Opps. Nevermind! It just gave me a report... I guess it was working after all. How do I delete my post?
Edited by kellicanpelican, 05 January 2012 - 12:17 PM.
Need Help Removing Viruses and Spyware [Solved]
Started by
kellicanpelican
, Jan 05 2012 12:15 PM
-
This topic is locked
#1
Posted 05 January 2012 - 12:15 PM
kellicanpelican
-
- Member
-
- 31 posts
Member
Opps. Nevermind! It just gave me a report... I guess it was working after all. How do I delete my post?
#2
Posted 05 January 2012 - 12:31 PM
kellicanpelican
- Topic Starter
-
- Member
-
- 31 posts
Member
I'm trying to clean up this computer, but my anti-virus program (avast) doesn't seem to be very helpful. I downloaded and ran Lop, which I believe cleared out some spyware from my local folders. I have a report from that program which I can include in my next post if anyone would like to see it. Before running Lop, I could not change my Explorer homepage which somehow became locked to search.bearshare.com. I am now able to change my homepage. I changed it to google.com, but it still takes a rather long time to load. I opened up Firefox and noticed that search.bearshare.com on this browser as well. I changed my homepage, but it also takes a long time to load. Firefox in general took a couple of minutes to load any page at all. I've also been getting pop-ups that say "Mighty Magoo Advertisements" on them. I would like to remove any virus and spyware from my computer and get it running fast again. I'm not the one that usually uses this computer, so I'm not sure how it got to this state. I've attached my OTL report.
OTL.Txt 101.85KB
106 downloads
OTL logfile created on: 1/5/2012 1:07:23 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\kaleefa munroe\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.36 Mb Total Physical Memory | 278.03 Mb Available Physical Memory | 27.41% Memory free
2.38 Gb Paging File | 1.30 Gb Available in Paging File | 54.37% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.04 Gb Total Space | 34.76 Gb Free Space | 48.93% Space Free | Partition Type: NTFS
Drive D: | 72.00 Gb Total Space | 70.90 Gb Free Space | 98.47% Space Free | Partition Type: NTFS
Computer Name: YOUR-8C3461EE5F | User Name: kaleefa munroe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/05 12:52:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kaleefa munroe\My Documents\Downloads\OTL.exe
PRC - [2011/10/09 10:54:58 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2011/01/18 18:05:33 | 000,218,624 | ---- | M] () -- C:\Program Files\Mighty Magoo\mightymagoo32.exe
PRC - [2010/12/11 13:15:36 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2010/09/07 11:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2010/09/07 11:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/06 09:43:32 | 000,120,152 | ---- | M] (WeFi) -- C:\Program Files\WeFi\WefiEngSvc.exe
PRC - [2010/09/06 09:43:30 | 001,645,912 | ---- | M] (WeFi) -- C:\Program Files\WeFi\WeFi.exe
PRC - [2010/07/12 07:55:03 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessories\wordpad.exe
PRC - [2010/06/17 01:25:14 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2010/05/14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/01/09 19:00:52 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/01/09 18:57:32 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008/10/20 13:32:54 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
PRC - [2008/10/06 21:07:26 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008/09/17 14:25:46 | 000,580,200 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/05/22 16:27:34 | 000,299,008 | ---- | M] (BUFFALO INC.) -- C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe
PRC - [2008/05/21 19:44:30 | 000,299,008 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\MagicKBD\PerformanceManager.exe
PRC - [2008/05/20 23:02:08 | 000,372,736 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Program Files\Samsung\MagicKBD\MagicKBD.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 07:00:00 | 000,538,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spider.exe
PRC - [2007/12/20 23:40:30 | 000,659,456 | ---- | M] (Samsung Electronics,.LTD) -- C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/05 10:34:30 | 001,664,000 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12010501\algo.dll
MOD - [2012/01/05 05:21:37 | 001,664,000 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12010500\algo.dll
MOD - [2012/01/03 13:16:27 | 000,268,808 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12010501\aswRep.dll
MOD - [2012/01/03 13:16:27 | 000,268,808 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12010500\aswRep.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/16 08:18:21 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/01/28 19:30:23 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll
MOD - [2011/01/18 18:05:33 | 000,218,624 | ---- | M] () -- C:\Program Files\Mighty Magoo\mightymagoo32.exe
MOD - [2011/01/18 18:05:32 | 000,228,864 | ---- | M] () -- C:\Program Files\Mighty Magoo\mightymagoolib32.dll
MOD - [2010/12/11 13:15:36 | 001,017,304 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
MOD - [2010/09/07 11:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/04/28 07:16:36 | 002,142,720 | ---- | M] () -- C:\Program Files\WeFi\QtCore4.dll
MOD - [2010/02/10 11:46:36 | 000,027,648 | ---- | M] () -- C:\Program Files\WeFi\qico4.dll
MOD - [2010/02/10 11:45:48 | 000,025,600 | ---- | M] () -- C:\Program Files\WeFi\qgif4.dll
MOD - [2010/02/10 11:45:40 | 000,119,808 | ---- | M] () -- C:\Program Files\WeFi\qjpeg4.dll
MOD - [2010/02/10 11:18:36 | 009,831,936 | ---- | M] () -- C:\Program Files\WeFi\QtWebKit4.dll
MOD - [2010/02/10 09:39:50 | 000,232,960 | ---- | M] () -- C:\Program Files\WeFi\phonon4.dll
MOD - [2010/02/10 09:37:52 | 002,530,304 | ---- | M] () -- C:\Program Files\WeFi\QtXmlPatterns4.dll
MOD - [2010/02/10 09:22:16 | 007,971,840 | ---- | M] () -- C:\Program Files\WeFi\QtGui4.dll
MOD - [2010/02/10 09:07:32 | 000,929,280 | ---- | M] () -- C:\Program Files\WeFi\QtNetwork4.dll
MOD - [2010/02/10 09:06:06 | 000,334,848 | ---- | M] () -- C:\Program Files\WeFi\QtXml4.dll
MOD - [2010/02/05 13:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/11/05 07:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/01/27 07:53:44 | 000,073,728 | ---- | M] () -- C:\Program Files\WeFi\zlib1.dll
MOD - [2009/01/21 16:11:10 | 000,139,264 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\nsldap32v50.dll
MOD - [2008/10/20 13:32:54 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
MOD - [2008/09/17 14:20:08 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008/07/29 12:59:22 | 000,165,376 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\libxslt.dll
MOD - [2008/07/29 12:55:14 | 000,969,728 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2008/04/14 07:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 07:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/01/13 02:01:28 | 000,475,136 | R--- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\ccme_base.dll
MOD - [2007/01/13 02:01:28 | 000,397,312 | R--- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\cryptocme2.dll
MOD - [2006/08/12 15:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
MOD - [2005/07/12 19:34:22 | 000,045,056 | ---- | M] () -- C:\Program Files\Samsung\MagicKBD\EasyBoxDll.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/06 09:43:32 | 000,120,152 | ---- | M] (WeFi) [On_Demand | Running] -- C:\Program Files\WeFi\WefiEngSvc.exe -- (WefiEngSvc)
SRV - [2009/04/03 17:04:42 | 001,685,024 | ---- | M] (南京纳加软件有限公司) [Auto | Stopped] -- C:\WINDOWS\system32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2008/05/22 16:27:34 | 000,299,008 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe -- (SecureLockWare_InputPassword)
SRV - [2008/05/13 11:44:00 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
========== Driver Services (SafeList) ==========
DRV - [2010/09/07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/11/07 04:04:00 | 000,291,328 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008/10/08 01:35:10 | 001,334,432 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/09/23 15:23:58 | 000,238,464 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMC326.sys -- (VMC326)
DRV - [2008/08/26 18:35:00 | 004,753,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/07/29 10:59:08 | 000,879,832 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/07/29 10:59:02 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/07/26 18:29:54 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/07/26 18:29:36 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/07/26 18:29:28 | 000,539,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/01/14 22:01:02 | 000,030,208 | ---- | M] (Samsung Electronics,.LTD) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS -- (DNSeFilter)
DRV - [2007/06/19 19:12:00 | 000,725,248 | ---- | M] (BUFFALO INC.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SLWFIL.SYS -- (SecureLockWare_EncryptFilterDriver2)
DRV - [2007/06/19 19:11:00 | 000,725,120 | ---- | M] (BUFFALO INC.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ENCRFIL.SYS -- (SecureLockWare_EncryptFilterDriver)
DRV - [2007/05/18 15:04:16 | 000,015,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bfturboh.sys -- (bfturboh)
DRV - [2006/08/01 18:57:24 | 000,019,840 | ---- | M] (Samsung) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SUE_PD.sys -- (SUEPD)
DRV - [2005/10/26 23:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=SMSN&bmod=SMSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 32 29 A0 41 89 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - C:\Program Files\Dogpile Bundle Toolbar\Helper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://search.bearshare.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.7
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.9
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.76
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/05 20:54:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/05 20:54:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks [2009/09/30 01:13:23 | 000,000,000 | ---D | M]
[2011/02/06 12:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Extensions
[2012/01/02 22:35:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions
[2010/05/17 03:48:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/26 14:46:30 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010/11/17 22:16:48 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2011/01/28 19:30:25 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010/10/19 12:06:48 | 000,000,000 | ---D | M] (Zotero) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\[email protected]
[2010/09/14 07:48:25 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\searchplugins\BearShareWebSearch.xml
[2010/12/05 12:18:00 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\searchplugins\bing-zugo.xml
[2012/01/02 22:35:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/25 03:17:34 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/18 21:07:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009/09/30 01:13:23 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\KALEEFA MUNROE\APPLICATION DATA\MOVE NETWORKS
[2011/01/18 18:05:39 | 000,000,000 | ---D | M] (Mighty Magoo TextLinks) -- C:\DOCUMENTS AND SETTINGS\KALEEFA MUNROE\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\[email protected]
[2011/01/18 21:07:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/01/18 21:07:13 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/09/14 07:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Mighty Magoo Textlinks Plugin (Enabled) = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ahndmghnjfikjccedhcgoilmgklebefp\npmmtl.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Mighty Magoo = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ahndmghnjfikjccedhcgoilmgklebefp\
CHR - Extension: YouTube = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
O1 HOSTS File: ([2012/01/05 10:03:03 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll File not found
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Mighty Magoo Text) - {97E74A14-E5F1-40cc-9B0F-0D11946E5469} - C:\Program Files\Mighty Magoo\mmagootl.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O2 - BHO: (Dogpile Bundle Toolbar BHO) - {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Mighty Magoo) - {EEAD004E-7E2D-49f8-831C-A01647E85B53} - C:\Program Files\Mighty Magoo\mightymagoolib32.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll File not found
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [\\DB5B4R51\EPSON Stylus CX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe (SAMSUNG Electronics)
O4 - HKLM..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe (Samsung Electronics,.LTD)
O4 - HKLM..\Run: [MagicKeyboard] C:\Program Files\Samsung\MagicKBD\PreMKbd.exe ()
O4 - HKLM..\Run: [Mightymagoo] C:\Program Files\Mighty Magoo\mightymagoo32.exe ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10v_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\kaleefa munroe\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.spvod.com...cx-ch-spvod.cab (VodClient Control Class)
O16 - DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} http://dl.pplive.com/PluginSetup.cab (PPLive Lite Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.1 167.206.254.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{161CAC4D-CDCD-4C9B-878D-588BF51DB882}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9624D0D2-01EF-425A-98CB-3E2A87E54A79}: DhcpNameServer = 167.206.254.1 167.206.254.2
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/30 19:17:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{29ba95a0-55bc-11de-8818-001377b46198}\Shell\AutoRun\command - "" = E:\installer.exe
O33 - MountPoints2\{29ba95a0-55bc-11de-8818-001377b46198}\Shell\verb\command - "" = E:\installer.exe
O33 - MountPoints2\{3287ee37-2ded-11e1-88bd-00242b802217}\Shell - "" = AutoRun
O33 - MountPoints2\{3287ee37-2ded-11e1-88bd-00242b802217}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3287ee37-2ded-11e1-88bd-00242b802217}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{6709a315-e723-11de-8840-00234eeb57f5}\Shell\play\command - "" = C:\Program Files\VideoLAN\VLC\vlc.exe -- [2009/03/31 17:14:54 | 000,114,840 | ---- | M] ()
O33 - MountPoints2\{76e419fb-0963-11e0-8884-001377b46198}\Shell - "" = AutoRun
O33 - MountPoints2\{76e419fb-0963-11e0-8884-001377b46198}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{76e419fb-0963-11e0-8884-001377b46198}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{986aa7d8-d07b-11de-883b-00234eeb57f5}\Shell - "" = AutoRun
O33 - MountPoints2\{986aa7d8-d07b-11de-883b-00234eeb57f5}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{986aa7d8-d07b-11de-883b-00234eeb57f5}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{e7d83874-9d51-11de-8825-00234eeb57f5}\Shell\AutoRun\command - "" = explorer .
O33 - MountPoints2\{e7d83874-9d51-11de-8825-00234eeb57f5}\Shell\mobile\command - "" = E:\MobileLaunch.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/05 09:59:39 | 000,000,000 | ---D | C] -- C:\Lop SD
[2011/12/06 16:21:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/12/06 16:20:29 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/06 16:20:14 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/05 13:01:01 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/01/05 12:46:00 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4045417087-778751197-4140145611-1005UA.job
[2012/01/05 12:43:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/05 10:03:03 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/01/05 08:46:07 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4045417087-778751197-4140145611-1005Core.job
[2012/01/05 08:43:05 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/29 20:49:30 | 003,936,497 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\Oasis - Wonderwall.mp3.download
[2011/12/25 12:26:50 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/12/25 12:26:06 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\WefiStartup.job
[2011/12/25 12:25:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/25 12:25:00 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/21 19:45:42 | 000,022,857 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\untitled_0_1.odt
[2011/12/21 19:45:31 | 000,025,193 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation%20presentation.odt_0.odt
[2011/12/21 19:27:40 | 000,126,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/21 18:49:25 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/12/20 00:54:18 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/07 23:54:38 | 000,040,914 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation.odp_0.odp
[2011/12/07 21:30:46 | 000,022,796 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\investigative final.odt
[2011/12/07 21:20:40 | 000,022,799 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\for wed.odt
[2011/12/07 16:42:01 | 000,015,918 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\anim.jpg
[2011/12/07 16:13:41 | 000,000,156 | -H-- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\.~lock.animation presentation.odt#
[2011/12/06 17:01:16 | 000,020,223 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\investigative.odt
[2011/12/06 16:53:04 | 000,012,459 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation paper.odt
[2011/12/06 16:52:31 | 000,024,484 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation presentation.odt
[2011/12/06 16:37:33 | 000,025,108 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/12/06 16:27:06 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/12/06 16:23:22 | 000,000,629 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/12/06 16:21:49 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/12/06 15:54:08 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/04 11:28:53 | 000,040,914 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation.odp_0.odp
[2012/01/04 11:28:53 | 000,025,193 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation%20presentation.odt_0.odt
[2012/01/04 11:28:53 | 000,022,857 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\untitled_0_1.odt
[2011/12/29 20:49:14 | 003,936,497 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\Oasis - Wonderwall.mp3.download
[2011/12/07 21:30:45 | 000,022,796 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\investigative final.odt
[2011/12/07 16:42:01 | 000,015,918 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\anim.jpg
[2011/12/07 16:13:41 | 000,000,156 | -H-- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\.~lock.animation presentation.odt#
[2011/12/06 18:51:12 | 000,022,799 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\for wed.odt
[2011/12/06 16:53:03 | 000,012,459 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation paper.odt
[2011/12/06 16:52:29 | 000,024,484 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation presentation.odt
[2011/12/06 16:37:33 | 000,025,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/12/06 16:23:21 | 000,000,629 | ---- | C] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/12/06 16:21:49 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/04/13 06:36:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/30 05:17:51 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2010/09/30 05:17:51 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2010/09/13 22:17:13 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/07/01 18:47:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/02/17 23:09:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/09/09 10:07:03 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\bfturboh.sys
[2009/09/08 22:04:02 | 000,000,058 | ---- | C] () -- C:\WINDOWS\OSA.INI
[2009/03/31 04:59:16 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/31 04:01:45 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\kaleefa munroe_KBD.ini
[2009/03/30 23:16:26 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/02/21 12:39:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/01/30 19:36:51 | 000,307,200 | ---- | C] () -- C:\WINDOWS\SetDisplayResolution.exe
[2009/01/30 19:30:09 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\MagicKBD.INI
[2009/01/30 19:30:09 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\Owner_KBD.ini
[2009/01/30 19:30:06 | 000,003,425 | ---- | C] () -- C:\WINDOWS\System32\KBDR.INI
[2009/01/30 19:30:06 | 000,002,741 | ---- | C] () -- C:\WINDOWS\System32\KBDD.INI
[2009/01/30 19:30:06 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDO.INI
[2009/01/30 19:30:06 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDC.INI
[2009/01/30 19:30:06 | 000,002,606 | ---- | C] () -- C:\WINDOWS\System32\KBDB.INI
[2009/01/30 19:30:06 | 000,002,236 | ---- | C] () -- C:\WINDOWS\System32\KBDQ.INI
[2009/01/30 19:30:06 | 000,001,956 | ---- | C] () -- C:\WINDOWS\System32\KBDE.INI
[2009/01/30 19:30:06 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\KBDP.INI
[2009/01/30 19:30:06 | 000,001,857 | ---- | C] () -- C:\WINDOWS\System32\KBDUU.INI
[2009/01/30 19:30:06 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDG.INI
[2009/01/30 19:30:06 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDA.INI
[2009/01/30 19:30:06 | 000,001,834 | ---- | C] () -- C:\WINDOWS\System32\KBDU.INI
[2009/01/30 19:30:06 | 000,001,819 | ---- | C] () -- C:\WINDOWS\System32\KBDN.INI
[2009/01/30 19:30:06 | 000,001,699 | ---- | C] () -- C:\WINDOWS\System32\KBDT.INI
[2009/01/30 19:30:06 | 000,001,697 | ---- | C] () -- C:\WINDOWS\System32\KBDV.INI
[2009/01/30 19:30:06 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\KBDS.INI
[2009/01/30 19:30:06 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\KBDF.INI
[2009/01/30 19:27:49 | 000,000,135 | R--- | C] () -- C:\WINDOWS\System32\lngEng.ini
[2009/01/30 19:27:49 | 000,000,117 | ---- | C] () -- C:\WINDOWS\System32\lngKor.ini
[2009/01/30 19:24:10 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/01/30 19:21:37 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\Marker.exe
[2009/01/30 19:21:36 | 000,004,300 | ---- | C] () -- C:\WINDOWS\System32\MEMIO.SYS
[2009/01/30 19:19:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/01/30 19:14:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/01/30 17:57:24 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/01/30 17:57:01 | 002,462,720 | ---- | C] () -- C:\WINDOWS\System32\WMVCore.dll
[2009/01/30 17:56:50 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/01/30 17:56:49 | 000,464,324 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/01/30 17:56:49 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/01/30 17:56:49 | 000,080,884 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/01/30 17:56:49 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/01/30 17:56:48 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/01/30 17:56:48 | 000,004,486 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/01/30 17:56:47 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/01/30 17:56:45 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/01/30 17:56:45 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/01/30 17:56:41 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/01/30 17:56:38 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009/01/30 11:09:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/01/30 11:08:15 | 000,126,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/01/21 12:59:38 | 000,006,416 | ---- | C] () -- C:\WINDOWS\UN080325.INI
[2009/01/21 12:59:25 | 000,012,348 | ---- | C] () -- C:\WINDOWS\UN050225.INI
[2008/09/17 14:20:08 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/02/26 19:49:12 | 006,139,774 | ---- | C] () -- C:\WINDOWS\imagine digital freedom.dat
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2011/01/31 20:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\348C
[2010/11/21 09:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/01/31 20:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\B280
[2010/03/21 13:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/10/15 08:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/10/19 23:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PPLive
[2010/09/30 05:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeNet Sentinel
[2011/01/26 23:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2010/09/30 05:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SPSS
[2009/01/30 19:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLAN
[2011/01/22 16:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/12/02 09:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Amazon
[2011/06/07 20:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Azureus
[2011/01/18 18:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\FCTB000060231
[2011/02/22 14:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\FrostWire
[2009/04/22 22:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\ICAClient
[2010/07/21 22:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\iktsoft
[2009/03/30 21:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\MSNInstaller
[2010/09/02 07:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\ooVoo Details
[2009/04/18 12:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\OpenOffice.org
[2011/10/26 13:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Pamela
[2011/10/26 17:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Pamela Call Recorder
[2009/12/22 17:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\PlayFirst
[2012/01/05 13:01:01 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/12/25 12:26:06 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\WefiStartup.job
========== Purity Check ==========
< End of report >
OTL.Txt 101.85KB
106 downloadsOTL logfile created on: 1/5/2012 1:07:23 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\kaleefa munroe\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.36 Mb Total Physical Memory | 278.03 Mb Available Physical Memory | 27.41% Memory free
2.38 Gb Paging File | 1.30 Gb Available in Paging File | 54.37% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.04 Gb Total Space | 34.76 Gb Free Space | 48.93% Space Free | Partition Type: NTFS
Drive D: | 72.00 Gb Total Space | 70.90 Gb Free Space | 98.47% Space Free | Partition Type: NTFS
Computer Name: YOUR-8C3461EE5F | User Name: kaleefa munroe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/05 12:52:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kaleefa munroe\My Documents\Downloads\OTL.exe
PRC - [2011/10/09 10:54:58 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2011/01/18 18:05:33 | 000,218,624 | ---- | M] () -- C:\Program Files\Mighty Magoo\mightymagoo32.exe
PRC - [2010/12/11 13:15:36 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2010/09/07 11:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2010/09/07 11:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/06 09:43:32 | 000,120,152 | ---- | M] (WeFi) -- C:\Program Files\WeFi\WefiEngSvc.exe
PRC - [2010/09/06 09:43:30 | 001,645,912 | ---- | M] (WeFi) -- C:\Program Files\WeFi\WeFi.exe
PRC - [2010/07/12 07:55:03 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessories\wordpad.exe
PRC - [2010/06/17 01:25:14 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2010/05/14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/01/09 19:00:52 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/01/09 18:57:32 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008/10/20 13:32:54 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
PRC - [2008/10/06 21:07:26 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008/09/17 14:25:46 | 000,580,200 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/05/22 16:27:34 | 000,299,008 | ---- | M] (BUFFALO INC.) -- C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe
PRC - [2008/05/21 19:44:30 | 000,299,008 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\MagicKBD\PerformanceManager.exe
PRC - [2008/05/20 23:02:08 | 000,372,736 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Program Files\Samsung\MagicKBD\MagicKBD.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 07:00:00 | 000,538,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spider.exe
PRC - [2007/12/20 23:40:30 | 000,659,456 | ---- | M] (Samsung Electronics,.LTD) -- C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/05 10:34:30 | 001,664,000 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12010501\algo.dll
MOD - [2012/01/05 05:21:37 | 001,664,000 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12010500\algo.dll
MOD - [2012/01/03 13:16:27 | 000,268,808 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12010501\aswRep.dll
MOD - [2012/01/03 13:16:27 | 000,268,808 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12010500\aswRep.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/16 08:18:21 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/01/28 19:30:23 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll
MOD - [2011/01/18 18:05:33 | 000,218,624 | ---- | M] () -- C:\Program Files\Mighty Magoo\mightymagoo32.exe
MOD - [2011/01/18 18:05:32 | 000,228,864 | ---- | M] () -- C:\Program Files\Mighty Magoo\mightymagoolib32.dll
MOD - [2010/12/11 13:15:36 | 001,017,304 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
MOD - [2010/09/07 11:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/04/28 07:16:36 | 002,142,720 | ---- | M] () -- C:\Program Files\WeFi\QtCore4.dll
MOD - [2010/02/10 11:46:36 | 000,027,648 | ---- | M] () -- C:\Program Files\WeFi\qico4.dll
MOD - [2010/02/10 11:45:48 | 000,025,600 | ---- | M] () -- C:\Program Files\WeFi\qgif4.dll
MOD - [2010/02/10 11:45:40 | 000,119,808 | ---- | M] () -- C:\Program Files\WeFi\qjpeg4.dll
MOD - [2010/02/10 11:18:36 | 009,831,936 | ---- | M] () -- C:\Program Files\WeFi\QtWebKit4.dll
MOD - [2010/02/10 09:39:50 | 000,232,960 | ---- | M] () -- C:\Program Files\WeFi\phonon4.dll
MOD - [2010/02/10 09:37:52 | 002,530,304 | ---- | M] () -- C:\Program Files\WeFi\QtXmlPatterns4.dll
MOD - [2010/02/10 09:22:16 | 007,971,840 | ---- | M] () -- C:\Program Files\WeFi\QtGui4.dll
MOD - [2010/02/10 09:07:32 | 000,929,280 | ---- | M] () -- C:\Program Files\WeFi\QtNetwork4.dll
MOD - [2010/02/10 09:06:06 | 000,334,848 | ---- | M] () -- C:\Program Files\WeFi\QtXml4.dll
MOD - [2010/02/05 13:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/11/05 07:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/01/27 07:53:44 | 000,073,728 | ---- | M] () -- C:\Program Files\WeFi\zlib1.dll
MOD - [2009/01/21 16:11:10 | 000,139,264 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\nsldap32v50.dll
MOD - [2008/10/20 13:32:54 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
MOD - [2008/09/17 14:20:08 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008/07/29 12:59:22 | 000,165,376 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\Basis\program\libxslt.dll
MOD - [2008/07/29 12:55:14 | 000,969,728 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2008/04/14 07:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 07:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/01/13 02:01:28 | 000,475,136 | R--- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\ccme_base.dll
MOD - [2007/01/13 02:01:28 | 000,397,312 | R--- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\cryptocme2.dll
MOD - [2006/08/12 15:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
MOD - [2005/07/12 19:34:22 | 000,045,056 | ---- | M] () -- C:\Program Files\Samsung\MagicKBD\EasyBoxDll.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/06 09:43:32 | 000,120,152 | ---- | M] (WeFi) [On_Demand | Running] -- C:\Program Files\WeFi\WefiEngSvc.exe -- (WefiEngSvc)
SRV - [2009/04/03 17:04:42 | 001,685,024 | ---- | M] (南京纳加软件有限公司) [Auto | Stopped] -- C:\WINDOWS\system32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2008/05/22 16:27:34 | 000,299,008 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe -- (SecureLockWare_InputPassword)
SRV - [2008/05/13 11:44:00 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
========== Driver Services (SafeList) ==========
DRV - [2010/09/07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/11/07 04:04:00 | 000,291,328 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008/10/08 01:35:10 | 001,334,432 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/09/23 15:23:58 | 000,238,464 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMC326.sys -- (VMC326)
DRV - [2008/08/26 18:35:00 | 004,753,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/07/29 10:59:08 | 000,879,832 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/07/29 10:59:02 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/07/26 18:29:54 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/07/26 18:29:36 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/07/26 18:29:28 | 000,539,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/01/14 22:01:02 | 000,030,208 | ---- | M] (Samsung Electronics,.LTD) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS -- (DNSeFilter)
DRV - [2007/06/19 19:12:00 | 000,725,248 | ---- | M] (BUFFALO INC.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SLWFIL.SYS -- (SecureLockWare_EncryptFilterDriver2)
DRV - [2007/06/19 19:11:00 | 000,725,120 | ---- | M] (BUFFALO INC.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ENCRFIL.SYS -- (SecureLockWare_EncryptFilterDriver)
DRV - [2007/05/18 15:04:16 | 000,015,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bfturboh.sys -- (bfturboh)
DRV - [2006/08/01 18:57:24 | 000,019,840 | ---- | M] (Samsung) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SUE_PD.sys -- (SUEPD)
DRV - [2005/10/26 23:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=SMSN&bmod=SMSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 32 29 A0 41 89 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - C:\Program Files\Dogpile Bundle Toolbar\Helper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://search.bearshare.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.7
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.9
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.76
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/05 20:54:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/05 20:54:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks [2009/09/30 01:13:23 | 000,000,000 | ---D | M]
[2011/02/06 12:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Extensions
[2012/01/02 22:35:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions
[2010/05/17 03:48:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/26 14:46:30 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010/11/17 22:16:48 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2011/01/28 19:30:25 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010/10/19 12:06:48 | 000,000,000 | ---D | M] (Zotero) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\[email protected]
[2010/09/14 07:48:25 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\searchplugins\BearShareWebSearch.xml
[2010/12/05 12:18:00 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\searchplugins\bing-zugo.xml
[2012/01/02 22:35:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/25 03:17:34 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/18 21:07:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009/09/30 01:13:23 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\KALEEFA MUNROE\APPLICATION DATA\MOVE NETWORKS
[2011/01/18 18:05:39 | 000,000,000 | ---D | M] (Mighty Magoo TextLinks) -- C:\DOCUMENTS AND SETTINGS\KALEEFA MUNROE\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\[email protected]
[2011/01/18 21:07:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/01/18 21:07:13 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/09/14 07:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Mighty Magoo Textlinks Plugin (Enabled) = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ahndmghnjfikjccedhcgoilmgklebefp\npmmtl.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Mighty Magoo = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ahndmghnjfikjccedhcgoilmgklebefp\
CHR - Extension: YouTube = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
O1 HOSTS File: ([2012/01/05 10:03:03 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll File not found
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Mighty Magoo Text) - {97E74A14-E5F1-40cc-9B0F-0D11946E5469} - C:\Program Files\Mighty Magoo\mmagootl.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O2 - BHO: (Dogpile Bundle Toolbar BHO) - {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Mighty Magoo) - {EEAD004E-7E2D-49f8-831C-A01647E85B53} - C:\Program Files\Mighty Magoo\mightymagoolib32.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll File not found
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [\\DB5B4R51\EPSON Stylus CX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe (SAMSUNG Electronics)
O4 - HKLM..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe (Samsung Electronics,.LTD)
O4 - HKLM..\Run: [MagicKeyboard] C:\Program Files\Samsung\MagicKBD\PreMKbd.exe ()
O4 - HKLM..\Run: [Mightymagoo] C:\Program Files\Mighty Magoo\mightymagoo32.exe ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10v_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\kaleefa munroe\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.spvod.com...cx-ch-spvod.cab (VodClient Control Class)
O16 - DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} http://dl.pplive.com/PluginSetup.cab (PPLive Lite Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.1 167.206.254.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{161CAC4D-CDCD-4C9B-878D-588BF51DB882}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9624D0D2-01EF-425A-98CB-3E2A87E54A79}: DhcpNameServer = 167.206.254.1 167.206.254.2
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/30 19:17:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{29ba95a0-55bc-11de-8818-001377b46198}\Shell\AutoRun\command - "" = E:\installer.exe
O33 - MountPoints2\{29ba95a0-55bc-11de-8818-001377b46198}\Shell\verb\command - "" = E:\installer.exe
O33 - MountPoints2\{3287ee37-2ded-11e1-88bd-00242b802217}\Shell - "" = AutoRun
O33 - MountPoints2\{3287ee37-2ded-11e1-88bd-00242b802217}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3287ee37-2ded-11e1-88bd-00242b802217}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{6709a315-e723-11de-8840-00234eeb57f5}\Shell\play\command - "" = C:\Program Files\VideoLAN\VLC\vlc.exe -- [2009/03/31 17:14:54 | 000,114,840 | ---- | M] ()
O33 - MountPoints2\{76e419fb-0963-11e0-8884-001377b46198}\Shell - "" = AutoRun
O33 - MountPoints2\{76e419fb-0963-11e0-8884-001377b46198}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{76e419fb-0963-11e0-8884-001377b46198}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{986aa7d8-d07b-11de-883b-00234eeb57f5}\Shell - "" = AutoRun
O33 - MountPoints2\{986aa7d8-d07b-11de-883b-00234eeb57f5}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{986aa7d8-d07b-11de-883b-00234eeb57f5}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{e7d83874-9d51-11de-8825-00234eeb57f5}\Shell\AutoRun\command - "" = explorer .
O33 - MountPoints2\{e7d83874-9d51-11de-8825-00234eeb57f5}\Shell\mobile\command - "" = E:\MobileLaunch.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/05 09:59:39 | 000,000,000 | ---D | C] -- C:\Lop SD
[2011/12/06 16:21:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/12/06 16:20:29 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/06 16:20:14 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/05 13:01:01 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/01/05 12:46:00 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4045417087-778751197-4140145611-1005UA.job
[2012/01/05 12:43:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/05 10:03:03 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/01/05 08:46:07 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4045417087-778751197-4140145611-1005Core.job
[2012/01/05 08:43:05 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/29 20:49:30 | 003,936,497 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\Oasis - Wonderwall.mp3.download
[2011/12/25 12:26:50 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/12/25 12:26:06 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\WefiStartup.job
[2011/12/25 12:25:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/25 12:25:00 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/21 19:45:42 | 000,022,857 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\untitled_0_1.odt
[2011/12/21 19:45:31 | 000,025,193 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation%20presentation.odt_0.odt
[2011/12/21 19:27:40 | 000,126,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/21 18:49:25 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/12/20 00:54:18 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/07 23:54:38 | 000,040,914 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation.odp_0.odp
[2011/12/07 21:30:46 | 000,022,796 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\investigative final.odt
[2011/12/07 21:20:40 | 000,022,799 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\for wed.odt
[2011/12/07 16:42:01 | 000,015,918 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\anim.jpg
[2011/12/07 16:13:41 | 000,000,156 | -H-- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\.~lock.animation presentation.odt#
[2011/12/06 17:01:16 | 000,020,223 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\investigative.odt
[2011/12/06 16:53:04 | 000,012,459 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation paper.odt
[2011/12/06 16:52:31 | 000,024,484 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation presentation.odt
[2011/12/06 16:37:33 | 000,025,108 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/12/06 16:27:06 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/12/06 16:23:22 | 000,000,629 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/12/06 16:21:49 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/12/06 15:54:08 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/04 11:28:53 | 000,040,914 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation.odp_0.odp
[2012/01/04 11:28:53 | 000,025,193 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation%20presentation.odt_0.odt
[2012/01/04 11:28:53 | 000,022,857 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\untitled_0_1.odt
[2011/12/29 20:49:14 | 003,936,497 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\Oasis - Wonderwall.mp3.download
[2011/12/07 21:30:45 | 000,022,796 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\investigative final.odt
[2011/12/07 16:42:01 | 000,015,918 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\anim.jpg
[2011/12/07 16:13:41 | 000,000,156 | -H-- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\.~lock.animation presentation.odt#
[2011/12/06 18:51:12 | 000,022,799 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\for wed.odt
[2011/12/06 16:53:03 | 000,012,459 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation paper.odt
[2011/12/06 16:52:29 | 000,024,484 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation presentation.odt
[2011/12/06 16:37:33 | 000,025,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/12/06 16:23:21 | 000,000,629 | ---- | C] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/12/06 16:21:49 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/04/13 06:36:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/30 05:17:51 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2010/09/30 05:17:51 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2010/09/13 22:17:13 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/07/01 18:47:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/02/17 23:09:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/09/09 10:07:03 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\bfturboh.sys
[2009/09/08 22:04:02 | 000,000,058 | ---- | C] () -- C:\WINDOWS\OSA.INI
[2009/03/31 04:59:16 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/31 04:01:45 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\kaleefa munroe_KBD.ini
[2009/03/30 23:16:26 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/02/21 12:39:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/01/30 19:36:51 | 000,307,200 | ---- | C] () -- C:\WINDOWS\SetDisplayResolution.exe
[2009/01/30 19:30:09 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\MagicKBD.INI
[2009/01/30 19:30:09 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\Owner_KBD.ini
[2009/01/30 19:30:06 | 000,003,425 | ---- | C] () -- C:\WINDOWS\System32\KBDR.INI
[2009/01/30 19:30:06 | 000,002,741 | ---- | C] () -- C:\WINDOWS\System32\KBDD.INI
[2009/01/30 19:30:06 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDO.INI
[2009/01/30 19:30:06 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDC.INI
[2009/01/30 19:30:06 | 000,002,606 | ---- | C] () -- C:\WINDOWS\System32\KBDB.INI
[2009/01/30 19:30:06 | 000,002,236 | ---- | C] () -- C:\WINDOWS\System32\KBDQ.INI
[2009/01/30 19:30:06 | 000,001,956 | ---- | C] () -- C:\WINDOWS\System32\KBDE.INI
[2009/01/30 19:30:06 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\KBDP.INI
[2009/01/30 19:30:06 | 000,001,857 | ---- | C] () -- C:\WINDOWS\System32\KBDUU.INI
[2009/01/30 19:30:06 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDG.INI
[2009/01/30 19:30:06 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDA.INI
[2009/01/30 19:30:06 | 000,001,834 | ---- | C] () -- C:\WINDOWS\System32\KBDU.INI
[2009/01/30 19:30:06 | 000,001,819 | ---- | C] () -- C:\WINDOWS\System32\KBDN.INI
[2009/01/30 19:30:06 | 000,001,699 | ---- | C] () -- C:\WINDOWS\System32\KBDT.INI
[2009/01/30 19:30:06 | 000,001,697 | ---- | C] () -- C:\WINDOWS\System32\KBDV.INI
[2009/01/30 19:30:06 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\KBDS.INI
[2009/01/30 19:30:06 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\KBDF.INI
[2009/01/30 19:27:49 | 000,000,135 | R--- | C] () -- C:\WINDOWS\System32\lngEng.ini
[2009/01/30 19:27:49 | 000,000,117 | ---- | C] () -- C:\WINDOWS\System32\lngKor.ini
[2009/01/30 19:24:10 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/01/30 19:21:37 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\Marker.exe
[2009/01/30 19:21:36 | 000,004,300 | ---- | C] () -- C:\WINDOWS\System32\MEMIO.SYS
[2009/01/30 19:19:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/01/30 19:14:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/01/30 17:57:24 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/01/30 17:57:01 | 002,462,720 | ---- | C] () -- C:\WINDOWS\System32\WMVCore.dll
[2009/01/30 17:56:50 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/01/30 17:56:49 | 000,464,324 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/01/30 17:56:49 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/01/30 17:56:49 | 000,080,884 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/01/30 17:56:49 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/01/30 17:56:48 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/01/30 17:56:48 | 000,004,486 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/01/30 17:56:47 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/01/30 17:56:45 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/01/30 17:56:45 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/01/30 17:56:41 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/01/30 17:56:38 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009/01/30 11:09:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/01/30 11:08:15 | 000,126,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/01/21 12:59:38 | 000,006,416 | ---- | C] () -- C:\WINDOWS\UN080325.INI
[2009/01/21 12:59:25 | 000,012,348 | ---- | C] () -- C:\WINDOWS\UN050225.INI
[2008/09/17 14:20:08 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/02/26 19:49:12 | 006,139,774 | ---- | C] () -- C:\WINDOWS\imagine digital freedom.dat
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2011/01/31 20:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\348C
[2010/11/21 09:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/01/31 20:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\B280
[2010/03/21 13:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/10/15 08:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/10/19 23:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PPLive
[2010/09/30 05:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeNet Sentinel
[2011/01/26 23:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2010/09/30 05:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SPSS
[2009/01/30 19:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLAN
[2011/01/22 16:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/12/02 09:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Amazon
[2011/06/07 20:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Azureus
[2011/01/18 18:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\FCTB000060231
[2011/02/22 14:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\FrostWire
[2009/04/22 22:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\ICAClient
[2010/07/21 22:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\iktsoft
[2009/03/30 21:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\MSNInstaller
[2010/09/02 07:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\ooVoo Details
[2009/04/18 12:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\OpenOffice.org
[2011/10/26 13:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Pamela
[2011/10/26 17:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Pamela Call Recorder
[2009/12/22 17:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\PlayFirst
[2012/01/05 13:01:01 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/12/25 12:26:06 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\WefiStartup.job
========== Purity Check ==========
< End of report >
#3
Posted 05 January 2012 - 02:45 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Hi there lets see if we can kill magoo
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
THEN
Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.bearshare.com/"
[2010/09/14 07:48:25 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\searchplugins\BearShareWebSearch.xml
[2011/01/18 18:05:39 | 000,000,000 | ---D | M] (Mighty Magoo TextLinks) -- C:\DOCUMENTS AND SETTINGS\KALEEFA MUNROE\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\[email protected]
[2010/09/14 07:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - \MediaBar\ToolBar\BearshareMediabarDx.dll File not found
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Mighty Magoo Text) - {97E74A14-E5F1-40cc-9B0F-0D11946E5469} - C:\Program Files\Mighty Magoo\mmagootl.dll ()
O2 - BHO: (Mighty Magoo) - {EEAD004E-7E2D-49f8-831C-A01647E85B53} - C:\Program Files\Mighty Magoo\mightymagoolib32.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Mightymagoo] C:\Program Files\Mighty Magoo\mightymagoo32.exe ()
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
:Files
ipconfig /flushdns /c
C:\Program Files\Mighty Magoo
C:\PROGRA~1\BEARSH~1
:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot] - Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN
Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
#4
Posted 05 January 2012 - 03:39 PM
kellicanpelican
- Topic Starter
-
- Member
-
- 31 posts
Member
Thanks! Here is my new OTL log
OTL logfile created on: 1/5/2012 4:20:32 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\kaleefa munroe\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.36 Mb Total Physical Memory | 354.66 Mb Available Physical Memory | 34.96% Memory free
2.38 Gb Paging File | 1.88 Gb Available in Paging File | 78.93% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.04 Gb Total Space | 39.98 Gb Free Space | 56.28% Space Free | Partition Type: NTFS
Drive D: | 72.00 Gb Total Space | 70.90 Gb Free Space | 98.47% Space Free | Partition Type: NTFS
Computer Name: YOUR-8C3461EE5F | User Name: kaleefa munroe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/05 12:52:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kaleefa munroe\My Documents\Downloads\OTL.exe
PRC - [2010/12/11 13:15:36 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2010/09/07 11:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2010/09/07 11:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/06 09:43:32 | 000,120,152 | ---- | M] (WeFi) -- C:\Program Files\WeFi\WefiEngSvc.exe
PRC - [2010/09/06 09:43:30 | 001,645,912 | ---- | M] (WeFi) -- C:\Program Files\WeFi\WeFi.exe
PRC - [2009/01/09 19:00:52 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/01/09 18:57:32 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008/10/20 13:32:54 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
PRC - [2008/10/06 21:07:26 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008/09/17 14:25:46 | 000,580,200 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/05/22 16:27:34 | 000,299,008 | ---- | M] (BUFFALO INC.) -- C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe
PRC - [2008/05/21 19:44:30 | 000,299,008 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\MagicKBD\PerformanceManager.exe
PRC - [2008/05/20 23:02:08 | 000,372,736 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Program Files\Samsung\MagicKBD\MagicKBD.exe
PRC - [2008/05/13 11:44:00 | 000,077,480 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/20 23:40:30 | 000,659,456 | ---- | M] (Samsung Electronics,.LTD) -- C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/05 10:34:30 | 001,664,000 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12010501\algo.dll
MOD - [2012/01/03 13:16:27 | 000,268,808 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12010501\aswRep.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/16 08:18:21 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/01/28 19:30:24 | 000,101,376 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll
MOD - [2011/01/28 19:30:23 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll
MOD - [2010/12/11 13:15:36 | 001,017,304 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
MOD - [2010/09/07 11:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/09/07 11:13:40 | 000,142,872 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\aswDld.dll
MOD - [2010/04/28 07:16:36 | 002,142,720 | ---- | M] () -- C:\Program Files\WeFi\QtCore4.dll
MOD - [2010/02/10 11:46:36 | 000,027,648 | ---- | M] () -- C:\Program Files\WeFi\qico4.dll
MOD - [2010/02/10 11:45:48 | 000,025,600 | ---- | M] () -- C:\Program Files\WeFi\qgif4.dll
MOD - [2010/02/10 11:45:40 | 000,119,808 | ---- | M] () -- C:\Program Files\WeFi\qjpeg4.dll
MOD - [2010/02/10 11:18:36 | 009,831,936 | ---- | M] () -- C:\Program Files\WeFi\QtWebKit4.dll
MOD - [2010/02/10 09:39:50 | 000,232,960 | ---- | M] () -- C:\Program Files\WeFi\phonon4.dll
MOD - [2010/02/10 09:37:52 | 002,530,304 | ---- | M] () -- C:\Program Files\WeFi\QtXmlPatterns4.dll
MOD - [2010/02/10 09:22:16 | 007,971,840 | ---- | M] () -- C:\Program Files\WeFi\QtGui4.dll
MOD - [2010/02/10 09:07:32 | 000,929,280 | ---- | M] () -- C:\Program Files\WeFi\QtNetwork4.dll
MOD - [2010/02/10 09:06:06 | 000,334,848 | ---- | M] () -- C:\Program Files\WeFi\QtXml4.dll
MOD - [2010/02/05 13:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/11/05 07:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/01/27 07:53:44 | 000,073,728 | ---- | M] () -- C:\Program Files\WeFi\zlib1.dll
MOD - [2008/10/20 13:32:54 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
MOD - [2008/09/17 14:20:08 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008/07/29 12:55:14 | 000,969,728 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2008/05/13 11:44:00 | 000,077,480 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
MOD - [2008/04/14 07:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 07:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006/08/12 15:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
MOD - [2005/07/12 19:34:22 | 000,045,056 | ---- | M] () -- C:\Program Files\Samsung\MagicKBD\EasyBoxDll.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/06 09:43:32 | 000,120,152 | ---- | M] (WeFi) [On_Demand | Running] -- C:\Program Files\WeFi\WefiEngSvc.exe -- (WefiEngSvc)
SRV - [2009/04/03 17:04:42 | 001,685,024 | ---- | M] (南京纳加软件有限公司) [Auto | Stopped] -- C:\WINDOWS\system32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2008/05/22 16:27:34 | 000,299,008 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe -- (SecureLockWare_InputPassword)
SRV - [2008/05/13 11:44:00 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
========== Driver Services (SafeList) ==========
DRV - [2010/09/07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/11/07 04:04:00 | 000,291,328 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008/10/08 01:35:10 | 001,334,432 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/09/23 15:23:58 | 000,238,464 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMC326.sys -- (VMC326)
DRV - [2008/08/26 18:35:00 | 004,753,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/07/29 10:59:08 | 000,879,832 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/07/29 10:59:02 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/07/26 18:29:54 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/07/26 18:29:36 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/07/26 18:29:28 | 000,539,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/01/14 22:01:02 | 000,030,208 | ---- | M] (Samsung Electronics,.LTD) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS -- (DNSeFilter)
DRV - [2007/06/19 19:12:00 | 000,725,248 | ---- | M] (BUFFALO INC.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SLWFIL.SYS -- (SecureLockWare_EncryptFilterDriver2)
DRV - [2007/06/19 19:11:00 | 000,725,120 | ---- | M] (BUFFALO INC.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ENCRFIL.SYS -- (SecureLockWare_EncryptFilterDriver)
DRV - [2007/05/18 15:04:16 | 000,015,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bfturboh.sys -- (bfturboh)
DRV - [2006/08/01 18:57:24 | 000,019,840 | ---- | M] (Samsung) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SUE_PD.sys -- (SUEPD)
DRV - [2005/10/26 23:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=SMSN&bmod=SMSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 32 29 A0 41 89 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - C:\Program Files\Dogpile Bundle Toolbar\Helper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.7
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.9
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.76
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/05 20:54:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/05 20:54:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks [2009/09/30 01:13:23 | 000,000,000 | ---D | M]
[2011/02/06 12:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Extensions
[2012/01/05 16:19:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions
[2010/05/17 03:48:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/26 14:46:30 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010/11/17 22:16:48 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2011/01/28 19:30:25 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010/10/19 12:06:48 | 000,000,000 | ---D | M] (Zotero) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\[email protected]
[2010/12/05 12:18:00 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\searchplugins\bing-zugo.xml
[2012/01/02 22:35:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/25 03:17:34 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/18 21:07:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009/09/30 01:13:23 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\KALEEFA MUNROE\APPLICATION DATA\MOVE NETWORKS
[2011/01/18 21:07:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/01/18 21:07:13 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Mighty Magoo Textlinks Plugin (Enabled) = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ahndmghnjfikjccedhcgoilmgklebefp\npmmtl.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Mighty Magoo = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ahndmghnjfikjccedhcgoilmgklebefp\
CHR - Extension: YouTube = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
O1 HOSTS File: ([2012/01/05 16:11:25 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O2 - BHO: (Dogpile Bundle Toolbar BHO) - {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [\\DB5B4R51\EPSON Stylus CX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe (SAMSUNG Electronics)
O4 - HKLM..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe (Samsung Electronics,.LTD)
O4 - HKLM..\Run: [MagicKeyboard] C:\Program Files\Samsung\MagicKBD\PreMKbd.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\kaleefa munroe\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.spvod.com...cx-ch-spvod.cab (VodClient Control Class)
O16 - DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} http://dl.pplive.com/PluginSetup.cab (PPLive Lite Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.1 167.206.254.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{161CAC4D-CDCD-4C9B-878D-588BF51DB882}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9624D0D2-01EF-425A-98CB-3E2A87E54A79}: DhcpNameServer = 167.206.254.1 167.206.254.2
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/30 19:17:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{29ba95a0-55bc-11de-8818-001377b46198}\Shell\AutoRun\command - "" = E:\installer.exe
O33 - MountPoints2\{29ba95a0-55bc-11de-8818-001377b46198}\Shell\verb\command - "" = E:\installer.exe
O33 - MountPoints2\{3287ee37-2ded-11e1-88bd-00242b802217}\Shell - "" = AutoRun
O33 - MountPoints2\{3287ee37-2ded-11e1-88bd-00242b802217}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3287ee37-2ded-11e1-88bd-00242b802217}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{6709a315-e723-11de-8840-00234eeb57f5}\Shell\play\command - "" = C:\Program Files\VideoLAN\VLC\vlc.exe -- [2009/03/31 17:14:54 | 000,114,840 | ---- | M] ()
O33 - MountPoints2\{76e419fb-0963-11e0-8884-001377b46198}\Shell - "" = AutoRun
O33 - MountPoints2\{76e419fb-0963-11e0-8884-001377b46198}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{76e419fb-0963-11e0-8884-001377b46198}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{986aa7d8-d07b-11de-883b-00234eeb57f5}\Shell - "" = AutoRun
O33 - MountPoints2\{986aa7d8-d07b-11de-883b-00234eeb57f5}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{986aa7d8-d07b-11de-883b-00234eeb57f5}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{e7d83874-9d51-11de-8825-00234eeb57f5}\Shell\AutoRun\command - "" = explorer .
O33 - MountPoints2\{e7d83874-9d51-11de-8825-00234eeb57f5}\Shell\mobile\command - "" = E:\MobileLaunch.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/05 16:10:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/05 09:59:39 | 000,000,000 | ---D | C] -- C:\Lop SD
========== Files - Modified Within 30 Days ==========
[2012/01/05 16:16:19 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\WefiStartup.job
[2012/01/05 16:16:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/05 16:15:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/05 16:15:38 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/05 16:11:25 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/01/05 16:01:00 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/01/05 15:46:00 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4045417087-778751197-4140145611-1005UA.job
[2012/01/05 15:43:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/05 08:46:07 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4045417087-778751197-4140145611-1005Core.job
[2011/12/29 20:49:30 | 003,936,497 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\Oasis - Wonderwall.mp3.download
[2011/12/25 12:26:50 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/12/21 19:45:42 | 000,022,857 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\untitled_0_1.odt
[2011/12/21 19:45:31 | 000,025,193 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation%20presentation.odt_0.odt
[2011/12/21 19:27:40 | 000,126,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/21 18:49:25 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/12/20 00:54:18 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/07 23:54:38 | 000,040,914 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation.odp_0.odp
[2011/12/07 21:30:46 | 000,022,796 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\investigative final.odt
[2011/12/07 21:20:40 | 000,022,799 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\for wed.odt
[2011/12/07 16:42:01 | 000,015,918 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\anim.jpg
[2011/12/07 16:13:41 | 000,000,156 | -H-- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\.~lock.animation presentation.odt#
[2011/12/06 17:01:16 | 000,020,223 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\investigative.odt
[2011/12/06 16:53:04 | 000,012,459 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation paper.odt
[2011/12/06 16:52:31 | 000,024,484 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation presentation.odt
[2011/12/06 16:37:33 | 000,025,108 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
========== Files Created - No Company Name ==========
[2012/01/04 11:28:53 | 000,040,914 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation.odp_0.odp
[2012/01/04 11:28:53 | 000,025,193 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation%20presentation.odt_0.odt
[2012/01/04 11:28:53 | 000,022,857 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\untitled_0_1.odt
[2011/12/29 20:49:14 | 003,936,497 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\Oasis - Wonderwall.mp3.download
[2011/12/07 21:30:45 | 000,022,796 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\investigative final.odt
[2011/12/07 16:42:01 | 000,015,918 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\anim.jpg
[2011/12/07 16:13:41 | 000,000,156 | -H-- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\.~lock.animation presentation.odt#
[2011/12/06 18:51:12 | 000,022,799 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\for wed.odt
[2011/12/06 16:53:03 | 000,012,459 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation paper.odt
[2011/12/06 16:52:29 | 000,024,484 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation presentation.odt
[2011/12/06 16:37:33 | 000,025,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/04/13 06:36:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/30 05:17:51 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2010/09/30 05:17:51 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2010/09/13 22:17:13 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/07/01 18:47:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/02/17 23:09:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/09/09 10:07:03 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\bfturboh.sys
[2009/09/08 22:04:02 | 000,000,058 | ---- | C] () -- C:\WINDOWS\OSA.INI
[2009/03/31 04:59:16 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/31 04:01:45 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\kaleefa munroe_KBD.ini
[2009/03/30 23:16:26 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/02/21 12:39:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/01/30 19:36:51 | 000,307,200 | ---- | C] () -- C:\WINDOWS\SetDisplayResolution.exe
[2009/01/30 19:30:09 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\MagicKBD.INI
[2009/01/30 19:30:09 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\Owner_KBD.ini
[2009/01/30 19:30:06 | 000,003,425 | ---- | C] () -- C:\WINDOWS\System32\KBDR.INI
[2009/01/30 19:30:06 | 000,002,741 | ---- | C] () -- C:\WINDOWS\System32\KBDD.INI
[2009/01/30 19:30:06 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDO.INI
[2009/01/30 19:30:06 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDC.INI
[2009/01/30 19:30:06 | 000,002,606 | ---- | C] () -- C:\WINDOWS\System32\KBDB.INI
[2009/01/30 19:30:06 | 000,002,236 | ---- | C] () -- C:\WINDOWS\System32\KBDQ.INI
[2009/01/30 19:30:06 | 000,001,956 | ---- | C] () -- C:\WINDOWS\System32\KBDE.INI
[2009/01/30 19:30:06 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\KBDP.INI
[2009/01/30 19:30:06 | 000,001,857 | ---- | C] () -- C:\WINDOWS\System32\KBDUU.INI
[2009/01/30 19:30:06 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDG.INI
[2009/01/30 19:30:06 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDA.INI
[2009/01/30 19:30:06 | 000,001,834 | ---- | C] () -- C:\WINDOWS\System32\KBDU.INI
[2009/01/30 19:30:06 | 000,001,819 | ---- | C] () -- C:\WINDOWS\System32\KBDN.INI
[2009/01/30 19:30:06 | 000,001,699 | ---- | C] () -- C:\WINDOWS\System32\KBDT.INI
[2009/01/30 19:30:06 | 000,001,697 | ---- | C] () -- C:\WINDOWS\System32\KBDV.INI
[2009/01/30 19:30:06 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\KBDS.INI
[2009/01/30 19:30:06 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\KBDF.INI
[2009/01/30 19:27:49 | 000,000,135 | R--- | C] () -- C:\WINDOWS\System32\lngEng.ini
[2009/01/30 19:27:49 | 000,000,117 | ---- | C] () -- C:\WINDOWS\System32\lngKor.ini
[2009/01/30 19:24:10 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/01/30 19:21:37 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\Marker.exe
[2009/01/30 19:21:36 | 000,004,300 | ---- | C] () -- C:\WINDOWS\System32\MEMIO.SYS
[2009/01/30 19:19:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/01/30 19:14:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/01/30 17:57:24 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/01/30 17:57:01 | 002,462,720 | ---- | C] () -- C:\WINDOWS\System32\WMVCore.dll
[2009/01/30 17:56:50 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/01/30 17:56:49 | 000,464,324 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/01/30 17:56:49 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/01/30 17:56:49 | 000,080,884 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/01/30 17:56:49 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/01/30 17:56:48 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/01/30 17:56:48 | 000,004,486 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/01/30 17:56:47 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/01/30 17:56:45 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/01/30 17:56:45 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/01/30 17:56:41 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/01/30 17:56:38 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009/01/30 11:09:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/01/30 11:08:15 | 000,126,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/01/21 12:59:38 | 000,006,416 | ---- | C] () -- C:\WINDOWS\UN080325.INI
[2009/01/21 12:59:25 | 000,012,348 | ---- | C] () -- C:\WINDOWS\UN050225.INI
[2008/09/17 14:20:08 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/02/26 19:49:12 | 006,139,774 | ---- | C] () -- C:\WINDOWS\imagine digital freedom.dat
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2011/01/31 20:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\348C
[2010/11/21 09:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/01/31 20:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\B280
[2010/03/21 13:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/10/15 08:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/10/19 23:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PPLive
[2010/09/30 05:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeNet Sentinel
[2011/01/26 23:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2010/09/30 05:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SPSS
[2009/01/30 19:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLAN
[2011/01/22 16:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/12/02 09:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Amazon
[2011/06/07 20:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Azureus
[2011/01/18 18:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\FCTB000060231
[2011/02/22 14:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\FrostWire
[2009/04/22 22:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\ICAClient
[2010/07/21 22:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\iktsoft
[2009/03/30 21:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\MSNInstaller
[2010/09/02 07:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\ooVoo Details
[2009/04/18 12:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\OpenOffice.org
[2011/10/26 13:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Pamela
[2011/10/26 17:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Pamela Call Recorder
[2009/12/22 17:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\PlayFirst
[2012/01/05 16:01:00 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2012/01/05 16:16:19 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\WefiStartup.job
========== Purity Check ==========
< End of report >
OTL logfile created on: 1/5/2012 4:20:32 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\kaleefa munroe\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.36 Mb Total Physical Memory | 354.66 Mb Available Physical Memory | 34.96% Memory free
2.38 Gb Paging File | 1.88 Gb Available in Paging File | 78.93% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.04 Gb Total Space | 39.98 Gb Free Space | 56.28% Space Free | Partition Type: NTFS
Drive D: | 72.00 Gb Total Space | 70.90 Gb Free Space | 98.47% Space Free | Partition Type: NTFS
Computer Name: YOUR-8C3461EE5F | User Name: kaleefa munroe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/05 12:52:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kaleefa munroe\My Documents\Downloads\OTL.exe
PRC - [2010/12/11 13:15:36 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2010/09/07 11:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2010/09/07 11:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/06 09:43:32 | 000,120,152 | ---- | M] (WeFi) -- C:\Program Files\WeFi\WefiEngSvc.exe
PRC - [2010/09/06 09:43:30 | 001,645,912 | ---- | M] (WeFi) -- C:\Program Files\WeFi\WeFi.exe
PRC - [2009/01/09 19:00:52 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/01/09 18:57:32 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008/10/20 13:32:54 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
PRC - [2008/10/06 21:07:26 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008/09/17 14:25:46 | 000,580,200 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/05/22 16:27:34 | 000,299,008 | ---- | M] (BUFFALO INC.) -- C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe
PRC - [2008/05/21 19:44:30 | 000,299,008 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\MagicKBD\PerformanceManager.exe
PRC - [2008/05/20 23:02:08 | 000,372,736 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Program Files\Samsung\MagicKBD\MagicKBD.exe
PRC - [2008/05/13 11:44:00 | 000,077,480 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/20 23:40:30 | 000,659,456 | ---- | M] (Samsung Electronics,.LTD) -- C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/05 10:34:30 | 001,664,000 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12010501\algo.dll
MOD - [2012/01/03 13:16:27 | 000,268,808 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12010501\aswRep.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/16 08:18:21 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/01/28 19:30:24 | 000,101,376 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll
MOD - [2011/01/28 19:30:23 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll
MOD - [2010/12/11 13:15:36 | 001,017,304 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
MOD - [2010/09/07 11:47:08 | 000,664,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/09/07 11:13:40 | 000,142,872 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\aswDld.dll
MOD - [2010/04/28 07:16:36 | 002,142,720 | ---- | M] () -- C:\Program Files\WeFi\QtCore4.dll
MOD - [2010/02/10 11:46:36 | 000,027,648 | ---- | M] () -- C:\Program Files\WeFi\qico4.dll
MOD - [2010/02/10 11:45:48 | 000,025,600 | ---- | M] () -- C:\Program Files\WeFi\qgif4.dll
MOD - [2010/02/10 11:45:40 | 000,119,808 | ---- | M] () -- C:\Program Files\WeFi\qjpeg4.dll
MOD - [2010/02/10 11:18:36 | 009,831,936 | ---- | M] () -- C:\Program Files\WeFi\QtWebKit4.dll
MOD - [2010/02/10 09:39:50 | 000,232,960 | ---- | M] () -- C:\Program Files\WeFi\phonon4.dll
MOD - [2010/02/10 09:37:52 | 002,530,304 | ---- | M] () -- C:\Program Files\WeFi\QtXmlPatterns4.dll
MOD - [2010/02/10 09:22:16 | 007,971,840 | ---- | M] () -- C:\Program Files\WeFi\QtGui4.dll
MOD - [2010/02/10 09:07:32 | 000,929,280 | ---- | M] () -- C:\Program Files\WeFi\QtNetwork4.dll
MOD - [2010/02/10 09:06:06 | 000,334,848 | ---- | M] () -- C:\Program Files\WeFi\QtXml4.dll
MOD - [2010/02/05 13:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/11/05 07:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/01/27 07:53:44 | 000,073,728 | ---- | M] () -- C:\Program Files\WeFi\zlib1.dll
MOD - [2008/10/20 13:32:54 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
MOD - [2008/09/17 14:20:08 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008/07/29 12:55:14 | 000,969,728 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2008/05/13 11:44:00 | 000,077,480 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
MOD - [2008/04/14 07:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 07:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006/08/12 15:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
MOD - [2005/07/12 19:34:22 | 000,045,056 | ---- | M] () -- C:\Program Files\Samsung\MagicKBD\EasyBoxDll.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/09/07 11:47:18 | 000,202,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/06 09:43:32 | 000,120,152 | ---- | M] (WeFi) [On_Demand | Running] -- C:\Program Files\WeFi\WefiEngSvc.exe -- (WefiEngSvc)
SRV - [2009/04/03 17:04:42 | 001,685,024 | ---- | M] (南京纳加软件有限公司) [Auto | Stopped] -- C:\WINDOWS\system32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2008/05/22 16:27:34 | 000,299,008 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe -- (SecureLockWare_InputPassword)
SRV - [2008/05/13 11:44:00 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
========== Driver Services (SafeList) ==========
DRV - [2010/09/07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/11/07 04:04:00 | 000,291,328 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008/10/08 01:35:10 | 001,334,432 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/09/23 15:23:58 | 000,238,464 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMC326.sys -- (VMC326)
DRV - [2008/08/26 18:35:00 | 004,753,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/07/29 10:59:08 | 000,879,832 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/07/29 10:59:02 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/07/26 18:29:54 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/07/26 18:29:36 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/07/26 18:29:28 | 000,539,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/01/14 22:01:02 | 000,030,208 | ---- | M] (Samsung Electronics,.LTD) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS -- (DNSeFilter)
DRV - [2007/06/19 19:12:00 | 000,725,248 | ---- | M] (BUFFALO INC.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SLWFIL.SYS -- (SecureLockWare_EncryptFilterDriver2)
DRV - [2007/06/19 19:11:00 | 000,725,120 | ---- | M] (BUFFALO INC.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ENCRFIL.SYS -- (SecureLockWare_EncryptFilterDriver)
DRV - [2007/05/18 15:04:16 | 000,015,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bfturboh.sys -- (bfturboh)
DRV - [2006/08/01 18:57:24 | 000,019,840 | ---- | M] (Samsung) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SUE_PD.sys -- (SUEPD)
DRV - [2005/10/26 23:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=SMSN&bmod=SMSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 32 29 A0 41 89 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - C:\Program Files\Dogpile Bundle Toolbar\Helper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.7
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.9
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.76
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/05 20:54:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/05 20:54:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks [2009/09/30 01:13:23 | 000,000,000 | ---D | M]
[2011/02/06 12:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Extensions
[2012/01/05 16:19:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions
[2010/05/17 03:48:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/26 14:46:30 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010/11/17 22:16:48 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2011/01/28 19:30:25 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010/10/19 12:06:48 | 000,000,000 | ---D | M] (Zotero) -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\extensions\[email protected]
[2010/12/05 12:18:00 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Firefox\Profiles\wwvx6v0w.default\searchplugins\bing-zugo.xml
[2012/01/02 22:35:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/25 03:17:34 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/18 21:07:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009/09/30 01:13:23 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\KALEEFA MUNROE\APPLICATION DATA\MOVE NETWORKS
[2011/01/18 21:07:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/01/18 21:07:13 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Mighty Magoo Textlinks Plugin (Enabled) = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ahndmghnjfikjccedhcgoilmgklebefp\npmmtl.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\kaleefa munroe\Application Data\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Mighty Magoo = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ahndmghnjfikjccedhcgoilmgklebefp\
CHR - Extension: YouTube = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
O1 HOSTS File: ([2012/01/05 16:11:25 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O2 - BHO: (Dogpile Bundle Toolbar BHO) - {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [\\DB5B4R51\EPSON Stylus CX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe (SAMSUNG Electronics)
O4 - HKLM..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe (Samsung Electronics,.LTD)
O4 - HKLM..\Run: [MagicKeyboard] C:\Program Files\Samsung\MagicKBD\PreMKbd.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\kaleefa munroe\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.spvod.com...cx-ch-spvod.cab (VodClient Control Class)
O16 - DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} http://dl.pplive.com/PluginSetup.cab (PPLive Lite Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.1 167.206.254.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{161CAC4D-CDCD-4C9B-878D-588BF51DB882}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9624D0D2-01EF-425A-98CB-3E2A87E54A79}: DhcpNameServer = 167.206.254.1 167.206.254.2
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/30 19:17:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{29ba95a0-55bc-11de-8818-001377b46198}\Shell\AutoRun\command - "" = E:\installer.exe
O33 - MountPoints2\{29ba95a0-55bc-11de-8818-001377b46198}\Shell\verb\command - "" = E:\installer.exe
O33 - MountPoints2\{3287ee37-2ded-11e1-88bd-00242b802217}\Shell - "" = AutoRun
O33 - MountPoints2\{3287ee37-2ded-11e1-88bd-00242b802217}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3287ee37-2ded-11e1-88bd-00242b802217}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{6709a315-e723-11de-8840-00234eeb57f5}\Shell\play\command - "" = C:\Program Files\VideoLAN\VLC\vlc.exe -- [2009/03/31 17:14:54 | 000,114,840 | ---- | M] ()
O33 - MountPoints2\{76e419fb-0963-11e0-8884-001377b46198}\Shell - "" = AutoRun
O33 - MountPoints2\{76e419fb-0963-11e0-8884-001377b46198}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{76e419fb-0963-11e0-8884-001377b46198}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{986aa7d8-d07b-11de-883b-00234eeb57f5}\Shell - "" = AutoRun
O33 - MountPoints2\{986aa7d8-d07b-11de-883b-00234eeb57f5}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{986aa7d8-d07b-11de-883b-00234eeb57f5}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{e7d83874-9d51-11de-8825-00234eeb57f5}\Shell\AutoRun\command - "" = explorer .
O33 - MountPoints2\{e7d83874-9d51-11de-8825-00234eeb57f5}\Shell\mobile\command - "" = E:\MobileLaunch.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/05 16:10:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/05 09:59:39 | 000,000,000 | ---D | C] -- C:\Lop SD
========== Files - Modified Within 30 Days ==========
[2012/01/05 16:16:19 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\WefiStartup.job
[2012/01/05 16:16:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/05 16:15:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/05 16:15:38 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/05 16:11:25 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/01/05 16:01:00 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/01/05 15:46:00 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4045417087-778751197-4140145611-1005UA.job
[2012/01/05 15:43:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/05 08:46:07 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4045417087-778751197-4140145611-1005Core.job
[2011/12/29 20:49:30 | 003,936,497 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\Oasis - Wonderwall.mp3.download
[2011/12/25 12:26:50 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/12/21 19:45:42 | 000,022,857 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\untitled_0_1.odt
[2011/12/21 19:45:31 | 000,025,193 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation%20presentation.odt_0.odt
[2011/12/21 19:27:40 | 000,126,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/21 18:49:25 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/12/20 00:54:18 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/07 23:54:38 | 000,040,914 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation.odp_0.odp
[2011/12/07 21:30:46 | 000,022,796 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\investigative final.odt
[2011/12/07 21:20:40 | 000,022,799 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\for wed.odt
[2011/12/07 16:42:01 | 000,015,918 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\anim.jpg
[2011/12/07 16:13:41 | 000,000,156 | -H-- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\.~lock.animation presentation.odt#
[2011/12/06 17:01:16 | 000,020,223 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\investigative.odt
[2011/12/06 16:53:04 | 000,012,459 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation paper.odt
[2011/12/06 16:52:31 | 000,024,484 | ---- | M] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation presentation.odt
[2011/12/06 16:37:33 | 000,025,108 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
========== Files Created - No Company Name ==========
[2012/01/04 11:28:53 | 000,040,914 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation.odp_0.odp
[2012/01/04 11:28:53 | 000,025,193 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\animation%20presentation.odt_0.odt
[2012/01/04 11:28:53 | 000,022,857 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\untitled_0_1.odt
[2011/12/29 20:49:14 | 003,936,497 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\My Documents\Oasis - Wonderwall.mp3.download
[2011/12/07 21:30:45 | 000,022,796 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\investigative final.odt
[2011/12/07 16:42:01 | 000,015,918 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\anim.jpg
[2011/12/07 16:13:41 | 000,000,156 | -H-- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\.~lock.animation presentation.odt#
[2011/12/06 18:51:12 | 000,022,799 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\for wed.odt
[2011/12/06 16:53:03 | 000,012,459 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation paper.odt
[2011/12/06 16:52:29 | 000,024,484 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Desktop\animation presentation.odt
[2011/12/06 16:37:33 | 000,025,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/04/13 06:36:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/30 05:17:51 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2010/09/30 05:17:51 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2010/09/13 22:17:13 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/07/01 18:47:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/02/17 23:09:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/09/09 10:07:03 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\bfturboh.sys
[2009/09/08 22:04:02 | 000,000,058 | ---- | C] () -- C:\WINDOWS\OSA.INI
[2009/03/31 04:59:16 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\kaleefa munroe\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/31 04:01:45 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\kaleefa munroe_KBD.ini
[2009/03/30 23:16:26 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/02/21 12:39:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/01/30 19:36:51 | 000,307,200 | ---- | C] () -- C:\WINDOWS\SetDisplayResolution.exe
[2009/01/30 19:30:09 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\MagicKBD.INI
[2009/01/30 19:30:09 | 000,001,520 | ---- | C] () -- C:\WINDOWS\System32\Owner_KBD.ini
[2009/01/30 19:30:06 | 000,003,425 | ---- | C] () -- C:\WINDOWS\System32\KBDR.INI
[2009/01/30 19:30:06 | 000,002,741 | ---- | C] () -- C:\WINDOWS\System32\KBDD.INI
[2009/01/30 19:30:06 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDO.INI
[2009/01/30 19:30:06 | 000,002,699 | ---- | C] () -- C:\WINDOWS\System32\KBDC.INI
[2009/01/30 19:30:06 | 000,002,606 | ---- | C] () -- C:\WINDOWS\System32\KBDB.INI
[2009/01/30 19:30:06 | 000,002,236 | ---- | C] () -- C:\WINDOWS\System32\KBDQ.INI
[2009/01/30 19:30:06 | 000,001,956 | ---- | C] () -- C:\WINDOWS\System32\KBDE.INI
[2009/01/30 19:30:06 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\KBDP.INI
[2009/01/30 19:30:06 | 000,001,857 | ---- | C] () -- C:\WINDOWS\System32\KBDUU.INI
[2009/01/30 19:30:06 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDG.INI
[2009/01/30 19:30:06 | 000,001,835 | ---- | C] () -- C:\WINDOWS\System32\KBDA.INI
[2009/01/30 19:30:06 | 000,001,834 | ---- | C] () -- C:\WINDOWS\System32\KBDU.INI
[2009/01/30 19:30:06 | 000,001,819 | ---- | C] () -- C:\WINDOWS\System32\KBDN.INI
[2009/01/30 19:30:06 | 000,001,699 | ---- | C] () -- C:\WINDOWS\System32\KBDT.INI
[2009/01/30 19:30:06 | 000,001,697 | ---- | C] () -- C:\WINDOWS\System32\KBDV.INI
[2009/01/30 19:30:06 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\KBDS.INI
[2009/01/30 19:30:06 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\KBDF.INI
[2009/01/30 19:27:49 | 000,000,135 | R--- | C] () -- C:\WINDOWS\System32\lngEng.ini
[2009/01/30 19:27:49 | 000,000,117 | ---- | C] () -- C:\WINDOWS\System32\lngKor.ini
[2009/01/30 19:24:10 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/01/30 19:21:37 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\Marker.exe
[2009/01/30 19:21:36 | 000,004,300 | ---- | C] () -- C:\WINDOWS\System32\MEMIO.SYS
[2009/01/30 19:19:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/01/30 19:14:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/01/30 17:57:24 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/01/30 17:57:01 | 002,462,720 | ---- | C] () -- C:\WINDOWS\System32\WMVCore.dll
[2009/01/30 17:56:50 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/01/30 17:56:49 | 000,464,324 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/01/30 17:56:49 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/01/30 17:56:49 | 000,080,884 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/01/30 17:56:49 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/01/30 17:56:48 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/01/30 17:56:48 | 000,004,486 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/01/30 17:56:47 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/01/30 17:56:45 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/01/30 17:56:45 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/01/30 17:56:41 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/01/30 17:56:38 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009/01/30 11:09:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/01/30 11:08:15 | 000,126,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/01/21 12:59:38 | 000,006,416 | ---- | C] () -- C:\WINDOWS\UN080325.INI
[2009/01/21 12:59:25 | 000,012,348 | ---- | C] () -- C:\WINDOWS\UN050225.INI
[2008/09/17 14:20:08 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/02/26 19:49:12 | 006,139,774 | ---- | C] () -- C:\WINDOWS\imagine digital freedom.dat
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2011/01/31 20:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\348C
[2010/11/21 09:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/01/31 20:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\B280
[2010/03/21 13:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010/10/15 08:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/10/19 23:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PPLive
[2010/09/30 05:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeNet Sentinel
[2011/01/26 23:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2010/09/30 05:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SPSS
[2009/01/30 19:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLAN
[2011/01/22 16:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/12/02 09:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Amazon
[2011/06/07 20:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Azureus
[2011/01/18 18:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\FCTB000060231
[2011/02/22 14:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\FrostWire
[2009/04/22 22:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\ICAClient
[2010/07/21 22:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\iktsoft
[2009/03/30 21:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\MSNInstaller
[2010/09/02 07:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\ooVoo Details
[2009/04/18 12:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\OpenOffice.org
[2011/10/26 13:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Pamela
[2011/10/26 17:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\Pamela Call Recorder
[2009/12/22 17:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kaleefa munroe\Application Data\PlayFirst
[2012/01/05 16:01:00 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2012/01/05 16:16:19 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\WefiStartup.job
========== Purity Check ==========
< End of report >
#5
Posted 05 January 2012 - 03:49 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Whilst aswMBR is running has Mr Magoo gone away ?
#6
Posted 05 January 2012 - 03:55 PM
kellicanpelican
- Topic Starter
-
- Member
-
- 31 posts
Member
Yep! Looks like it. Web pages seem to be loading much faster now. I'm currently running aswMBR. Is it normal to take a while? I started it over half an hour ago.
#7
Posted 05 January 2012 - 03:57 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Yes as you have Avast installed it is also doing a virus scan as well as checking the MBR and partitions
You can continue using the machine whilst it works
You can continue using the machine whilst it works
#9
Posted 05 January 2012 - 04:11 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
OK both logs look good, so now a quick scan to remove any remnants of mywebsearch
Once done can you let me know of any problems remaining
Please download Malwarebytes' Anti-Malware
Double Click mbam-setup.exe to install the application.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
Once done can you let me know of any problems remaining
Please download Malwarebytes' Anti-Malware
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish, so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
#10
Posted 05 January 2012 - 04:26 PM
kellicanpelican
- Topic Starter
-
- Member
-
- 31 posts
Member
Thanks! This is my log from MBAM.
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org
Database version: v2012.01.05.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
kaleefa munroe :: YOUR-8C3461EE5F [administrator]
1/5/2012 5:17:39 PM
mbam-log-2012-01-05 (17-17-39).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 166694
Time elapsed: 5 minute(s), 57 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 8
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEAD004E-7E2D-49f8-831C-A01647E85B53} (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEAD004E-7E2D-49f8-831C-A01647E85B53} (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{97E74A14-E5F1-40CC-9B0F-0D11946E5469} (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKCR\MightyMagooText.Linker (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKCR\MightyMagooText.Linker.1 (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKCR\APPID\MightyMagooText.DLL (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\mmagootl (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MightyMagoo (PUP.MightyMagoo) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] (PUP.MightyMagoo) -> Quarantined and deleted successfully.
Files Detected: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org
Database version: v2012.01.05.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
kaleefa munroe :: YOUR-8C3461EE5F [administrator]
1/5/2012 5:17:39 PM
mbam-log-2012-01-05 (17-17-39).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 166694
Time elapsed: 5 minute(s), 57 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 8
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEAD004E-7E2D-49f8-831C-A01647E85B53} (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEAD004E-7E2D-49f8-831C-A01647E85B53} (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{97E74A14-E5F1-40CC-9B0F-0D11946E5469} (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKCR\MightyMagooText.Linker (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKCR\MightyMagooText.Linker.1 (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKCR\APPID\MightyMagooText.DLL (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\mmagootl (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MightyMagoo (PUP.MightyMagoo) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
C:\Documents and Settings\kaleefa munroe\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] (PUP.MightyMagoo) -> Quarantined and deleted successfully.
Files Detected: 0
(No malicious items detected)
(end)
#11
Posted 05 January 2012 - 04:29 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
And how is your computer behaving now ?
#12
Posted 05 January 2012 - 04:32 PM
kellicanpelican
- Topic Starter
-
- Member
-
- 31 posts
Member
It's very fast now! Thank you very much! 
#13
Posted 05 January 2012 - 04:34 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Subject to no further problems 
I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean
A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:
Run OTL
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.
We will now confirm that your hidden files are set to that, as some of the tools I use will change that
Your Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.
Upgrading Java:
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Malwarebytes.
Update and run weekly to keep your system clean
Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link
It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe
I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean
A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:Commands
[resethosts]
[emptytemp]
[CLEARALLRESTOREPOINTS]
[Reboot]
- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.
We will now confirm that your hidden files are set to that, as some of the tools I use will change that
- Click Start.
- Open My Computer.
- Select the Tools menu and click Folder Options.
- Select the View Tab.
- Under the Hidden files and folders heading select Do not show hidden files and folders.
- Click Yes to confirm.
- Click OK.
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.
Upgrading Java:
- Go to this site and click Do I have Java
- It will check your current version and then offer to update to the latest version
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Malwarebytes. Update and run weekly to keep your system clean
Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link
It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe
#14
Posted 06 January 2012 - 01:16 PM
kellicanpelican
- Topic Starter
-
- Member
-
- 31 posts
Member
I've followed all your instructions and everything is still looking good today. Thanks for the help!
#15
Posted 06 January 2012 - 01:24 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
