please let me know if you encountered any difficulties removing software in earlier steps.

#20 huggster26

  • Group: Member
  • Posts: 65
  • Joined: 01-December 08

Posted 16 December 2011 - 04:08 PM

the only programs I couldn't remove were Tango and Microsoft Antimalware. I'll look a little deeper later. on call and have to go to work. I've run the 1st OTL and now running w the notepad fix. I'll post that info later tonite. :)

Share this topic:


  • 3 Pages +
  • 1
  • 2
  • 3