Jump to content

glennatheaxe

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks again-- Glenna Here is the extras log. OTL Extras logfile created on: 4/2/2012 9:15:25 PM - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = F:\Documents and Settings\Glenna Montgomery\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 66.46% Memory free 4.84 Gb Paging File | 3.80 Gb Available in Paging File | 78.56% Paging File free Paging file location(s): F:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files Drive C: | 7.84 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: NTFS Drive D: | 931.51 Gb Total Space | 867.25 Gb Free Space | 93.10% Space Free | Partition Type: NTFS Drive E: | 111.78 Gb Total Space | 106.99 Gb Free Space | 95.71% Space Free | Partition Type: NTFS Drive F: | 59.61 Gb Total Space | 32.49 Gb Free Space | 54.52% Space Free | Partition Type: NTFS Computer Name: GLENNA-GAMER | User Name: Glenna Montgomery | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-1177238915-1303643608-839522115-1003\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Value error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- "E:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "E:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP "427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP "65533:TCP" = 65533:TCP:*:Enabled:Services "52344:TCP" = 52344:TCP:*:Enabled:Services "2479:TCP" = 2479:TCP:*:Enabled:Services "3246:TCP" = 3246:TCP:*:Enabled:Services "3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP "427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP "65533:TCP" = 65533:TCP:*:Enabled:Services "52344:TCP" = 52344:TCP:*:Enabled:Services "2479:TCP" = 2479:TCP:*:Enabled:Services "3246:TCP" = 3246:TCP:*:Enabled:Services "3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "F:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = F:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = F:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = F:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = F:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = F:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = F:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = F:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = F:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = F:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = F:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = F:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\HP Software Update\hpwucli.exe" = F:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "F:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = F:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) "F:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = F:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () "D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe" = D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services -- (Rosetta Stone Ltd. ) "D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe" = D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application -- (Rosetta Stone Ltd. ) "G:\setup\hpznui01.exe" = G:\setup\hpznui01.exe:*:Enabled:hpznui01.exe "D:\Documents and Settings\Glenna Montgomery\Local Settings\Temp\7zS5FB7\OJ6500vE709_Full_14\setup\hpznui01.exe" = D:\Documents and Settings\Glenna Montgomery\Local Settings\Temp\7zS5FB7\OJ6500vE709_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- (Hewlett-Packard) "F:\Program Files\HP\Digital Imaging\{58D79E62-CFC8-4331-8469-3A1B16E1769C}\setup\hpznui01.exe" = F:\Program Files\HP\Digital Imaging\{58D79E62-CFC8-4331-8469-3A1B16E1769C}\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- (Hewlett-Packard) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "E:\Program Files\uTorrent\uTorrent.exe" = E:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent "E:\Program Files\BitTorrent\bittorrent.exe" = E:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent "F:\Documents and Settings\Glenna Montgomery\Application Data\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe" = F:\Documents and Settings\Glenna Montgomery\Application Data\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe:*:Enabled:Juniper Terminal Services Client -- (Juniper Networks) "F:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = F:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = F:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = F:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = F:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = F:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = F:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = F:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = F:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = F:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = F:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = F:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "F:\Program Files\HP\HP Software Update\hpwucli.exe" = F:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "F:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = F:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) "F:\Program Files\Alwil Software\Avast5\AvastUI.exe" = F:\Program Files\Alwil Software\Avast5\AvastUI.exe:*:Enabled:avast! Free Antivirus "F:\Program Files\Alwil Software\Avast5\AvastSvc.exe" = F:\Program Files\Alwil Software\Avast5\AvastSvc.exe:LocalSubNet:Enabled:avast! Antivirus Service "F:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = F:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () "D:\Program Files\BitTorrent\BitTorrent.exe" = D:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.) "F:\Program Files\Skype\Plugin Manager\skypePM.exe" = F:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager "D:\Program Files\AVAST Software\Avast\AvastSvc.exe" = D:\Program Files\AVAST Software\Avast\AvastSvc.exe:LocalSubNet:Enabled:avast! Antivirus Service -- (AVAST Software) "D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe" = D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services -- (Rosetta Stone Ltd. ) "D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe" = D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application -- (Rosetta Stone Ltd. ) "G:\setup\hpznui01.exe" = G:\setup\hpznui01.exe:*:Enabled:hpznui01.exe "D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "D:\Program Files\Steam\steamapps\common\brink\brink.exe" = D:\Program Files\Steam\steamapps\common\brink\brink.exe:*:Enabled:Brink -- (Splash Damage, Ltd.) "D:\Documents and Settings\Glenna Montgomery\Local Settings\Temp\7zS5FB7\OJ6500vE709_Full_14\setup\hpznui01.exe" = D:\Documents and Settings\Glenna Montgomery\Local Settings\Temp\7zS5FB7\OJ6500vE709_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- (Hewlett-Packard) "F:\Program Files\HP\Digital Imaging\{58D79E62-CFC8-4331-8469-3A1B16E1769C}\setup\hpznui01.exe" = F:\Program Files\HP\Digital Imaging\{58D79E62-CFC8-4331-8469-3A1B16E1769C}\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- (Hewlett-Packard) "F:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = F:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0451FD8E-D80E-4BA6-AE02-EBE80A059CB0}" = Sibelius Scorch (ActiveX Only) "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network "{0E52A52C-E120-461C-AA1B-21B045BEE842}" = bpd_scan "{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery "{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Hi-Def Suite "{21E49794-7C13-4E84-8659-55BD378267D5}" = Windows Home Server Connector "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 29 "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime "{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup "{3BE02281-FCCF-44BB-8413-AC4A633059EB}" = BPDSoftware "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support "{58D79E62-CFC8-4331-8469-3A1B16E1769C}" = HP Officejet 6500 E709 Series "{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status "{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7 "{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update "{625386A4-B6B6-4911-A6E8-23189C3F2D15}" = Microsoft .NET Compact Framework 2.0 SP1 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = CyberLink PowerDVD "{68654483-9629-4CF5-88FF-9FB70B3BECDE}" = ProductContext "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{698AC01B-DF0C-4BCE-940C-EB29AD23A560}" = Stamps.com "{6BB9C1F3-661C-4A19-7F48-2F9039CC3981}" = Jacquie Lawson Advent Calendar "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71F17309-007D-43F9-9313-DBFBA5FCB3B3}" = LightScribe Optical Disc Kit "{71FD28F7-E697-40B4-8DC9-91E8B1B9AEE9}" = Wireless G WUA-1340 "{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service "{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}" = Rosetta Stone Version 3 "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert "{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax "{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr "{982B2A0F-7679-41D6-A584-C8E735F4A8CD}" = Windows Home Server Toolkit 1.1 "{99F67894-9486-413F-94E1-8B12B1606EAB}" = BPDSoftware_Ini "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab "{A19E1C26-6DAF-AFDC-4EFF-EFF7FA36F72D}" = Jacquie Lawson London Advent Calendar "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA787E05-E835-4812-AA3D-4048C8A46587}" = 6500_E709_eDocs "{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2) "{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.18 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B3EA8C67-C182-40E5-BCC7-6F132DA46AAD}" = Logitech Harmony Remote Software 7 "{B64BC516-2406-43AE-A21A-1E387A2343B1}" = ContentManager "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2 "{BB558CDC-C7BE-44D0-9260-B810D66702C4}" = 6500_E709n "{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0957BCD-AE33-42B1-82F6-B2D4B3C6E2A4}" = Diskeeper 2010 Professional "{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F53B432E-BD19-4400-BFA0-2BBD16410F8F}" = 6500_E709_Help "{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "A Vampyre Story" = A Vampyre Story "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe PhotoDeluxe 2.0" = Adobe PhotoDeluxe 2.0 "AI RoboForm" = AI RoboForm (All Users) "Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.12 "Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor "Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10 10.0.7 "Ashampoo Burning Studio 9_is1" = Ashampoo Burning Studio 9.20 "AudioCS" = Creative Audio Control Panel "avast" = avast! Free Antivirus "Behind the Reflection 2 Witchs Revenge 1.00" = Behind the Reflection 2 Witchs Revenge 1.00 "Between the Worlds 2 The Pyramid 1.00" = Between the Worlds 2 The Pyramid 1.00 "BFGC" = Big Fish Games: Game Manager "BitTorrent" = BitTorrent "Bluebeards Castle 1.00" = Bluebeards Castle 1.00 "CCleaner" = CCleaner "Christmasville 1.00" = Christmasville 1.00 "Chronicles of Mystery - The Tree of Life ~ jJust For Fun Games" = Chronicles of Mystery - The Tree of Life ~ jJust For Fun Games "Clutter 1.00" = Clutter 1.00 "Columbus Ghost of the Mystery Stone 1.00" = Columbus Ghost of the Mystery Stone 1.00 "Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows "Creative Live! Cam Center" = Creative Live! Cam Center "Creative Live! Cam Manager" = Creative Live! Cam Manager "Creative Live! Cam Video IM Pro User's Guide English" = Creative Live! Cam Video IM Pro User's Guide (English) "Creative Software AutoUpdate" = Creative Software AutoUpdate "Creative VF0230" = Creative Live! Cam Video IM Pro Driver (1.00.07.0725) "Crime and Punishment Who Framed Raskolnikov 1.00" = Crime and Punishment Who Framed Raskolnikov 1.00 "Dark Parables 3 Rise of the Snow Queen Collectors Edition 1.00" = Dark Parables 3 Rise of the Snow Queen Collectors Edition 1.00 "Escape The Emerald Star 1.00" = Escape The Emerald Star 1.00 "Facetheme" = Face Theme "Fantastic Creations House of Brass Collectors Edition 1.00" = Fantastic Creations House of Brass Collectors Edition 1.00 "Flower of Immortality 1.00" = Flower of Immortality 1.00 "Gemsweeper_is1" = Gemsweeper 1.402 "Get Yahoo! Messenger" = Get Yahoo! Messenger "Haunted Manor 2 Queen of Death Collectors Edition 1.00" = Haunted Manor 2 Queen of Death Collectors Edition 1.00 "Haunted Past Realm of Ghosts Collectors Edition 1.00" = Haunted Past Realm of Ghosts Collectors Edition 1.00 "HijackThis" = HijackThis 2.0.2 "hp deskjet 5600 series_Driver" = hp deskjet 5600 series "HP Document Manager" = HP Document Manager 2.0 "HP Imaging Device Functions" = HP Imaging Device Functions 14.0 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0 "HPExtendedCapabilities" = HP Customer Participation Program 14.0 "HPOCR" = OCR Software by I.R.I.S. 14.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "Image Composer" = Microsoft Image Composer 1.5 "InstallShield_{71FD28F7-E697-40B4-8DC9-91E8B1B9AEE9}" = Wireless G WUA-1340 "JacquieLawsonAdventCalendar" = Jacquie Lawson Advent Calendar "JLAdventCalendarLondon2011" = Jacquie Lawson London Advent Calendar "Little Shop - Memories 1.052" = Little Shop - Memories 1.052 "Little Shop - Road Trip 1.00" = Little Shop - Road Trip 1.00 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MiPony" = MiPony 1.5.2 "Mishap 2 An Intentional Haunting Collectors Edition 1.00" = Mishap 2 An Intentional Haunting Collectors Edition 1.00 "Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US) "MSNINST" = MSN "Musicnotes Combined Installer_is1" = Musicnotes Software Suite 1.5.3 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Pahelika 2 Revelations 1.00" = Pahelika 2 Revelations 1.00 "Phenomenon City of Cyan 1.00" = Phenomenon City of Cyan 1.00 "PowerISO" = PowerISO "Princess Isabella Return of the Curse Collectors Edition 1.00" = Princess Isabella Return of the Curse Collectors Edition 1.00 "PunkBusterSvc" = PunkBuster Services "RarZilla Free Unrar" = RarZilla Free Unrar "Red Crow Mysteries Legion 1.00" = Red Crow Mysteries Legion 1.00 "Rhiannon - Curse Of The Four Branches ." = Rhiannon - Curse Of The Four Branches . "Shop for HP Supplies" = Shop for HP Supplies "Special Enquiry Detail 2 1.00" = Special Enquiry Detail 2 1.00 "Stamps.com" = Stamps.com "Stanza" = Stanza "Steam App 22350" = Brink "Steam App 400" = Portal "Surface Mystery of Another World CE 1.00" = Surface Mystery of Another World CE 1.00 "SysInfo" = Creative System Information "The Clockwork Man 2 The Hidden World Ultimate Edition 1.00" = The Clockwork Man 2 The Hidden World Ultimate Edition 1.00 "Toolbar Cleaner" = Toolbar Cleaner 1.0 "UHS Reader (Version 6.10)" = UHS Reader (Version 6.10) "Uniblue RegistryBooster" = Uniblue RegistryBooster "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.9 "WIC" = Windows Imaging Component "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR archiver ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1177238915-1303643608-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Juniper_Setup_Client" = Juniper Networks Setup Client "Juniper_Term_Services" = Juniper Terminal Services Client ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 3/18/2012 4:59:47 PM | Computer Name = GLENNA-GAMER | Source = Application Hang | ID = 1001 Description = Fault bucket 1723027567. Error - 3/18/2012 5:51:28 PM | Computer Name = GLENNA-GAMER | Source = Application Hang | ID = 1002 Description = Hanging application hpzsetup.exe, version 14.0.301.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 3/18/2012 8:42:48 PM | Computer Name = GLENNA-GAMER | Source = Application Error | ID = 1000 Description = Faulting application templeoflife_thelegendoffourelementsce.exe, version 0.0.0.0, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00010a19. Error - 3/18/2012 8:42:51 PM | Computer Name = GLENNA-GAMER | Source = Application Error | ID = 1001 Description = Fault bucket -1562415543. Error - 3/19/2012 7:47:42 PM | Computer Name = GLENNA-GAMER | Source = Application Error | ID = 1000 Description = Faulting application templeoflife_thelegendoffourelementsce.exe, version 0.0.0.0, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00010a19. Error - 3/20/2012 11:04:50 PM | Computer Name = GLENNA-GAMER | Source = Application Error | ID = 1000 Description = Faulting application templeoflife_thelegendoffourelementsce.exe, version 0.0.0.0, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00010a19. Error - 3/25/2012 7:43:00 PM | Computer Name = GLENNA-GAMER | Source = Application Hang | ID = 1002 Description = Hanging application ST.exe, version 1.0.42.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 4/1/2012 6:43:32 PM | Computer Name = GLENNA-GAMER | Source = Diskeeper | ID = 5 Description = Diskeeper Control Center - ERROR The Diskeeper News and Information feature was unable to contact the Diskeeper Corporation web server. Ensure this computer has Internet access. The Error Code is 5. Error - 4/2/2012 12:09:42 AM | Computer Name = GLENNA-GAMER | Source = Application Error | ID = 1000 Description = Faulting application ilivid.exe, version 0.0.0.0, faulting module qtwebkit4.dll, version 4.7.3.0, fault address 0x00880e7c. Error - 4/3/2012 12:15:02 AM | Computer Name = GLENNA-GAMER | Source = Application Hang | ID = 1002 Description = Hanging application OTL.exe, version 3.2.39.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000. [ System Events ] Error - 4/1/2012 2:13:00 PM | Computer Name = GLENNA-GAMER | Source = Schedule | ID = 7901 Description = The At4.job command failed to start due to the following error: %%2147942402 Error - 4/1/2012 4:33:24 PM | Computer Name = GLENNA-GAMER | Source = NETLOGON | ID = 3095 Description = This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration. Error - 4/1/2012 4:33:27 PM | Computer Name = GLENNA-GAMER | Source = Service Control Manager | ID = 7000 Description = The Remote Connections Service service failed to start due to the following error: %%3 Error - 4/1/2012 8:00:00 PM | Computer Name = GLENNA-GAMER | Source = Schedule | ID = 7901 Description = The At1.job command failed to start due to the following error: %%2147942402 Error - 4/2/2012 2:46:00 AM | Computer Name = GLENNA-GAMER | Source = Schedule | ID = 7901 Description = The At2.job command failed to start due to the following error: %%2147942402 Error - 4/2/2012 8:41:00 AM | Computer Name = GLENNA-GAMER | Source = Schedule | ID = 7901 Description = The At3.job command failed to start due to the following error: %%2147942402 Error - 4/2/2012 2:13:00 PM | Computer Name = GLENNA-GAMER | Source = Schedule | ID = 7901 Description = The At4.job command failed to start due to the following error: %%2147942402 Error - 4/2/2012 8:00:00 PM | Computer Name = GLENNA-GAMER | Source = Schedule | ID = 7901 Description = The At1.job command failed to start due to the following error: %%2147942402 Error - 4/2/2012 11:42:01 PM | Computer Name = GLENNA-GAMER | Source = NETLOGON | ID = 3095 Description = This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration. Error - 4/2/2012 11:42:03 PM | Computer Name = GLENNA-GAMER | Source = Service Control Manager | ID = 7000 Description = The Remote Connections Service service failed to start due to the following error: %%3 < End of report >
  2. Thanks for your help Here is the OTL log Glenna OTL logfile created on: 4/2/2012 9:15:25 PM - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = F:\Documents and Settings\Glenna Montgomery\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 66.46% Memory free 4.84 Gb Paging File | 3.80 Gb Available in Paging File | 78.56% Paging File free Paging file location(s): F:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files Drive C: | 7.84 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: NTFS Drive D: | 931.51 Gb Total Space | 867.25 Gb Free Space | 93.10% Space Free | Partition Type: NTFS Drive E: | 111.78 Gb Total Space | 106.99 Gb Free Space | 95.71% Space Free | Partition Type: NTFS Drive F: | 59.61 Gb Total Space | 32.49 Gb Free Space | 54.52% Space Free | Partition Type: NTFS Computer Name: GLENNA-GAMER | User Name: Glenna Montgomery | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/04/02 20:49:36 | 000,593,920 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Glenna Montgomery\Desktop\OTL.exe PRC - [2012/03/23 20:10:56 | 000,924,600 | ---- | M] (Mozilla Corporation) -- F:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012/03/10 13:15:37 | 003,905,920 | ---- | M] (SUPERAntiSpyware.com) -- F:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE PRC - [2012/03/06 17:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012/03/06 17:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- d:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012/02/29 16:58:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- F:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012/02/12 16:04:53 | 000,160,328 | ---- | M] (Siber Systems) -- F:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe PRC - [2011/12/03 09:31:58 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Program Files\Steam\Steam.exe PRC - [2011/11/07 01:26:14 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- F:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe PRC - [2011/08/27 12:16:34 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- F:\Program Files\SUPERAntiSpyware\SASCORE.EXE PRC - [2011/07/05 09:04:34 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe PRC - [2011/04/27 13:51:38 | 000,200,152 | ---- | M] () -- F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing-tray.exe PRC - [2011/01/10 12:28:54 | 000,376,688 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Windows Home Server\WHSConnector.exe PRC - [2011/01/10 12:28:52 | 000,603,504 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Windows Home Server\WHSTrayApp.exe PRC - [2010/12/20 10:06:32 | 001,734,480 | ---- | M] (Diskeeper Corporation) -- D:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe PRC - [2010/06/01 12:26:38 | 000,435,200 | ---- | M] (MiTAC Digital Corporation.) -- F:\Program Files\Content Manager\CmTray.exe PRC - [2009/09/04 13:16:16 | 000,075,048 | ---- | M] (cyberlink) -- F:\Program Files\CyberLink\Shared Files\brs.exe PRC - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- F:\Program Files\Creative\Shared Files\CTAudSvc.exe PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\explorer.exe PRC - [2007/06/04 18:24:44 | 000,599,600 | ---- | M] (CyberLink Corporation.) -- D:\Program Files\CyberLink\InstantBurn\Win2K\IBurn.exe PRC - [2006/08/17 13:45:56 | 000,249,856 | ---- | M] (BL) -- D:\Program Files\lg_fwupdate\fwupdate.exe PRC - [2006/07/19 10:00:00 | 000,036,961 | R--- | M] (Creative Technology Ltd.) -- F:\WINDOWS\system32\V0230Mon.exe ========== Modules (No Company Name) ========== MOD - [2012/04/02 20:43:08 | 000,052,736 | ---- | M] () -- F:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll MOD - [2012/04/02 20:43:07 | 000,065,024 | ---- | M] () -- F:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll MOD - [2012/04/02 11:22:13 | 001,752,064 | ---- | M] () -- d:\Program Files\AVAST Software\Avast\defs\12040201\algo.dll MOD - [2012/03/25 12:02:29 | 020,297,512 | ---- | M] () -- D:\Program Files\Steam\bin\libcef.dll MOD - [2012/03/25 12:02:26 | 001,099,576 | ---- | M] () -- D:\Program Files\Steam\bin\avcodec-53.dll MOD - [2012/03/25 12:02:26 | 000,907,048 | ---- | M] () -- D:\Program Files\Steam\bin\chromehtml.dll MOD - [2012/03/25 12:02:26 | 000,190,776 | ---- | M] () -- D:\Program Files\Steam\bin\avformat-53.dll MOD - [2012/03/25 12:02:26 | 000,123,192 | ---- | M] () -- D:\Program Files\Steam\bin\avutil-51.dll MOD - [2012/03/23 20:10:56 | 001,969,080 | ---- | M] () -- F:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012/02/26 16:28:57 | 008,527,008 | ---- | M] () -- F:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2012/02/18 14:37:25 | 012,430,848 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll MOD - [2012/02/18 14:37:17 | 001,587,200 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll MOD - [2012/02/18 14:36:30 | 007,953,408 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll MOD - [2011/10/12 17:14:42 | 011,490,816 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll MOD - [2011/09/07 20:46:57 | 000,117,760 | ---- | M] () -- F:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL MOD - [2011/09/07 20:46:57 | 000,052,224 | ---- | M] () -- F:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll MOD - [2011/04/27 13:51:38 | 000,200,152 | ---- | M] () -- F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing-tray.exe MOD - [2007/05/05 11:40:34 | 000,128,512 | ---- | M] () -- d:\Program Files\WinRar\RarExt.dll MOD - [2007/04/10 16:27:40 | 008,357,424 | ---- | M] () -- D:\Program Files\CyberLink\InstantBurn\Win2K\Res.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- F:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus® SRV - File not found [Auto | Stopped] -- -- (FlexService) SRV - [2012/03/06 17:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- d:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012/02/29 16:58:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- F:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2011/08/27 12:16:34 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- F:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2011/07/31 19:47:25 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- F:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- F:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011/01/10 12:28:54 | 000,376,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Program Files\Windows Home Server\WHSConnector.exe -- (WHSConnector) SRV - [2010/12/30 23:44:58 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- F:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2010/12/20 10:06:32 | 001,734,480 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- D:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper) SRV - [2010/03/02 23:40:16 | 000,498,560 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- F:\Documents and Settings\Glenna Montgomery\Local Settings\Temp\NINENGPZJBZ.exe -- (NINENGPZJBZ) SRV - [2010/03/02 23:17:21 | 000,400,256 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- F:\Documents and Settings\Glenna Montgomery\Local Settings\Temp\WBRVGUJ.exe -- (WBRVGUJ) SRV - [2010/03/02 19:48:16 | 000,584,576 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- F:\Documents and Settings\Glenna Montgomery\Local Settings\Temp\XSWHIVHYBL.exe -- (XSWHIVHYBL) SRV - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- F:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) SRV - [2005/11/30 10:35:38 | 000,049,152 | ---- | M] (Alpha Networks Inc.) [Auto | Stopped] -- F:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012/03/06 17:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- F:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012/03/06 17:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012/03/06 17:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2012/03/06 17:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012/03/06 17:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- F:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2012/03/06 17:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- F:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012/03/06 16:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011/08/27 12:16:29 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- F:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011/08/27 12:16:28 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- F:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV) DRV - [2010/09/22 10:10:18 | 000,044,368 | ---- | M] (Diskeeper Corporation) [File_System | On_Demand | Running] -- F:\WINDOWS\system32\drivers\DKRtWrt.sys -- (DKRtWrt) DRV - [2010/03/05 18:50:42 | 000,022,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\Documents and Settings\Glenna Montgomery\Local Settings\Temp\EMebDrv.sys -- (EMebDrv) DRV - [2010/03/03 21:31:47 | 000,024,168 | ---- | M] (Norman ASA) [Kernel | On_Demand | Stopped] -- F:\Documents and Settings\Glenna Montgomery\Local Settings\Temp\000011e9.nmc\nse\bin\ndiskio.sys -- (NDISKIO) DRV - [2010/03/03 21:31:46 | 000,018,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\Documents and Settings\Glenna Montgomery\Local Settings\Temp\000011e9.nmc\nse\bin\nsak.sys -- (nsak) DRV - [2010/02/24 20:44:45 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- F:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) DRV - [2009/10/07 13:49:18 | 000,044,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\BackupReader.sys -- (BackupReader) DRV - [2009/09/01 17:51:32 | 000,087,536 | ---- | M] (CyberLink Corp.) [2012/03/11 19:24:54] [Kernel | Auto | Running] -- D:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) DRV - [2009/07/07 03:59:03 | 001,810,560 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\Ctafilt.sys -- (Ctafilt) DRV - [2008/11/03 12:21:10 | 000,083,296 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- F:\WINDOWS\system32\drivers\jraid.sys -- (jraid) DRV - [2008/03/13 23:04:29 | 000,046,652 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2007/06/04 18:25:14 | 000,016,048 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\CLBStor.sys -- (CLBStor) DRV - [2007/06/04 18:25:12 | 000,162,096 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- F:\WINDOWS\System32\drivers\CLBUDF.sys -- (CLBUDF) DRV - [2006/07/24 10:00:00 | 000,498,464 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\V0230VID.sys -- (V0230VID) DRV - [2006/03/23 10:00:00 | 000,006,272 | R--- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\V0230Vfx.sys -- (V0230Vfx) DRV - [2005/12/11 11:55:38 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- F:\WINDOWS\system32\ANIO.sys -- (ANIO) DRV - [2005/11/03 04:39:02 | 000,245,504 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555 IE - HKU\S-1-5-21-1177238915-1303643608-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?source=gama&hl=en IE - HKU\S-1-5-21-1177238915-1303643608-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/ig?hl=en IE - HKU\S-1-5-21-1177238915-1303643608-839522115-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-1177238915-1303643608-839522115-1003\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo.com/search?fr=vmn&type=vmn-ada-vmntbcleaner-1_0-ya-ch-rp&q={searchTerms} IE - HKU\S-1-5-21-1177238915-1303643608-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_enUS360 IE - HKU\S-1-5-21-1177238915-1303643608-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1177238915-1303643608-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search Results" FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.selectedEngine: "Search Results" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.searchnu.com/406" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.98 FF - prefs.js..extensions.enabledItems: {EB132DB0-A4CA-11DF-9732-0E29E0D72085}:1.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101 FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=" FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 5555 FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: F:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: F:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer,version=1.18.9: d:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.) FF - HKLM\Software\MozillaPlugins\@Sibelius.com/Scorch Plugin,version=6.2.0.88: d:\Program Files\Musicnotes\npsibelius.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: F:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: F:\Program Files\Object\facetheme [2010/10/16 13:05:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: d:\Program Files\AVAST Software\Avast\WebRep\FF [2012/03/16 09:18:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: F:\Program Files\Siber Systems\AI RoboForm\Firefox [2012/02/12 16:05:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: F:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/03/16 16:09:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2012/03/23 20:10:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins [2012/04/01 21:28:50 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: F:\Program Files\Object\facetheme [2010/10/16 13:05:20 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: F:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/03/16 16:09:10 | 000,000,000 | ---D | M] [2012/04/02 20:45:46 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Glenna Montgomery\Application Data\Mozilla\Extensions [2012/04/02 20:46:03 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Glenna Montgomery\Application Data\Mozilla\Firefox\Profiles\md0hy31t.default\extensions [2012/04/01 21:06:39 | 000,002,519 | ---- | M] () -- F:\Documents and Settings\Glenna Montgomery\Application Data\Mozilla\Firefox\Profiles\md0hy31t.default\searchplugins\Search_Results.xml [2012/04/02 20:45:46 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\extensions [2012/03/16 09:18:55 | 000,000,000 | ---D | M] (avast! WebRep) -- D:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2012/03/23 20:10:56 | 000,097,208 | ---- | M] (Mozilla Foundation) -- F:\Program Files\mozilla firefox\components\browsercomps.dll [2011/07/13 14:52:56 | 000,091,552 | ---- | M] (Coupons, Inc.) -- F:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll [2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- F:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/07/13 14:52:58 | 000,091,552 | ---- | M] (Coupons, Inc.) -- F:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll [2012/03/16 14:56:33 | 000,308,600 | ---- | M] (Musicnotes, Inc.) -- F:\Program Files\mozilla firefox\plugins\npmusicn.dll [2012/02/14 19:41:05 | 000,002,252 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/04/01 21:06:39 | 000,002,519 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\Search_Results.xml [2012/02/14 19:41:05 | 000,002,040 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = F:\Program Files\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = F:\Program Files\Google\Chrome\Application\17.0.963.83\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = F:\Program Files\Google\Chrome\Application\17.0.963.83\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = F:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = E:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U29 (Enabled) = E:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Adobe Acrobat (Enabled) = F:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = F:\Program Files\Mozilla Firefox\plugins\NPcol400.dll CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = F:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = F:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = F:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = F:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = F:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = F:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = F:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Musicnotes (Enabled) = d:\Program Files\Musicnotes\npmusicn.dll CHR - plugin: ScorchPlugin (Enabled) = d:\Program Files\Musicnotes\npsibelius.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = F:\Documents and Settings\Glenna Montgomery\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = F:\Documents and Settings\Glenna Montgomery\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\ CHR - Extension: avast! WebRep = F:\Documents and Settings\Glenna Montgomery\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\ CHR - Extension: Gmail = F:\Documents and Settings\Glenna Montgomery\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2011/09/19 17:36:57 | 000,000,780 | ---- | M]) - F:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 192.168.0.102 SERVER #Windows Home Server# O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Windows Live ID Sign-in Helper) - {56DA6D94-3557-26F6-0549-2C82376B074E} - Reg Error: Value error. File not found O2 - BHO: (Reg Error: Value error.) - {724d43a9-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - d:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (BrowserHelper Class) - {9A065C65-4EE7-4DDD-9918-F129089A894A} - F:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - d:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (ShopAtHome Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - F:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - F:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - F:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKU\S-1-5-21-1177238915-1303643608-839522115-1003\..\Toolbar\ShellBrowser: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - F:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-1177238915-1303643608-839522115-1003\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - F:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKU\S-1-5-21-1177238915-1303643608-839522115-1003\..\Toolbar\WebBrowser: (ShopAtHome Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - Reg Error: Value error. File not found O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ANIWZCS2Service] F:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.) O4 - HKLM..\Run: [Anti-phishing Domain Advisor] F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security)) O4 - HKLM..\Run: [avast] d:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [bDRegion] F:\Program Files\CyberLink\Shared Files\brs.exe (cyberlink) O4 - HKLM..\Run: [D-Link Wireless G WUA-1340] D:\Program Files\D-Link\Wireless G WUA-1340\AirGCFG.exe (D-Link) O4 - HKLM..\Run: [instantBurn] D:\Program Files\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.) O4 - HKLM..\Run: [LanguageShortcut] D:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LGODDFU] D:\Program Files\lg_fwupdate\fwupdate.exe (BL) O4 - HKLM..\Run: [NvCplDaemon] F:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] F:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] F:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKLM..\Run: [V0230Mon.exe] F:\WINDOWS\system32\V0230Mon.exe (Creative Technology Ltd.) O4 - HKU\.DEFAULT..\Run: [RoboForm] F:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems) O4 - HKU\S-1-5-18..\Run: [RoboForm] F:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems) O4 - HKU\S-1-5-21-1177238915-1303643608-839522115-1003..\Run: [Creative Live! Cam Manager] "E:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" File not found O4 - HKU\S-1-5-21-1177238915-1303643608-839522115-1003..\Run: [Magellan CmTray] F:\Program Files\Content Manager\CmTray.exe (MiTAC Digital Corporation.) O4 - HKU\S-1-5-21-1177238915-1303643608-839522115-1003..\Run: [Power2GoExpress] File not found O4 - HKU\S-1-5-21-1177238915-1303643608-839522115-1003..\Run: [RoboForm] F:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems) O4 - HKU\S-1-5-21-1177238915-1303643608-839522115-1003..\Run: [steam] D:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-1177238915-1303643608-839522115-1003..\Run: [sUPERAntiSpyware] F:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - HKU\S-1-5-21-1177238915-1303643608-839522115-1003..\Run: [uTorrent] "E:\Program Files\uTorrent\uTorrent.exe" File not found O4 - HKLM..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "F:\Program Files\Searchqu Toolbar" File not found O4 - HKLM..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar" File not found O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Home Server.lnk = F:\WINDOWS\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe (Microsoft Corporation) O4 - Startup: F:\Documents and Settings\Glenna Montgomery\Start Menu\Programs\Startup\Jacquie Lawson Advent Calendar.lnk = D:\Program Files\Jacquie Lawson Advent Calendar\Jacquie Lawson Advent Calendar\Jacquie Lawson Advent Calendar.exe () O4 - Startup: F:\Documents and Settings\Glenna Montgomery\Start Menu\Programs\Startup\Jacquie Lawson London Advent Calendar.lnk = D:\Program Files\Jacquie Lawson London Advent Calendar\Jacquie Lawson London Advent Calendar.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1177238915-1303643608-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1177238915-1303643608-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Customize Menu - F:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8 - Extra context menu item: Download with Mipony - D:\Program Files\MiPony\Browser\IEContext.htm () O8 - Extra context menu item: Fill Forms - F:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8 - Extra context menu item: RoboForm Toolbar - F:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O8 - Extra context menu item: Save Forms - F:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - F:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - F:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - F:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - F:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe File not found O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class) O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://remote.yrmc.org/dana-cached/setup/JuniperSetupSP1.cab (JuniperSetupSP1 Control) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://remote.yrmc.org/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6044D495-E1B1-4D7C-9BBA-65DC6857E03E}: DhcpNameServer = 192.168.0.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (F:\WINDOWS\system32\userinit.exe) - F:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (F:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - F:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O24 - Desktop WallPaper: F:\Documents and Settings\Glenna Montgomery\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: F:\Documents and Settings\Glenna Montgomery\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - F:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/11/01 21:15:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (autocheck lsdelete) O34 - HKLM BootExecute: (autocheck lsdelete) O34 - HKLM BootExecute: (autocheck lsdelete) O34 - HKLM BootExecute: (autocheck lsdelete) O34 - HKLM BootExecute: (autocheck autocheck gx??????????????????????????????) O34 - HKLM BootExecute: (autocheck autocheck ???+Ý????U) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-1177238915-1303643608-839522115-1003\...exe [@ = exefile] -- Reg Error: Value error. File not found ========== Files/Folders - Created Within 30 Days ========== [2012/04/02 21:01:27 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Local Settings\Application Data\antiphishing-vmntbcleaner1_0dn [2012/04/02 20:58:21 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor [2012/04/02 20:58:12 | 000,000,000 | ---D | C] -- F:\Program Files\Toolbar Cleaner [2012/04/02 20:58:12 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Start Menu\Programs\Toolbar Cleaner [2012/04/02 20:57:54 | 000,763,744 | ---- | C] (Visicom Media Inc.) -- F:\Documents and Settings\Glenna Montgomery\Desktop\toolbarcleaner_setup.exe [2012/04/02 20:49:38 | 000,593,920 | ---- | C] (OldTimer Tools) -- F:\Documents and Settings\Glenna Montgomery\Desktop\OTL.exe [2012/04/02 20:43:12 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\boost_interprocess [2012/04/02 20:43:02 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Start Menu\Programs\CyberLink PowerDVD [2012/04/01 21:27:18 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Application Data\HiddenMystRoyalFamilySecretsSG [2012/04/01 21:09:18 | 000,000,000 | R--D | C] -- F:\Documents and Settings\Glenna Montgomery\My Documents\My Videos [2012/04/01 21:07:56 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Local Settings\Application Data\Ilivid Player [2012/04/01 21:06:39 | 000,000,000 | ---D | C] -- F:\Program Files\Searchqu Toolbar [2012/04/01 13:08:22 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight [2012/04/01 13:06:12 | 000,000,000 | ---D | C] -- F:\WINDOWS\SxsCaPendDel [2012/03/29 19:54:35 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Application Data\My Games [2012/03/27 21:53:51 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Desktop\Movies [2012/03/25 23:37:49 | 000,274,288 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\mucltui.dll [2012/03/25 23:37:49 | 000,016,736 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\mucltui.dll.mui [2012/03/25 12:35:54 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\My Documents\Christmas Vacation 2012 [2012/03/24 12:20:24 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Application Data\4 Friends Games [2012/03/18 17:19:04 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Desktop\Nursing Licenses [2012/03/18 17:12:19 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\NVIDIA [2012/03/18 17:12:18 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\NVIDIA Corporation [2012/03/18 17:11:45 | 000,000,000 | ---D | C] -- F:\NVIDIA [2012/03/18 17:11:23 | 002,522,944 | ---- | C] (NVIDIA Corporation) -- F:\WINDOWS\System32\nvcuvid.dll [2012/03/18 17:11:23 | 002,437,440 | ---- | C] (NVIDIA Corporation) -- F:\WINDOWS\System32\nvcuvenc.dll [2012/03/18 17:11:23 | 001,000,256 | ---- | C] (NVIDIA Corporation) -- F:\WINDOWS\System32\nvdispco32.dll [2012/03/18 17:11:23 | 000,881,984 | ---- | C] (NVIDIA Corporation) -- F:\WINDOWS\System32\nvgenco32.dll [2012/03/18 17:11:23 | 000,065,536 | ---- | C] (Khronos Group) -- F:\WINDOWS\System32\OpenCL.dll [2012/03/18 17:11:21 | 017,534,976 | ---- | C] (NVIDIA Corporation) -- F:\WINDOWS\System32\nvcompiler.dll [2012/03/18 17:11:10 | 000,000,000 | ---D | C] -- F:\Program Files\NVIDIA Corporation [2012/03/17 11:59:13 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Application Data\Dark Blue Games [2012/03/16 16:09:31 | 000,000,000 | ---D | C] -- F:\Program Files\Microsoft [2012/03/16 16:09:26 | 000,000,000 | ---D | C] -- F:\Program Files\Microsoft Silverlight [2012/03/16 16:09:16 | 000,000,000 | ---D | C] -- F:\Program Files\Bing Bar Installer [2012/03/16 16:08:30 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\HP Product Assistant [2012/03/16 16:08:19 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\HP [2012/03/16 16:07:48 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\HP [2012/03/16 16:00:24 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Application Data\FlowerOfImmortality [2012/03/11 16:47:39 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\My Documents\CyberLink [2012/03/11 16:17:39 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\LG ODD Auto Firmware Update [2012/03/11 16:17:36 | 000,102,912 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\Vb6stkit.dll [2012/03/11 16:17:36 | 000,102,160 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\VB6KO.DLL [2012/03/11 16:17:36 | 000,016,384 | ---- | C] (CST) -- F:\WINDOWS\System32\lgfwunis.exe [2012/03/11 16:14:32 | 000,162,096 | ---- | C] (CyberLink Corporation.) -- F:\WINDOWS\System32\drivers\CLBUDF.sys [2012/03/11 16:14:32 | 000,131,072 | ---- | C] (CyberLink) -- F:\WINDOWS\IBUnInst.exe [2012/03/11 16:14:32 | 000,016,048 | ---- | C] (Cyberlink Co.,Ltd.) -- F:\WINDOWS\System32\drivers\CLBStor.sys [2012/03/11 16:13:59 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\LightScribeODK [2012/03/11 16:13:57 | 000,000,000 | ---D | C] -- F:\Program Files\LightScribeODK [2012/03/11 16:13:57 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\LightScribe [2012/03/11 16:13:35 | 001,053,232 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\MFC71u.dll [2012/03/11 16:13:15 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Application Data\CyberLink [2012/03/11 16:11:51 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Start Menu\Programs\CyberLink Hi-Def Suite [2012/03/11 16:11:47 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\CyberLink [2012/03/11 16:11:44 | 000,029,480 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\msxml3a.dll [2012/03/11 16:09:13 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\CyberLink Hi-Def Suite [2012/03/11 16:09:13 | 000,000,000 | ---D | C] -- F:\Program Files\CyberLink [2012/03/10 13:18:50 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Application Data\GO Games [2012/03/09 21:36:45 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Application Data\FlyWheelGames [2012/03/06 19:33:03 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Glenna Montgomery\Application Data\Natural Threat.Ominous Shores [69 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ] [5 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> ] [46 F:\WINDOWS\System32\dllcache\*.tmp files -> F:\WINDOWS\System32\dllcache\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/04/02 21:01:16 | 000,000,761 | ---- | M] () -- F:\Documents and Settings\Glenna Montgomery\Desktop\Toolbar Cleaner.lnk [2012/04/02 20:57:56 | 000,763,744 | ---- | M] (Visicom Media Inc.) -- F:\Documents and Settings\Glenna Montgomery\Desktop\toolbarcleaner_setup.exe [2012/04/02 20:53:00 | 000,000,472 | ---- | M] () -- F:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job [2012/04/02 20:52:07 | 000,444,392 | ---- | M] () -- F:\WINDOWS\System32\perfh009.dat [2012/04/02 20:52:07 | 000,072,524 | ---- | M] () -- F:\WINDOWS\System32\perfc009.dat [2012/04/02 20:49:36 | 000,593,920 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Glenna Montgomery\Desktop\OTL.exe [2012/04/02 20:44:24 | 000,000,000 | -HS- | M] () -- F:\DkHyperbootSync [2012/04/02 20:43:13 | 000,000,707 | ---- | M] () -- F:\Documents and Settings\Glenna Montgomery\Start Menu\Programs\Startup\Jacquie Lawson London Advent Calendar.lnk [2012/04/02 20:43:11 | 000,000,804 | ---- | M] () -- F:\Documents and Settings\Glenna Montgomery\Start Menu\Programs\Startup\Jacquie Lawson Advent Calendar.lnk [2012/04/02 20:43:09 | 000,002,299 | ---- | M] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Home Server.lnk [2012/04/02 20:43:04 | 000,013,748 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl [2012/04/02 20:43:02 | 000,000,289 | ---- | M] () -- F:\WINDOWS\lgfwup.ini [2012/04/02 20:42:58 | 000,000,904 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/04/02 20:42:58 | 000,000,288 | ---- | M] () -- F:\WINDOWS\tasks\RegistryBooster.job [2012/04/02 20:42:00 | 000,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat [2012/04/02 20:31:00 | 000,000,908 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/04/02 17:00:00 | 000,000,350 | ---- | M] () -- F:\WINDOWS\tasks\At1.job [2012/04/02 14:53:00 | 000,000,472 | ---- | M] () -- F:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job [2012/04/02 13:31:00 | 000,000,534 | ---- | M] () -- F:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task fac6fa8f-5e59-4e57-81c9-6fa39c0216b9.job [2012/04/02 11:13:00 | 000,000,350 | ---- | M] () -- F:\WINDOWS\tasks\At4.job [2012/04/02 08:53:00 | 000,000,472 | ---- | M] () -- F:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job [2012/04/02 05:41:00 | 000,000,350 | ---- | M] () -- F:\WINDOWS\tasks\At3.job [2012/04/02 02:53:00 | 000,000,472 | ---- | M] () -- F:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job [2012/04/02 02:00:00 | 000,000,534 | ---- | M] () -- F:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 849f22bd-6d4a-4591-82e8-e0b5f5ea9d73.job [2012/04/01 23:46:00 | 000,000,350 | ---- | M] () -- F:\WINDOWS\tasks\At2.job [2012/04/01 21:23:44 | 000,000,659 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/04/01 21:06:53 | 024,967,944 | ---- | M] () -- F:\Documents and Settings\Glenna Montgomery\Desktop\HiddenMystRoyalFamilySecretsSG.exe [2012/04/01 20:53:00 | 000,000,472 | ---- | M] () -- F:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2012/04/01 13:33:15 | 000,279,744 | ---- | M] () -- F:\WINDOWS\System32\FNTCACHE.DAT [2012/03/29 19:54:21 | 000,000,914 | ---- | M] () -- F:\Documents and Settings\Glenna Montgomery\Desktop\Phenomenon City of Cyan.lnk [2012/03/27 21:31:40 | 000,012,288 | ---- | M] () -- F:\Documents and Settings\Glenna Montgomery\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/03/27 17:32:00 | 000,000,352 | ---- | M] () -- F:\WINDOWS\tasks\At5.job [2012/03/22 17:41:10 | 000,000,036 | -H-- | M] () -- F:\WINDOWS\System32\f9t.dat [2012/03/18 17:17:30 | 000,293,992 | ---- | M] () -- F:\WINDOWS\System32\nvdrsdb1.bin [2012/03/18 17:17:30 | 000,000,001 | ---- | M] () -- F:\WINDOWS\System32\nvdrssel.bin [2012/03/18 17:17:28 | 000,000,026 | ---- | M] () -- F:\WINDOWS\System32\nvModes.dat [2012/03/18 17:17:19 | 000,293,992 | ---- | M] () -- F:\WINDOWS\System32\nvdrsdb0.bin [2012/03/18 17:11:42 | 000,000,000 | ---- | M] () -- F:\WINDOWS\System32\nvdrswr.lk [2012/03/18 16:40:36 | 000,190,619 | ---- | M] () -- F:\WINDOWS\System32\nvapps.xml [2012/03/18 14:03:53 | 000,228,973 | ---- | M] () -- F:\WINDOWS\hpwins23.dat [2012/03/16 16:09:04 | 000,001,808 | ---- | M] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012/03/16 15:41:31 | 000,000,905 | ---- | M] () -- F:\Documents and Settings\Glenna Montgomery\Desktop\Flower of Immortality.lnk [2012/03/16 09:18:56 | 000,002,625 | ---- | M] () -- F:\WINDOWS\System32\CONFIG.NT [2012/03/15 20:51:43 | 000,001,374 | ---- | M] () -- F:\WINDOWS\imsins.BAK [2012/03/11 19:24:53 | 000,000,779 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\CyberLink PowerDVD.lnk [2012/03/11 16:09:13 | 000,000,827 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\CyberLink Hi-Def Suite.lnk [2012/03/06 17:15:19 | 000,041,184 | ---- | M] (AVAST Software) -- F:\WINDOWS\avastSS.scr [2012/03/06 17:15:14 | 000,201,352 | ---- | M] (AVAST Software) -- F:\WINDOWS\System32\aswBoot.exe [2012/03/06 17:03:51 | 000,612,184 | ---- | M] (AVAST Software) -- F:\WINDOWS\System32\drivers\aswSnx.sys [2012/03/06 17:03:38 | 000,337,880 | ---- | M] (AVAST Software) -- F:\WINDOWS\System32\drivers\aswSP.sys [2012/03/06 17:02:00 | 000,035,672 | ---- | M] (AVAST Software) -- F:\WINDOWS\System32\drivers\aswRdr.sys [2012/03/06 17:01:53 | 000,053,848 | ---- | M] (AVAST Software) -- F:\WINDOWS\System32\drivers\aswTdi.sys [2012/03/06 17:01:39 | 000,095,704 | ---- | M] (AVAST Software) -- F:\WINDOWS\System32\drivers\aswmon2.sys [2012/03/06 17:01:35 | 000,089,048 | ---- | M] (AVAST Software) -- F:\WINDOWS\System32\drivers\aswmon.sys [2012/03/06 17:01:30 | 000,020,696 | ---- | M] (AVAST Software) -- F:\WINDOWS\System32\drivers\aswFsBlk.sys [2012/03/06 16:58:29 | 000,024,920 | ---- | M] (AVAST Software) -- F:\WINDOWS\System32\drivers\aavmker4.sys [69 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ] [5 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> ] [46 F:\WINDOWS\System32\dllcache\*.tmp files -> F:\WINDOWS\System32\dllcache\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/04/02 20:58:12 | 000,000,761 | ---- | C] () -- F:\Documents and Settings\Glenna Montgomery\Desktop\Toolbar Cleaner.lnk [2012/04/02 20:44:24 | 000,000,000 | -HS- | C] () -- F:\DkHyperbootSync [2012/04/01 21:23:44 | 000,000,659 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/04/01 21:01:14 | 024,967,944 | ---- | C] () -- F:\Documents and Settings\Glenna Montgomery\Desktop\HiddenMystRoyalFamilySecretsSG.exe [2012/03/29 19:54:21 | 000,000,914 | ---- | C] () -- F:\Documents and Settings\Glenna Montgomery\Desktop\Phenomenon City of Cyan.lnk [2012/03/18 17:11:42 | 000,293,992 | ---- | C] () -- F:\WINDOWS\System32\nvdrsdb1.bin [2012/03/18 17:11:42 | 000,293,992 | ---- | C] () -- F:\WINDOWS\System32\nvdrsdb0.bin [2012/03/18 17:11:42 | 000,000,001 | ---- | C] () -- F:\WINDOWS\System32\nvdrssel.bin [2012/03/18 17:11:42 | 000,000,000 | ---- | C] () -- F:\WINDOWS\System32\nvdrswr.lk [2012/03/18 17:11:23 | 002,784,050 | ---- | C] () -- F:\WINDOWS\System32\nvdata.data [2012/03/18 17:11:23 | 000,007,843 | ---- | C] () -- F:\WINDOWS\System32\nvinfo.pb [2012/03/16 16:09:18 | 000,001,077 | ---- | C] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Windows Live ID.lnk [2012/03/16 16:09:04 | 000,001,808 | ---- | C] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012/03/16 16:08:37 | 000,000,731 | ---- | C] () -- F:\Documents and Settings\All Users\Start Menu\Programs\I.R.I.S. OCR Registration.lnk [2012/03/16 16:06:06 | 000,186,662 | ---- | C] () -- F:\WINDOWS\hpwins23.dat.temp [2012/03/16 16:06:06 | 000,002,075 | ---- | C] () -- F:\WINDOWS\hpwmdl23.dat.temp [2012/03/16 15:41:31 | 000,000,905 | ---- | C] () -- F:\Documents and Settings\Glenna Montgomery\Desktop\Flower of Immortality.lnk [2012/03/11 19:24:53 | 000,000,779 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\CyberLink PowerDVD.lnk [2012/03/11 16:17:39 | 000,000,289 | ---- | C] () -- F:\WINDOWS\lgfwup.ini [2012/03/11 16:14:32 | 000,486,766 | ---- | C] () -- F:\WINDOWS\CLBUDF.tbl [2012/03/11 16:09:13 | 000,000,827 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\CyberLink Hi-Def Suite.lnk [2012/02/14 12:41:12 | 000,003,072 | ---- | C] () -- F:\WINDOWS\System32\iacenc.dll [2011/11/11 04:53:20 | 000,228,973 | ---- | C] () -- F:\WINDOWS\hpwins23.dat [2011/11/11 04:53:20 | 000,002,075 | ---- | C] () -- F:\WINDOWS\hpwmdl23.dat [2011/11/07 17:11:25 | 000,049,152 | ---- | C] () -- F:\WINDOWS\System32\JJAKEn.dll [2011/09/18 14:03:00 | 000,000,026 | ---- | C] () -- F:\WINDOWS\System32\nvModes.dat [2011/05/08 10:47:32 | 000,000,036 | -H-- | C] () -- F:\WINDOWS\System32\f9t.dat [2010/12/30 22:43:52 | 000,000,056 | -H-- | C] () -- F:\WINDOWS\System32\ezsidmv.dat [2010/11/26 22:15:07 | 000,000,000 | ---- | C] () -- F:\WINDOWS\OPPRIN~1.INI [2010/11/20 11:34:45 | 000,054,016 | ---- | C] () -- F:\WINDOWS\System32\drivers\rxlktj.sys [2010/04/21 21:15:09 | 000,003,716 | R--- | C] () -- F:\WINDOWS\System32\drivers\V0230FwH.bin [2010/04/21 21:15:09 | 000,003,716 | R--- | C] () -- F:\WINDOWS\System32\drivers\V0230FwF.bin ========== Alternate Data Streams ========== @Alternate Data Stream - 96 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:D48500F8 @Alternate Data Stream - 238 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:3CAE2A70 @Alternate Data Stream - 222 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:A4E7D25F @Alternate Data Stream - 219 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:E2CFA9CD @Alternate Data Stream - 218 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:927EC486 @Alternate Data Stream - 215 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:ECF3C50F @Alternate Data Stream - 207 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:F610C203 @Alternate Data Stream - 206 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:DA5888A7 @Alternate Data Stream - 204 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:87A3A233 @Alternate Data Stream - 203 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:9FD757A9 @Alternate Data Stream - 199 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:397D67BA @Alternate Data Stream - 197 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:A866F8A3 @Alternate Data Stream - 191 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:8E5EA40F @Alternate Data Stream - 184 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:18DEBC51 @Alternate Data Stream - 180 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:4CD3F344 @Alternate Data Stream - 173 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:587F3582 @Alternate Data Stream - 171 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:6EE8565A @Alternate Data Stream - 168 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:4FE42FFC @Alternate Data Stream - 165 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:B4258C5D @Alternate Data Stream - 161 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:ED0B32CA @Alternate Data Stream - 160 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:FB4262DE @Alternate Data Stream - 143 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:C49A5AD1 @Alternate Data Stream - 142 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:AA0017FD @Alternate Data Stream - 139 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:CA23BCFD @Alternate Data Stream - 138 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:E6708F08 @Alternate Data Stream - 138 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:C5DC2B0C @Alternate Data Stream - 138 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:B2CB0E61 @Alternate Data Stream - 138 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:985A63CF @Alternate Data Stream - 138 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:54380FEC @Alternate Data Stream - 137 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:E7367C77 @Alternate Data Stream - 137 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:4D551822 @Alternate Data Stream - 137 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:021496FB @Alternate Data Stream - 136 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:B3C7433B @Alternate Data Stream - 135 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:F0EDC13A @Alternate Data Stream - 135 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:D026A5A4 @Alternate Data Stream - 134 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:F5D01D7C @Alternate Data Stream - 134 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:E0888117 @Alternate Data Stream - 134 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:689AB7E9 @Alternate Data Stream - 134 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:33CF835F @Alternate Data Stream - 134 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:2AE74FF9 @Alternate Data Stream - 133 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:ED2D63E4 @Alternate Data Stream - 133 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:A6F30843 @Alternate Data Stream - 132 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:2C86E2AD @Alternate Data Stream - 132 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:17EB5BAE @Alternate Data Stream - 131 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:E5496666 @Alternate Data Stream - 130 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:9B9085E9 @Alternate Data Stream - 130 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:1A052BF6 @Alternate Data Stream - 130 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:14B2E0BD @Alternate Data Stream - 128 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:BEACE4C8 @Alternate Data Stream - 128 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:B0456F0C @Alternate Data Stream - 128 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:A76A1B1B @Alternate Data Stream - 128 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:697DDE2B @Alternate Data Stream - 127 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:F5B51004 @Alternate Data Stream - 127 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:7C8AA9A6 @Alternate Data Stream - 127 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:012BC84F @Alternate Data Stream - 126 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:E5B07840 @Alternate Data Stream - 126 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:A8B4A032 @Alternate Data Stream - 126 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:9C3AAD57 @Alternate Data Stream - 126 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:6E2D80C8 @Alternate Data Stream - 126 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:6A0A47E7 @Alternate Data Stream - 126 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:65137F0D @Alternate Data Stream - 125 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:474022C7 @Alternate Data Stream - 124 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:E4EE99EF @Alternate Data Stream - 124 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:57B2B96C @Alternate Data Stream - 124 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:26499772 @Alternate Data Stream - 123 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:D92485C9 @Alternate Data Stream - 123 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:891E6CB1 @Alternate Data Stream - 122 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:D31BE97C @Alternate Data Stream - 122 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:C928F3BE @Alternate Data Stream - 122 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:B30D9A49 @Alternate Data Stream - 120 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:DBC3D477 @Alternate Data Stream - 120 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:BB8B6B1E @Alternate Data Stream - 120 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:AD2DB2F9 @Alternate Data Stream - 119 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:E8C44CB4 @Alternate Data Stream - 119 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:902C848D @Alternate Data Stream - 119 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:2AF322BF @Alternate Data Stream - 118 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:E6BEADB7 @Alternate Data Stream - 117 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:6C99C213 @Alternate Data Stream - 116 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:98DFF516 @Alternate Data Stream - 115 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:3595B780 @Alternate Data Stream - 115 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:34EFF1F2 @Alternate Data Stream - 115 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:28BEC2EC @Alternate Data Stream - 114 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:25249477 @Alternate Data Stream - 114 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51 @Alternate Data Stream - 114 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:1CB4A530 @Alternate Data Stream - 114 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:02F30776 @Alternate Data Stream - 112 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:B9B3B2FE @Alternate Data Stream - 112 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:774C075A @Alternate Data Stream - 112 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:75798D9A @Alternate Data Stream - 112 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:2F8138B7 @Alternate Data Stream - 111 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:5F95AE81 < End of report >
  3. Please help! Searchnu has taken over my Firefox toolbar which was set to igoogle. What can I do? Thanks so much glenna
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.