Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

xp security 2011

Started by shaly777 , Mar 26 2011 04:43 PM

  • Please log in to reply

#1
shaly777
Posted 26 March 2011 - 04:43 PM

shaly777

    Member

  • Member
  • PipPip
  • 74 posts
XP security 2011 popups started popping up. Different windows keep appearing from task bar with messages like "Security hole detected! A program is trying to exploit Windows security holes! Passwords and sensitive data may be stolen! And then it gives some details. I googled security 2011 since it was asking me for money and it turns out to be a virus. OTL and extras log below...can you help me please?


I was already running SuperAntiSpyware, but haven't asked it to delete anything yet. It came up with 211 adware cookies; and 3 registry keys under DISABLED.SECURITYCENTEROPTION> REGISTRY KEYS> HKLM\SOFTWARE\MICROSOFTSECURITYCENTER#ANTIVIRUSDISABLENOTIFY
The second was #FIREWALLDISABLENOTIFY and the third was #UPDATESDISABLENOTIFY

And also under System.BrokenFileAssociation >registry keys >HKCR\EXE.

OTL logfile created on: 3/26/2011 5:21:08 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Shannon's Work\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.54 Gb Total Space | 41.69 Gb Free Space | 37.37% Space Free | Partition Type: NTFS
Drive E: | 42.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FREIGHTLINER | User Name: Shannon's Work | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/26 17:20:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shannon's Work\Desktop\OTL.exe
PRC - [2011/03/26 16:58:49 | 000,344,064 | -HS- | M] (Valve Corporation) -- C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\qgv.exe
PRC - [2011/02/09 22:51:42 | 000,115,384 | ---- | M] (Flock, Inc.) -- C:\Program Files\Flock\flock.exe
PRC - [2011/01/13 03:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 03:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/12/09 14:40:04 | 003,826,968 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
PRC - [2010/10/20 14:59:03 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/08/04 22:42:31 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010/02/18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/01/05 17:02:24 | 000,352,256 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe
PRC - [2005/12/21 23:33:02 | 000,046,592 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\psqltray.exe
PRC - [2005/12/20 14:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2005/12/16 03:21:00 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
PRC - [2005/12/05 14:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005/11/30 15:25:22 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
PRC - [2005/11/28 13:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005/11/28 13:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005/11/02 19:41:04 | 000,978,944 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2005/10/06 08:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/08/16 14:23:12 | 000,188,416 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
PRC - [2005/07/12 20:14:42 | 000,040,960 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
PRC - [2005/06/01 00:00:12 | 000,282,624 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2005/05/31 23:59:58 | 000,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2005/04/26 19:13:20 | 000,122,880 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2005/03/11 18:03:16 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TDispVol.exe
PRC - [2005/01/17 19:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004/12/30 03:32:20 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2004/08/28 03:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2004/08/28 03:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe


========== Modules (SafeList) ==========

MOD - [2011/03/26 17:20:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shannon's Work\Desktop\OTL.exe
MOD - [2011/01/13 03:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2002/03/03 07:40:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\TDispVol.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/03/18 08:04:27 | 003,229,784 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_d76cf65.dll -- (Akamai)
SRV - [2011/01/13 03:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/01 15:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2005/12/20 14:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2005/07/12 20:14:42 | 000,040,960 | ---- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2005/01/17 19:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/08/28 03:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - [2011/01/13 03:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 03:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 03:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/01/13 03:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 03:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/01/13 03:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/07/08 10:52:32 | 000,231,424 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2010/07/08 10:52:32 | 000,176,384 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwusbser2_000.sys -- (NWUSBPort2_000) Novatel Wireless USB Status2 Port Driver (vGEN)
DRV - [2010/07/08 10:52:32 | 000,176,384 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwusbser_000.sys -- (NWUSBPort_000) Novatel Wireless USB Status Port Driver (vGEN)
DRV - [2010/07/08 10:52:32 | 000,176,384 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwusbmdm_000.sys -- (NWUSBModem_000) Novatel Wireless USB Modem Driver (vGEN)
DRV - [2010/07/08 10:52:32 | 000,020,480 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NwUsbCdFil.sys -- (NWUSBCDFIL)
DRV - [2010/06/13 22:12:58 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/06/13 22:12:58 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/06/13 22:12:57 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/04/14 21:29:22 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)
DRV - [2009/02/12 15:11:24 | 000,022,312 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dddsk.sys -- (ElRawDisk)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/03/11 17:58:56 | 000,059,776 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDUWWAN.sys -- (PTDUWWAN)
DRV - [2008/03/11 17:58:50 | 000,039,936 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDUVsp.sys -- (PTDUVsp)
DRV - [2008/03/11 17:58:48 | 000,041,344 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDUMdm.sys -- (PTDUMdm)
DRV - [2008/03/11 17:58:44 | 000,029,824 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PTDUBus.sys -- (PTDUBus)
DRV - [2006/02/16 04:56:07 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/12/21 23:55:50 | 000,013,568 | ---- | M] (UPEK Inc.) [File_System | Auto | Running] -- C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys -- (FdRedir)
DRV - [2005/12/21 23:55:34 | 000,033,024 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys -- (FileDisk2)
DRV - [2005/12/21 23:25:32 | 000,003,456 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\Protector Suite QL\smihlp.sys -- (smihlp)
DRV - [2005/12/09 19:48:40 | 004,123,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/12/04 12:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2005/11/30 14:01:02 | 000,043,392 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/11/30 13:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/11/28 14:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/11/15 12:00:22 | 001,122,656 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/10/20 17:03:42 | 000,006,144 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2005/10/06 08:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/10/06 08:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/10/06 08:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/10/06 08:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/10/06 08:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/10/06 08:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/10/06 08:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/09/09 17:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005/08/25 15:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 15:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/24 18:20:28 | 000,009,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (tbiosdrv)
DRV - [2005/06/02 06:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005/01/12 03:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\KR10N.sys -- (KR10N)
DRV - [2004/08/10 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2003/09/19 04:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/01/29 17:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2003/01/10 15:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/?ref=home
IE - HKCU\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/?ref=home#!/games?ap=1|http://us.mg4.mail.yahoo.com/dc/launch?.gx=1&.rand=2jroijgurd4aj|http://www.itsyourturn.com/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {b01bf10c-302a-11da-b67b-000d60ca027b}:2.6.2

FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/01/04 16:50:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKLM\software\mozilla\Flock 2.6.1\extensions\\Components: C:\Program Files\Flock\components [2011/02/16 09:38:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.6.1\extensions\\Plugins: C:\Program Files\Flock\plugins [2011/02/28 22:06:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.6.2\extensions\\Components: C:\Program Files\Flock\components [2011/02/16 09:38:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.6.2\extensions\\Plugins: C:\Program Files\Flock\plugins [2011/02/28 22:06:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/23 08:51:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/02/28 22:06:14 | 000,000,000 | ---D | M]

[2010/07/21 10:03:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Extensions
[2010/07/21 10:03:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2010/04/22 16:35:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Extensions\[email protected]
[2011/03/26 13:14:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Firefox\Profiles\j8qdorvi.default\extensions
[2010/08/15 23:07:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Firefox\Profiles\j8qdorvi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/16 08:20:28 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Firefox\Profiles\j8qdorvi.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/06/17 10:29:20 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Firefox\Profiles\j8qdorvi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/09/18 23:12:08 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Firefox\Profiles\j8qdorvi.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/07/04 19:44:53 | 000,000,000 | ---D | M] (Gamers Unite! Snag Bar) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Firefox\Profiles\j8qdorvi.default\extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}
[2010/07/04 21:23:51 | 000,000,000 | ---D | M] ("Mister Wong Toolbar") -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Firefox\Profiles\j8qdorvi.default\extensions\{e18845dc-387b-4fa5-b6d5-c6cfeb9ea640}
[2010/09/20 09:20:19 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Firefox\Profiles\j8qdorvi.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/07/29 21:17:59 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Firefox\Profiles\j8qdorvi.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}(2)
[2010/02/23 08:17:08 | 000,000,000 | ---D | M] (Black Steel) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Firefox\Profiles\j8qdorvi.default\extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66}
[2011/03/18 15:19:01 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Firefox\Profiles\j8qdorvi.default\extensions\[email protected]
[2010/07/19 23:36:59 | 000,000,000 | ---D | M] (Cooliris) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Firefox\Profiles\j8qdorvi.default\extensions\[email protected]
[2010/07/19 23:36:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shannon's Work\Application Data\Mozilla\Firefox\Profiles\j8qdorvi.default\extensions\[email protected]
[2011/03/26 13:15:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/28 21:36:26 | 000,000,000 | ---D | M] (Wyyo) -- C:\Program Files\Mozilla Firefox\extensions\{0CA8283E-056B-40D7-A343-83C84105CE78}
[2009/02/08 17:21:28 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/04/26 00:47:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/27 13:35:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2009/02/28 16:16:27 | 000,000,000 | ---D | M] (RealArcade V3 Plugin) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2009/02/08 17:21:16 | 000,000,000 | ---D | M] (Real Networks Settings) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2011/03/24 09:42:27 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\DOCUMENTS AND SETTINGS\SHANNON'S WORK\APPLICATION DATA\FLOCK\BROWSER\PROFILES\4F6TKHD6.DEFAULT\EXTENSIONS\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
[2010/09/28 22:00:50 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\DOCUMENTS AND SETTINGS\SHANNON'S WORK\APPLICATION DATA\FLOCK\BROWSER\PROFILES\4F6TKHD6.DEFAULT\EXTENSIONS\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}
[2010/08/24 04:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/08/12 03:21:14 | 000,002,486 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml

O1 HOSTS File: ([2004/08/10 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PCCBHO.CPCCBHO) - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll (Capital Intellect Inc)
O2 - BHO: (Freecause Toolbar BHO) - {26A7CA19-7D58-411D-B2DA-F1B0324CBFFC} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll ()
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O2 - BHO: (CPrintEnhancer Object) - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Gamers Unite! Snag Bar) - {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Gamers Unite! Snag Bar) - {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [PadTouch] File not found
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10l_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (Capital Intellect, Inc)
O9 - Extra Button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (Capital Intellect, Inc)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Paradise%20Pet%20Salon/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Sally's%20Salon/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.mac...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\WINDOWS\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\psfus: DllName - psqlpwd.dll - C:\WINDOWS\System32\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/02/15 10:38:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/08/21 02:39:48 | 000,000,074 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{325ca757-19a5-11e0-9dc0-001302bd6b12}\Shell - "" = AutoRun
O33 - MountPoints2\{325ca757-19a5-11e0-9dc0-001302bd6b12}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{325ca757-19a5-11e0-9dc0-001302bd6b12}\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe -- [2010/01/26 03:23:26 | 002,312,080 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe -- [2010/01/26 03:23:26 | 002,312,080 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe /z detect
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\qgv.exe" -a "%1" %* (Valve Corporation)
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\qgv.exe" -a "%1" %* (Valve Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/03/26 17:20:04 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Shannon's Work\Desktop\OTL.exe
[2011/03/26 16:58:49 | 000,344,064 | -HS- | C] (Valve Corporation) -- C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\qgv.exe
[2011/03/26 16:58:49 | 000,344,064 | -HS- | C] (Valve Corporation) -- C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\lhy.exe
[2011/03/25 08:26:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/03/11 13:42:27 | 000,000,000 | R-SD | C] -- C:\Documents and Settings\Shannon's Work\My Documents\My Safe
[2011/02/28 22:06:13 | 000,000,000 | ---D | C] -- C:\Program Files\Imikimi
[2011/02/28 16:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2011/02/28 16:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2006/02/15 11:25:00 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/26 17:20:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shannon's Work\Desktop\OTL.exe
[2011/03/26 17:09:42 | 000,013,492 | -HS- | M] () -- C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\8a0bd7l1s3ld4h51k41he7em20140a
[2011/03/26 17:09:42 | 000,013,492 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\8a0bd7l1s3ld4h51k41he7em20140a
[2011/03/26 17:04:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/26 16:58:49 | 000,344,064 | -HS- | M] (Valve Corporation) -- C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\qgv.exe
[2011/03/26 16:58:49 | 000,344,064 | -HS- | M] (Valve Corporation) -- C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\lhy.exe
[2011/03/25 15:04:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/25 12:11:00 | 000,000,320 | ---- | M] () -- C:\WINDOWS\tasks\WebReg Deskjet D4200 series.job
[2011/03/23 18:12:13 | 000,000,412 | ---- | M] () -- C:\Documents and Settings\Shannon's Work\My Documents\spider.sav
[2011/03/18 19:00:36 | 000,511,678 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/18 19:00:36 | 000,093,330 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/18 18:57:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2011/03/18 18:55:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/15 11:45:58 | 008,316,278 | ---- | M] () -- C:\Documents and Settings\Shannon's Work\My Documents\RT&EService&rep.3_15_11.QBB
[2011/03/15 11:42:39 | 006,149,133 | ---- | M] () -- C:\Documents and Settings\Shannon's Work\My Documents\RT&E Rural Water3_15_11.QBB
[2011/03/11 13:44:24 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\Shannon's Work\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/03/11 08:53:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/04 14:06:55 | 002,006,822 | ---- | M] () -- C:\Documents and Settings\Shannon's Work\My Documents\bungalow.pdf
[2011/03/01 09:03:02 | 000,001,711 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/03/01 09:02:56 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/02/26 11:38:20 | 008,711,495 | ---- | M] () -- C:\Documents and Settings\Shannon's Work\My Documents\PR_Catalog_2010.pdf
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/26 16:58:55 | 000,013,492 | -HS- | C] () -- C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\8a0bd7l1s3ld4h51k41he7em20140a
[2011/03/26 16:58:55 | 000,013,492 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\8a0bd7l1s3ld4h51k41he7em20140a
[2011/03/15 11:45:56 | 008,316,278 | ---- | C] () -- C:\Documents and Settings\Shannon's Work\My Documents\RT&EService&rep.3_15_11.QBB
[2011/03/15 11:42:38 | 006,149,133 | ---- | C] () -- C:\Documents and Settings\Shannon's Work\My Documents\RT&E Rural Water3_15_11.QBB
[2011/03/04 14:06:18 | 002,006,822 | ---- | C] () -- C:\Documents and Settings\Shannon's Work\My Documents\bungalow.pdf
[2011/03/01 09:03:02 | 000,001,711 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/02/26 11:35:35 | 008,711,495 | ---- | C] () -- C:\Documents and Settings\Shannon's Work\My Documents\PR_Catalog_2010.pdf
[2010/08/06 15:35:27 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/08/06 15:21:44 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/07/29 16:11:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Shannon's Work\Application Data\wklnhst.dat
[2010/04/22 16:24:23 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/30 10:49:30 | 000,044,200 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/01/28 18:37:08 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/12/29 21:19:37 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/12/28 23:31:37 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\fusioncache.dat
[2009/02/11 19:13:51 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2009/02/05 10:33:26 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\SSCoInst.exe
[2009/02/05 10:33:26 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\SVSetup.Exe
[2009/02/05 10:33:26 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\SSCoInst.dll
[2009/02/05 10:33:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SVSetup.dll
[2009/02/05 10:33:22 | 000,020,594 | ---- | C] () -- C:\WINDOWS\System32\Dels3LMK.DLL
[2009/01/02 13:41:06 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2008/10/25 15:45:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2008/09/29 19:09:22 | 000,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/07/26 20:33:28 | 000,000,026 | ---- | C] () -- C:\WINDOWS\ms_games.ini
[2008/07/26 11:14:02 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2007/08/25 16:27:38 | 000,130,509 | ---- | C] () -- C:\WINDOWS\HPHins13.dat
[2007/08/25 16:27:38 | 000,002,977 | ---- | C] () -- C:\WINDOWS\hphmdl13.dat
[2006/05/28 20:14:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/28 20:12:31 | 000,004,528 | R--- | C] () -- C:\WINDOWS\System32\SETBROWS.EXE
[2006/02/25 02:02:55 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/02/24 23:28:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll
[2006/02/16 10:07:58 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2006/02/16 04:55:04 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/02/16 04:50:52 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/16 04:25:21 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/02/16 04:25:21 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/02/16 04:25:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/02/16 04:25:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/02/16 04:25:21 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/02/16 04:25:21 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/02/15 11:41:53 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys
[2006/02/15 11:41:53 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2006/02/15 11:40:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006/02/15 11:28:50 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006/02/15 11:28:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006/02/15 11:28:50 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006/02/15 11:28:50 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006/02/15 11:25:00 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2006/02/15 11:21:55 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat
[2006/02/15 11:21:55 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2006/02/15 11:21:53 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/02/15 11:21:53 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/02/15 10:44:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/15 10:41:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/02/15 10:35:33 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/02/15 10:34:07 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/02/15 09:09:00 | 000,000,341 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/02/15 09:03:52 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/15 09:03:40 | 000,511,678 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/15 09:03:40 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/15 09:03:40 | 000,093,330 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/15 09:03:40 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/15 09:03:34 | 000,004,688 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/15 09:03:31 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/15 09:03:27 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/02/15 09:03:06 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/15 09:03:05 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/15 09:02:37 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/15 09:02:16 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/15 02:30:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/02/15 02:29:32 | 000,204,120 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/11/28 23:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/09/02 17:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/08/24 18:20:28 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/08/05 17:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/23 00:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/07/20 20:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 17:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003/01/07 18:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1999/01/04 13:25:00 | 000,375,296 | ---- | C] () -- C:\WINDOWS\System32\tx32.dll
[1998/11/04 02:20:00 | 000,000,202 | ---- | C] () -- C:\WINDOWS\System32\Ic32.ini

========== LOP Check ==========

[2010/10/02 16:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\3930F
[2010/02/25 19:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/02/24 20:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ashtons Family Resort
[2010/07/12 11:04:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2006/02/17 04:57:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2009/02/08 16:02:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivoGames
[2009/02/25 19:54:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy-PizzaParty
[2009/04/04 19:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreshGames
[2009/03/30 17:59:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2010/07/14 18:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GamersDigital
[2009/03/14 19:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2009/02/08 21:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2010/10/02 16:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iMesh
[2009/03/27 18:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2009/04/22 19:19:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2009/02/08 17:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2009/02/10 16:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NannyMania
[2009/02/23 19:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NevoSoft Games
[2009/03/26 17:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2010/07/15 07:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/10/26 08:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEngineLite
[2009/03/11 08:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2009/03/30 17:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2010/05/13 14:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2009/02/12 15:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/10/02 16:57:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A3570649-72CF-4FA2-A237-74A7EE92053E}
[2010/10/03 14:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\BitComet
[2010/10/02 15:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\BitTorrent
[2010/08/10 21:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\Canon
[2010/04/20 10:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\Facebook
[2010/07/16 07:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\FCTB000062781
[2010/07/21 10:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\Flock
[2010/07/14 18:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\GamersDigital
[2010/10/02 16:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\imeshmediabartb
[2010/10/03 14:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\LimeWire
[2010/07/16 14:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\Opera
[2010/08/06 15:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\PrimoPDF
[2010/08/18 16:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\Protector Suite
[2010/09/13 22:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\Smith Micro
[2010/07/13 19:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\SpinTop
[2010/07/29 16:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\Template
[2006/02/16 04:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\toshiba
[2010/05/12 17:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shannon's Work\Application Data\ViquaSoft
[2011/03/18 18:57:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job
[2006/08/20 08:43:47 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 1.job
[2006/08/20 08:43:48 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 2.job
[2006/08/20 08:43:49 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 3.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:94D41096
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78D09D71
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:77DB6C0F
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:47417312
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BAFBDA0
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7AF9CAEB
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B3A4EC2
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:57DC3B52
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F69BB936
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A7601C61
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:126591AF

< End of report >


OTL Extras logfile created on: 3/26/2011 5:21:08 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Shannon's Work\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.54 Gb Total Space | 41.69 Gb Free Space | 37.37% Space Free | Partition Type: NTFS
Drive E: | 42.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FREIGHTLINER | User Name: Shannon's Work | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- C:\Documents and Settings\Shannon's Work\Local Settings\Application Data\qgv.exe (Valve Corporation)
.html [@ = FlockHTML] -- C:\Program Files\Flock\flock.exe (Flock, Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- C:\PROGRA~1\FLOCK\FLOCK.EXE -requestPending -osint -url "%1" (Flock, Inc.)
https [open] -- C:\PROGRA~1\FLOCK\FLOCK.EXE -requestPending -osint -url "%1" (Flock, Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"18630:TCP" = 18630:TCP:*:Enabled:BitComet 18630 TCP
"18630:UDP" = 18630:UDP:*:Enabled:BitComet 18630 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrade Engine -- (TOSHIBA Corporation)
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\IVP\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- (TOSHIBA Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed
"C:\Program Files\Common Files\AOL\1140083713\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1140083713\EE\AOLServiceHost.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe" = C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL -- (Gteko Ltd.)
"C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe:*:Enabled:QuickBooks 2006 Data Manager -- (Intuit, Inc.)
"C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" = C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Engine
"C:\Documents and Settings\Robert Koller\My Documents\LimeWire\LimeWire.exe" = C:\Documents and Settings\Robert Koller\My Documents\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\WINDOWS\Temp\~os108.tmp\ossproxy.exe" = C:\WINDOWS\Temp\~os108.tmp\ossproxy.exe:*:Enabled:ossproxy.exe
"C:\WINDOWS\Temp\~os144.tmp\ossproxy.exe" = C:\WINDOWS\Temp\~os144.tmp\ossproxy.exe:*:Enabled:ossproxy.exe
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe" = C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4
"c:\program files\relevantknowledge\rlvknlg.exe" = c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
"C:\Program Files\Gamers Unite! Snag Bar\TroubleShooter.exe" = C:\Program Files\Gamers Unite! Snag Bar\TroubleShooter.exe:*:Enabled:Gamers Unite! Snag Bar (Helper) -- (FreeCause Inc.)
"C:\Program Files\Gamers Unite! Snag Bar\ToolbarUpdate.exe" = C:\Program Files\Gamers Unite! Snag Bar\ToolbarUpdate.exe:*:Enabled:Gamers Unite! Snag Bar (Update) -- (FreeCause Inc.)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Program Files\BearShare\BearShare.exe" = C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh -- (iMesh, Inc)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series" = Canon MX310 series
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{17424F35-8B77-4ADF-BC63-BF9B81418539}" = Apple Application Support
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{190C7419-C254-408e-81F8-BE11FCD72A1F}" = dj_sf_software
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 20
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
"{47499FAF-B116-4b14-B07F-DB2C3087A06C}" = D4200_Help
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{58535A90-1788-44f5-80BB-CFF62D9CE6D5}" = HP Deskjet 8.0 Software
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility
"{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69B02159-7626-4DBB-B9EE-F933039830AD}" = QuickBooks Premier: Contractor Edition 2006
"{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{780F9A1C-6BFE-4691-83A9-095D859E3052}" = VZAccess Manager
"{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities
"{79D78DC9-96A2-426e-B705-A1EE9536D18B}" = D4200
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{91A10409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{BE3F89C0-42D5-11D5-A40A-00105AC8331A}" = Metamail (Toshiba Registration Utility)
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C13AF9C7-8E06-4354-B629-DF6192CE4A66}" = PANTECH UM175 Driver
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C7E154EF-D5EC-4da4-9D00-43B85967B120}" = dj_sf_ProductContext
"{CAC2CF93-B532-4A88-81FE-110750C3E4BA}" = Verizon Wireless USB760 Firmware Updates
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDBFC424-DD00-497F-9BDC-4E4178332336}" = Protector Suite 5.4
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3030F57-9E6B-4E36-95B6-F7B4DBDEB8FB}" = HP Smart Web Printing 1.0
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F19553C5-F843-4C27-BF9F-9DE4D901B895}" = Verizon Mobile Broadband Drivers
"{F327A8F7-00C6-4491-9782-1DFFBB0594A2}" = dj_sf_software_req
"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Akamai" = Akamai NetSession Interface
"amg-cradleofrome" = Cradle of Rome
"amg-goldrushtreasurehunt" = Gold Rush - Treasure Hunt
"amg-hotelmahjongdeluxe" = Hotel Mahjong Deluxe
"amg-luxor" = Luxor
"amg-sunsetstudiodeluxe" = Sunset Studio Deluxe
"AolCoach2_en" = AOL Coach Version 2.0(Build:20041026.5 en)
"avast5" = avast! Free Antivirus
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CutePDF Professional (Evaluation)_is1" = CutePDF Professional 3.6 (Evaluation)
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Dell Laser Printer 1110" = Dell Laser Printer 1110 Software Uninstall
"eMule" = eMule
"ESPNMotion" = ESPNMotion
"Fast Browser SearchP" = Fast Browser Search Protection
"Flock (2.6.2)" = Flock (2.6.2)
"Gamers Unite! Snag Bar" = Gamers Unite! Snag Bar
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"iMesh" = iMesh
"InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PC Diagnostic Tool" = TOSHIBA PC Diagnostic Tool
"PCConfidential_is1" = PC Confidential 2008
"Power Saver" = TOSHIBA Power Saver
"ProInst" = Intel® PROSet/Wireless Software
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer Basic
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Game Console" = TOSHIBA Game Console
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"TOSHIBA TV Tuner" = TOSHIBA TV Tuner 4.0.12.73
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"Zynga Toolbar" = Zynga Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/26/2011 3:39:17 PM | Computer Name = FREIGHTLINER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/26/2011 3:39:17 PM | Computer Name = FREIGHTLINER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4063

Error - 3/26/2011 3:39:17 PM | Computer Name = FREIGHTLINER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4063

Error - 3/26/2011 4:06:21 PM | Computer Name = FREIGHTLINER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/26/2011 4:06:21 PM | Computer Name = FREIGHTLINER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1628453

Error - 3/26/2011 4:06:21 PM | Computer Name = FREIGHTLINER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1628453

Error - 3/26/2011 4:06:23 PM | Computer Name = FREIGHTLINER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/26/2011 4:06:23 PM | Computer Name = FREIGHTLINER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1630438

Error - 3/26/2011 4:06:23 PM | Computer Name = FREIGHTLINER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1630438

Error - 3/26/2011 6:08:37 PM | Computer Name = FREIGHTLINER | Source = Application Hang | ID = 1002
Description = Hanging application qgv.exe, version 1.0.968.628, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 3/24/2011 8:30:11 AM | Computer Name = FREIGHTLINER | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Office 2003 (KB923272).

Error - 3/25/2011 9:26:36 AM | Computer Name = FREIGHTLINER | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: OneNote 2003 Service Pack 2.

Error - 3/25/2011 9:29:46 AM | Computer Name = FREIGHTLINER | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Office 2003 Service Pack 2.

Error - 3/25/2011 9:31:16 AM | Computer Name = FREIGHTLINER | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Office 2003 (KB923272).

Error - 3/25/2011 10:38:26 AM | Computer Name = FREIGHTLINER | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.MFC could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 3/25/2011 10:38:26 AM | Computer Name = FREIGHTLINER | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.MFC. Reference error
message: The referenced assembly is not installed on your system. .

Error - 3/25/2011 10:38:26 AM | Computer Name = FREIGHTLINER | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\Verizon Wireless\VZAccess
Manager\ATTExtension.dll. Reference error message: The operation completed successfully.
.

Error - 3/26/2011 11:19:43 AM | Computer Name = FREIGHTLINER | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: OneNote 2003 Service Pack 2.

Error - 3/26/2011 11:22:44 AM | Computer Name = FREIGHTLINER | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Office 2003 Service Pack 2.

Error - 3/26/2011 11:24:48 AM | Computer Name = FREIGHTLINER | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Office 2003 (KB923272).


< End of report >
  • 0

Advertisements

#2
shaly777
Posted 26 March 2011 - 04:57 PM

shaly777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
I should add that malwarebytes seems to be disabled as well! :D
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP