Inactive [A] Hard drive clusters are partly damaged issue!

ShannonD · Jan 3, 2012

Ok I have Uniblue registry and registry easy v.5.6 removed but I am having a problem getting rid of the asktoolbar...I closed down everything and when I click on uninstall it gives me a prompt saying "All internet explorer browsers should be closed etc" close all browser and click ok to proceed...I did that but it wont continue on!

Broni · Jan 3, 2012

Go on with OTL. We'll remove it manually.

ShannonD · Jan 3, 2012

OTL Extras logfile created on: 1/3/2012 12:38:47 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Guest\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 58.39% Memory free
5.70 Gb Paging File | 4.59 Gb Available in Paging File | 80.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.16 Gb Total Space | 5.38 Gb Free Space | 1.87% Space Free | Partition Type: NTFS
Drive D: | 10.92 Gb Total Space | 1.82 Gb Free Space | 16.68% Space Free | Partition Type: NTFS

Computer Name: SHANNON-PC | User Name: Shannon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1590791344-3878488123-162718608-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-1590791344-3878488123-162718608-501\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{081ABA84-3EA3-4A25-B69D-DA92143BAE5E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0D1251BA-7C59-4D5F-8044-ACF2C53121AD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{19A5A66B-D829-421F-BB14-16EC4FD6DD91}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1B361179-F612-4779-AFE2-3C88C2EA1599}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1F98BC34-208F-4D36-8C3B-E8DCA4479E80}" = rport=137 | protocol=17 | dir=out | app=system |
"{23E5B924-FCA9-4CFE-BB5F-627C132A181E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2B4B4434-EB9C-4306-A825-5474C311957A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2E16E54D-A5BD-41FB-86C3-30AFACB27278}" = lport=138 | protocol=17 | dir=in | app=system |
"{365F1679-9165-40DA-A961-1F413CA924DF}" = lport=137 | protocol=17 | dir=in | app=system |
"{4F0D0385-E89C-46B5-8BAA-0596FBB1023B}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{56641791-40D6-4CC6-A20B-B1563F95B3FB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{57015774-0988-4B99-8557-AE0FD6BB4B52}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5FDF2EF5-F363-4D29-B1BF-5416B25BA8F3}" = lport=139 | protocol=6 | dir=in | app=system |
"{7B3BB199-F763-48A1-AC3D-72843DC228C1}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{84F6D3A1-60CA-4896-AC48-2F20A2C552C9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{A151D3F6-677A-43A3-B132-3508550B6DF0}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B0013BBE-A827-4C63-842B-5F5312E897D7}" = rport=138 | protocol=17 | dir=out | app=system |
"{B86AC98D-1076-4155-B849-DBB4A751EDFB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B880A96A-002D-4283-878F-D3F2A33DBE71}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BB6B9C04-EC8A-4126-AD7E-5B71E8D33D1C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C35ADE4F-AF43-4229-AAF7-418C643039C7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CB48E5AF-E158-4865-A3FE-F1B95D352B1F}" = rport=139 | protocol=6 | dir=out | app=system |
"{CCCA314D-C4D9-4826-B227-0A635CD3328E}" = rport=2869 | protocol=6 | dir=out | app=system |
"{CE29EBAD-8ACF-46E0-80D8-41D79249CB1D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D7DAE511-640C-49C2-B96B-3CA02D663377}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{DA7DE9A0-1EB8-4AA5-928E-ACC7DD3B9E6F}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DD2C31C7-13F5-48AA-BE47-303306FC3FF7}" = rport=445 | protocol=6 | dir=out | app=system |
"{F4A5702F-ABD9-4B50-B746-31EC21D8B6F9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F90AF489-4216-482F-9268-216E81000464}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06091E21-E490-4F49-B7E5-57D60B8377FA}" = protocol=6 | dir=in | app=c:\program files\premieropinion\pmropn.exe |
"{2194EAE2-8764-4702-AB39-729311DE16BA}" = protocol=6 | dir=in | app=c:\program files\socialribbons lp2\troubleshooter.exe |
"{252D52D1-0C9A-49DC-8501-677C7F7EE20B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2E7B065A-1A06-4B61-B4DF-6147C3D9427E}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{30EA2448-1682-437D-8FEF-6495235D4ED4}" = protocol=17 | dir=in | app=c:\program files\socialribbons lp2\troubleshooter.exe |
"{36DCC2B4-6951-464C-945F-698AABAC1C0F}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{3AF6947B-8DDD-4CEC-A440-1219DB5F3BCD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{43505108-504E-4899-8855-4F93F0630BCE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{43990CC4-031A-48C2-83FD-EAFA795DCA1D}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{43EA5645-3669-4144-AD6A-9B563C284F72}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{5D622E11-C273-4E5F-B64A-F8F77DD0001F}" = protocol=6 | dir=in | app=c:\program files\dogpile bundle toolbar\toolbarupdate.exe |
"{5E8DE769-3278-4490-9387-C25158999200}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{60F58462-3C86-464E-8CAE-04A050305979}" = protocol=6 | dir=in | app=c:\program files\dogpile bundle toolbar\troubleshooter.exe |
"{62E484C2-1FC1-47C7-87B9-200A27B54B0E}" = protocol=6 | dir=in | app=c:\windows\temp\~osb2cf.tmp\pmropn.exe |
"{66A5CB49-6D83-4D84-A32B-E439E9A4B050}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{76DB6E70-7C7F-4715-9A3B-9D83757F38B1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7EB95B48-7595-4EA5-98A0-5FDEE46049D9}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{83BA1A19-02E3-4EFF-9CAF-E54665A95F7C}" = protocol=6 | dir=in | app=c:\users\shannon\appdata\local\temp\~osbd1e.tmp\pmropn.exe |
"{851D68D5-6512-480F-AAFE-73C05AEC5490}" = protocol=17 | dir=in | app=c:\program files\premieropinion\pmropn.exe |
"{87FE620C-7054-48F4-88D3-0AB3131A0B5D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{89D4F38D-B561-4945-9803-8C9543607C15}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9B887254-3AB4-456E-818C-B7310BD9CD6E}" = protocol=6 | dir=in | app=c:\windows\temp\~os8497.tmp\pmropn.exe |
"{9C7717E3-755A-4803-AF0A-E47F12009A4C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{9C7751E8-7746-4803-B213-A1A977D27CB4}" = protocol=6 | dir=in | app=c:\windows\temp\~osf01b.tmp\pmropn.exe |
"{9C92E309-ADCF-4859-A3B2-0847A3B690D0}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{ADE3CC67-F1A3-4D2D-8B70-F7F4A6415850}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{AE2B96FF-8997-4123-A3A5-9199DE9186DE}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{B1E1B75C-FBB5-497A-B2E4-A2AA4F265FBF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B44E2FD0-93E3-414A-B714-014F126A51EA}" = protocol=6 | dir=in | app=c:\program files\premieropinion\pmropn.exe |
"{BB24ED9B-7E39-4A27-B2E9-F39D74F4B946}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{BBEDADF2-E5F4-43BD-A208-0F5A3754C8D5}" = protocol=17 | dir=in | app=c:\program files\dogpile bundle toolbar\toolbarupdate.exe |
"{C1C08470-1EB0-4610-BF5F-545360846871}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{C4ABEFFB-1C47-4164-9375-0B1B111BDC7A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D2A2F4DC-2469-412E-9D3D-EED0FEF36813}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{D5D714F3-5B50-4379-8958-F8CFA73CD5DE}" = protocol=17 | dir=in | app=c:\program files\dogpile bundle toolbar\troubleshooter.exe |
"{E5B0BD99-6C79-4FAE-821B-FC0302CA18FE}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{EB377BE4-59FB-4A3A-A67E-0B456CB5F570}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FBFE283F-78C4-4486-A769-84BA731DE830}" = protocol=17 | dir=in | app=c:\program files\premieropinion\pmropn.exe |
"TCP Query User{45E6FFEE-3278-41AD-BC1B-7E782D2144E8}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{5F680B21-354C-4440-B7E2-D068C0BE2340}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{6B4D6B5A-73AA-4C3D-9EBA-36542F2EDDD7}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{9E8AEDE8-E866-4178-83FC-0EB1C4F4713A}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{A09BEC35-DCB4-4761-BD22-6B2F854CC5C5}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"TCP Query User{B2268AD7-7AB3-4943-8744-A4D6A412AC5D}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"UDP Query User{381FCE71-8E06-46E7-9525-852D35792377}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{4449B9FB-C7E0-4A79-883B-5DD54015A636}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{803BB790-5414-4950-8A44-3DEB65B30E4E}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"UDP Query User{9EF3C674-6AB3-4155-8167-255260D4BFCB}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{A1A1F382-829F-4080-9073-43BF35CA30FF}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{B547F913-36F3-4937-9C1E-912C6AF8E75F}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{029B5901-1F27-4347-9923-E8ACC8F54E15}" = Snapfish Picture Mover
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40A594D0-1490-4979-9382-D2B764F949C6}" = BlackBerry® Media Sync
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4475560E-9418-4908-A158-472D873AE139}" = LogMeIn
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E4F8163-9889-4BAB-B2E7-DBAAE248C1EB}" = LG Android Driver
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{665CBCA4-5AB0-414B-A288-3F8F99FEFC45}" = HP User Guides 0118
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70272964-C468-4C5F-8246-AA2CABA75941}" = Roxio Easy Media Creator 9 Suite
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{86C0E2A3-1EDA-4F01-A43D-80DA8642813C}_is1" = GameTap Web Player
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99ED894F-60CF-4D71-A645-442CD041D595}" = Susteen Launcher
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AB6E9CF7-7A9B-4973-9A1D-96FB27F4B6AC}" = DataPilot
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2F3FB19-D848-479C-818E-130ABC9366DB}" = BlackBerry Device Software Updater
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"{D4259423-E56A-4979-AD19-83EB3CAD23D6}" = Convergys Health Checker
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD1E51DF-C3C0-400C-A0D7-C67DB49C9D9C}" = RingtoneJunkiez Desktop
"{E2AE8456-CCFE-46C0-8629-71CC507660FC}" = LG SP USB Driver
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FBA0CA60-8BF2-4381-B819-74F020E165A9}" = LG USB WML Modem Driver
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"BlackBerry_{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Dogpile Bundle Toolbar" = Dogpile Bundle Toolbar
"EpicPlay" = EpicPlay
"FrostWire" = FrostWire 4.21.8
"GOM Player" = GOM Player
"Guffinsbar Uninstall" = Guffins
"InfraRecorder" = InfraRecorder
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{99ED894F-60CF-4D71-A645-442CD041D595}" = Susteen Launcher
"InstallShield_{AB6E9CF7-7A9B-4973-9A1D-96FB27F4B6AC}" = DataPilot
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"LimeWire" = LimeWire 5.5.8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox 8.0.1 (x86 en-US)" = Mozilla Firefox 8.0.1 (x86 en-US)
"NVIDIA Drivers" = NVIDIA Drivers
"PROPLUS" = Microsoft Office Professional Plus 2007
"Retrogamer_2zbar Uninstall" = Retrogamer
"SocialRibbons LP2" = SocialRibbons LP2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.9
"WBFS Manager 3.0" = WBFS Manager 3.0
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 beta 7 (32-bit)
"World of Warcraft" = World of Warcraft
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1590791344-3878488123-162718608-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FoxTab FLV Player" = FoxTab FLV Player
"Google Chrome" = Google Chrome
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"UnityWebPlayer" = Unity Web Player

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1590791344-3878488123-162718608-501\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

ShannonD · Jan 3, 2012

OTL logfile created on: 1/3/2012 12:55:38 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Guest\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 55.34% Memory free
5.73 Gb Paging File | 4.58 Gb Available in Paging File | 79.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.16 Gb Total Space | 3.53 Gb Free Space | 1.23% Space Free | Partition Type: NTFS
Drive D: | 10.92 Gb Total Space | 1.82 Gb Free Space | 16.68% Space Free | Partition Type: NTFS

Computer Name: SHANNON-PC | User Name: Shannon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/03 12:36:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Guest\Downloads\OTL.exe
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/11/29 10:56:06 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/05/17 12:29:46 | 000,395,144 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011/04/22 19:03:22 | 000,036,864 | ---- | M] (Retrogamer) -- C:\Program Files\Retrogamer_2z\bar\2.bin\2zbarsvc.exe
PRC - [2011/04/22 19:03:22 | 000,027,648 | ---- | M] (Retrogamer) -- C:\Program Files\Retrogamer_2z\bar\2.bin\2zbrmon.exe
PRC - [2011/03/22 11:11:32 | 000,036,864 | ---- | M] (Guffins) -- C:\Program Files\Guffins\bar\2.bin\u4barsvc.exe
PRC - [2011/03/22 11:11:32 | 000,027,648 | ---- | M] (Guffins) -- C:\Program Files\Guffins\bar\2.bin\u4brmon.exe
PRC - [2011/02/01 12:04:23 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/09/15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/05/04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2010/01/27 11:22:02 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2009/04/20 12:24:22 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/06 11:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe

========== Modules (No Company Name) ==========

MOD - [2011/11/29 10:56:06 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/06/28 09:47:33 | 006,271,648 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2007/08/14 15:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/07/12 15:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007/07/12 15:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/22 19:03:22 | 000,036,864 | ---- | M] (Retrogamer) [Auto | Running] -- C:\Program Files\Retrogamer_2z\bar\2.bin\2zbarsvc.exe -- (Retrogamer_2zService)
SRV - [2011/03/22 11:11:32 | 000,036,864 | ---- | M] (Guffins) [Auto | Running] -- C:\Program Files\Guffins\bar\2.bin\u4barsvc.exe -- (GuffinsService)
SRV - [2011/02/01 12:04:46 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011/02/01 12:04:35 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2011/02/01 12:04:23 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/05/04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/06 11:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2012/01/03 12:33:00 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{73C55698-AC0B-4C35-BD85-19DD054BCBDE}\MpKsl9acf6940.sys -- (MpKsl9acf6940)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/02/01 12:04:25 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/03/25 20:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/01/27 11:22:02 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/01/27 11:22:02 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2009/07/23 20:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/12/20 02:01:46 | 001,093,120 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/11/11 12:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 12:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbgps.sys -- (UsbGps)
DRV - [2008/11/11 12:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 12:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008/04/24 17:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/01/29 08:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/20 21:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007/10/17 18:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/10/27 11:19:26 | 000,050,688 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RxFilter.sys -- (RxFilter)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=ZUGO&form=ZGAPHP
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..\URLSearchHook: {2b2505fa-fd68-0144-9128-cd617bdca8c2} - C:\Program Files\SocialRibbons LP2\Helper.dll ()
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..\URLSearchHook: {c3d3840c-12ea-4461-a61d-190555fecc82} - C:\Program Files\Guffins\bar\2.bin\u4SrcAs.dll (Guffins)
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..\URLSearchHook: {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - C:\Program Files\Dogpile Bundle Toolbar\Helper.dll ()
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:58189

IE - HKU\S-1-5-21-1590791344-3878488123-162718608-501\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-501\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-501\..\URLSearchHook: {1c583e40-0629-4bb9-ab68-1cf539f2f782} - No CLSID value found
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-501\..\URLSearchHook: {c3d3840c-12ea-4461-a61d-190555fecc82} - C:\Program Files\Guffins\bar\2.bin\u4SrcAs.dll (Guffins)
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-501\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.selectedEngine: "Search the Web"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: GameTapPlayer@gametap.com:4.4.0.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: searchtoolbar@zugo.com:1.2
FF - prefs.js..extensions.enabledItems: {0dd5ab7a-9db5-0aa4-e914-7148cd6c0afc}:1.300.371
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.6.0.10
FF - prefs.js..extensions.enabledItems: u4ffxtbr@Guffins.com:1.2
FF - prefs.js..extensions.enabledItems: 2zffxtbr@Retrogamer_2z.com:1.2
FF - prefs.js..extensions.enabledItems: chachaguidebar@chacha.com:1.2
FF - prefs.js..keyword.URL: "http://s.mysearch.com/search/GGmain.jhtml?id=YJxdm0286Dus&ptb=DDCAF1EA-A1B4-4B4B-B3D6-AA3B78E5A46A&psa=&ind=2011021119&ptnrS=YJxdm0286Dus&si=13760&st=kwd&n=77ddbf3f&searchfor="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 58189

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Guffins.com/Plugin: C:\Program Files\Guffins\bar\2.bin\NPu4Stub.dll (Guffins)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Retrogamer_2z.com/Plugin: C:\Program Files\Retrogamer_2z\bar\2.bin\NP2zStub.dll (Retrogamer)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Shannon\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Shannon\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Shannon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\PremierOpinion
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\u4ffxtbr@Guffins.com: C:\Program Files\Guffins\bar\2.bin [2011/10/14 10:04:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\2zffxtbr@Retrogamer_2z.com: C:\Program Files\Retrogamer_2z\bar\2.bin [2012/01/02 20:28:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/29 10:56:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/24 14:32:56 | 000,000,000 | ---D | M]

[2010/04/02 06:04:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Extensions
[2010/04/02 06:04:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2011/12/07 11:27:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\extensions
[2011/08/14 15:35:22 | 000,000,000 | ---D | M] (SocialRibbons LP2) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\extensions\{0dd5ab7a-9db5-0aa4-e914-7148cd6c0afc}
[2010/06/16 14:30:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/07 11:27:42 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/10/13 10:22:02 | 000,000,000 | ---D | M] (Retrogamer) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\extensions\2zffxtbr@Retrogamer_2z.com
[2011/08/23 10:31:14 | 000,000,000 | ---D | M] (ChaCha Guide App Toolbar) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\extensions\chachaguidebar@chacha.com
[2011/06/24 10:29:57 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\extensions\engine@conduit.com
[2011/10/13 10:21:59 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\extensions\m3ffxtbr@mywebsearch.com
[2011/05/16 09:07:39 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\extensions\searchtoolbar@zugo.com
[2011/11/19 11:12:36 | 000,000,000 | ---D | M] (EpicPlay Games) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\extensions\textlinks@epicplay.com
[2011/12/15 10:51:06 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\extensions\toolbar@ask.com
[2011/10/14 10:04:15 | 000,000,000 | ---D | M] (Guffins) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\extensions\u4ffxtbr@Guffins.com
[2011/08/14 15:35:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\extensions\{0dd5ab7a-9db5-0aa4-e914-7148cd6c0afc}\chrome\content\dca\core\extensionManager
[2011/02/14 11:01:35 | 000,009,959 | ---- | M] () -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\searchplugins\Guffins.xml
[2010/11/20 19:01:36 | 000,010,058 | ---- | M] () -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\searchplugins\mywebsearch.xml
[2011/03/14 10:30:08 | 000,009,980 | ---- | M] () -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\searchplugins\Retrogamer_2z.xml
[2011/08/23 10:29:50 | 000,001,276 | ---- | M] () -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\searchplugins\search-the-web.xml
[2011/11/29 10:56:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/03/12 13:39:16 | 000,000,000 | ---D | M] (GameTap) -- C:\Program Files\Mozilla Firefox\extensions\GameTapPlayer@gametap.com
[2011/11/29 10:56:07 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/14 13:34:54 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/09 10:32:07 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2011/11/29 10:56:07 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllefkbpbefdodiiefpkcnigpicmhohe\
CHR - Extension: No name found = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\neghaibmbjedngldjldidfoobmkkfkle\2\
CHR - Extension: EpicPlay = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\plccnhhjonaiagjelpfkclblmlppjcik\

O1 HOSTS File: ([2012/01/03 10:09:27 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (Toolbar BHO) - {a916eefe-6a17-4d7d-a131-2738b260bb55} - C:\Program Files\Guffins\bar\2.bin\u4bar.dll (Guffins)
O2 - BHO: (SocialRibbons LP2) - {AE92E5DE-20F7-9934-D515-7BE13880A842} - C:\Program Files\SocialRibbons LP2\Toolbar.dll ()
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Common Files\FreeCause\DCA\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Dogpile Bundle Toolbar BHO) - {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Search Assistant BHO) - {d6a34acb-76fa-4a14-88ea-5d54797a2028} - C:\Program Files\Guffins\bar\2.bin\u4SrcAs.dll (Guffins)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Guffins) - {de2fdf7c-2637-4ba3-b427-3fce2d331db5} - C:\Program Files\Guffins\bar\2.bin\u4bar.dll (Guffins)
O3 - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..\Toolbar\WebBrowser: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..\Toolbar\WebBrowser: (Guffins) - {DE2FDF7C-2637-4BA3-B427-3FCE2D331DB5} - C:\Program Files\Guffins\bar\2.bin\u4bar.dll (Guffins)
O3 - HKU\S-1-5-21-1590791344-3878488123-162718608-501\..\Toolbar\WebBrowser: (no name) - {54BA686E-738F-42FE-BADD-D8CB7CFBC07E} - No CLSID value found.
O3 - HKU\S-1-5-21-1590791344-3878488123-162718608-501\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-21-1590791344-3878488123-162718608-501\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1590791344-3878488123-162718608-501\..\Toolbar\WebBrowser: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKU\S-1-5-21-1590791344-3878488123-162718608-501\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1590791344-3878488123-162718608-501\..\Toolbar\WebBrowser: (Guffins) - {DE2FDF7C-2637-4BA3-B427-3FCE2D331DB5} - C:\Program Files\Guffins\bar\2.bin\u4bar.dll (Guffins)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [Guffins Browser Plugin Loader] C:\Program Files\Guffins\bar\2.bin\u4brmon.exe (Guffins)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Retrogamer_2z Browser Plugin Loader] C:\Program Files\Retrogamer_2z\bar\2.bin\2zbrmon.exe (Retrogamer)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKU\S-1-5-21-1590791344-3878488123-162718608-501..\Run: [tNWFkRdJVp.exe] C:\ProgramData\tNWFkRdJVp.exe File not found
O4 - Startup: C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1590791344-3878488123-162718608-501\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..Trusted Domains: convergysworkathome.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-1590791344-3878488123-162718608-501\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} Reg Error: Key error. (GameTap Player)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} http://www.convergysworkathome.com/AppHardT.CAB (WNICheck2 Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.94.88.41 208.94.88.15
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18A369F1-157D-4FC1-9A35-075C193B01A2}: DhcpNameServer = 208.94.88.41 208.94.88.15
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42FEA2AA-699A-4F92-AE8B-F491FAC33FC9}: NameServer = 75.116.63.154 75.116.127.154
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Shannon\Pictures\Wallpapers\1305604366358.jpg
O24 - Desktop BackupWallPaper: C:\Users\Shannon\Pictures\Wallpapers\1305604366358.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/03 10:11:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/01/03 10:11:39 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/01/03 10:11:39 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\temp
[2012/01/02 20:17:22 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/02 13:35:29 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2006/09/14 10:32:20 | 000,028,672 | R--- | C] ( ) -- C:\Windows\System32\DivXGraphBuilderCallback.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/03 12:46:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1590791344-3878488123-162718608-1000UA.job
[2012/01/03 12:37:52 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/03 12:37:52 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/03 12:34:43 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012/01/03 12:34:30 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/03 12:33:09 | 000,436,976 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/03 12:32:58 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/03 12:32:57 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/03 12:32:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/03 12:32:26 | 2951,041,024 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/03 12:16:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/03 10:09:27 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/01/02 18:42:37 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/02 10:46:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1590791344-3878488123-162718608-1000Core.job
[2011/12/28 10:53:15 | 000,111,909 | ---- | M] () -- C:\Users\Shannon\Desktop\374968_10150986454040858_688840857_22062250_1349730202_n.jpg
[2011/12/19 16:49:02 | 000,002,052 | ---- | M] () -- C:\Users\Shannon\Desktop\Google Chrome.lnk
[2011/12/19 16:49:02 | 000,002,014 | ---- | M] () -- C:\Users\Shannon\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/15 11:51:08 | 000,212,315 | ---- | M] () -- C:\Users\Shannon\Desktop\711f9f17-950e-4ec3-8b29-7e3ba3cc089dwallpaper.jpg
[2011/12/12 09:27:10 | 000,126,863 | ---- | M] () -- C:\Users\Shannon\Desktop\wpg-cc-stickangels1-s1.jpg
[2011/12/12 09:25:43 | 000,079,551 | ---- | M] () -- C:\Users\Shannon\Desktop\dsk-cc-angelfancies1-s1.jpg
[2011/12/12 09:25:12 | 000,082,357 | ---- | M] () -- C:\Users\Shannon\Desktop\dsk-cc-fallfancies1-s1.jpg
[2011/12/12 09:24:26 | 000,116,500 | ---- | M] () -- C:\Users\Shannon\Desktop\dsk-kids-angelantics1-s1.jpg
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/08 15:29:06 | 273,955,624 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/05 10:45:06 | 000,001,356 | ---- | M] () -- C:\Users\Shannon\AppData\Local\d3d9caps.dat
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/02 18:42:37 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/28 10:53:12 | 000,111,909 | ---- | C] () -- C:\Users\Shannon\Desktop\374968_10150986454040858_688840857_22062250_1349730202_n.jpg
[2011/12/15 11:51:31 | 000,212,315 | ---- | C] () -- C:\Users\Shannon\Desktop\711f9f17-950e-4ec3-8b29-7e3ba3cc089dwallpaper.jpg
[2011/12/12 09:27:09 | 000,126,863 | ---- | C] () -- C:\Users\Shannon\Desktop\wpg-cc-stickangels1-s1.jpg
[2011/12/12 09:25:42 | 000,079,551 | ---- | C] () -- C:\Users\Shannon\Desktop\dsk-cc-angelfancies1-s1.jpg
[2011/12/12 09:25:11 | 000,082,357 | ---- | C] () -- C:\Users\Shannon\Desktop\dsk-cc-fallfancies1-s1.jpg
[2011/12/12 09:24:24 | 000,116,500 | ---- | C] () -- C:\Users\Shannon\Desktop\dsk-kids-angelantics1-s1.jpg
[2010/11/08 07:52:05 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/11/03 14:56:31 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
[2010/06/19 21:17:04 | 000,024,206 | ---- | C] () -- C:\Users\Shannon\AppData\Roaming\UserTile.png
[2010/06/19 21:13:37 | 000,000,087 | ---- | C] () -- C:\Windows\Winsus0.dat
[2010/06/19 20:40:58 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2010/06/19 20:40:58 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2010/06/16 14:20:46 | 000,000,254 | ---- | C] () -- C:\Windows\wininit.ini
[2010/04/28 13:15:54 | 000,000,000 | ---- | C] () -- C:\Users\Shannon\AppData\Local\prvlcl.dat
[2010/02/02 09:56:59 | 000,001,356 | ---- | C] () -- C:\Users\Shannon\AppData\Local\d3d9caps.dat
[2010/01/28 19:05:11 | 000,038,400 | ---- | C] () -- C:\Users\Shannon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/16 07:44:23 | 000,000,252 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2009/07/16 07:09:44 | 000,003,948 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2009/04/20 12:05:17 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/04/20 12:05:17 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/11/10 08:17:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,436,976 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/10/26 22:02:40 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/10/26 22:02:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/03/09 09:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/07/15 13:36:35 | 000,524,288 | ---- | C] () -- C:\Windows\System32\DivXsm.exe
[2005/07/15 13:35:56 | 000,831,488 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2005/07/15 13:35:56 | 000,159,744 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2005/07/15 13:35:24 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2001/12/03 15:50:58 | 000,147,456 | R--- | C] () -- C:\Windows\System32\LTTLS13N.DLL
[2001/12/03 15:50:20 | 000,708,608 | R--- | C] () -- C:\Windows\System32\LTCRY13N.DLL
[2000/07/07 05:49:30 | 000,069,120 | R--- | C] () -- C:\Windows\System32\LTDLL.DLL
[2000/04/12 15:28:12 | 000,118,784 | R--- | C] () -- C:\Windows\System32\LFKODAK.DLL
[2000/04/12 15:24:10 | 000,338,944 | R--- | C] () -- C:\Windows\System32\LFFPX7.DLL

========== LOP Check ==========

[2011/12/28 20:29:01 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\BitTorrent
[2010/10/25 10:16:38 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Research In Motion
[2010/06/04 16:03:09 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Snapfish
[2011/09/10 13:48:14 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Unity
[2011/09/24 21:11:59 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\uTorrent
[2011/12/20 20:39:33 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\BitTorrent
[2010/06/23 11:37:00 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\Blackberry Desktop
[2011/08/21 10:38:52 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\FrostWire
[2010/01/30 16:57:02 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\funkitron
[2010/01/31 22:09:09 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\Gamelab
[2011/09/27 10:55:17 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\IMVU
[2011/09/13 13:07:37 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\IMVUClient
[2010/10/31 17:42:16 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\InfraRecorder
[2010/01/30 16:05:36 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\iWin
[2012/01/03 10:12:23 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\LimeWire
[2010/01/30 16:15:15 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\Ludia
[2010/02/03 01:06:02 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\nswb
[2010/02/01 16:54:36 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\PlayFirst
[2010/06/23 11:17:11 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\Research In Motion
[2010/01/28 16:45:12 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\Snapfish
[2011/08/01 14:32:45 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\uTorrent
[2010/01/28 21:09:39 | 000,000,000 | ---D | M] -- C:\Users\Shannon\AppData\Roaming\WildTangent
[2012/01/03 12:31:19 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010/06/30 20:26:55 | 000,001,024 | ---- | M] () -- C:\.rnd
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2008/01/20 21:24:42 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2012/01/03 12:32:26 | 2951,041,024 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/16 14:29:38 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/06/16 14:29:38 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/01/03 12:32:24 | 3264,942,080 | -HS- | M] () -- C:\pagefile.sys
[2012/01/03 10:20:56 | 000,000,370 | ---- | M] () -- C:\rkill.log

< %systemroot%\Fonts\*.com >
[2006/11/02 07:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 07:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 07:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
[2011/02/01 12:04:24 | 000,053,632 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\system32\spool\prtprocs\w32x86\LMIproc.dll
[2006/10/26 18:58:12 | 000,030,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 21:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/20 21:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008/01/20 22:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 22:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 22:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

ShannonD · Jan 3, 2012

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/06/21 17:21:19 | 000,000,574 | -HS- | M] () -- C:\Users\Shannon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010/06/19 21:06:03 | 079,920,210 | ---- | M] (Susteen ) -- C:\Users\Shannon\Desktop\DP060100_Setup.exe
[2011/02/11 19:11:13 | 000,211,008 | ---- | M] () -- C:\Users\Shannon\Desktop\Guffins.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/06/23 11:09:51 | 000,000,402 | -HS- | M] () -- C:\Users\Shannon\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2010/11/03 14:56:25 | 000,000,252 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2011/07/12 19:05:39 | 000,000,021 | ---- | M] () -- C:\ProgramData\hpqp.txt
[2010/11/08 07:52:05 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2009/07/16 07:48:00 | 000,000,032 | ---- | M] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2009/04/20 13:19:11 | 000,000,109 | ---- | M] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009/07/16 07:46:57 | 000,000,032 | ---- | M] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2009/04/20 13:12:41 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/07/16 07:45:00 | 000,000,032 | ---- | M] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2009/07/16 07:47:32 | 000,000,032 | ---- | M] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2009/04/20 13:10:47 | 000,000,107 | ---- | M] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2009/04/20 13:18:36 | 000,000,110 | ---- | M] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2009/07/16 07:48:10 | 000,000,105 | ---- | M] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

========== Files - Unicode (All) ==========
[2010/06/19 20:27:13 | 000,000,000 | ---D | M](C:\Users\Shannon\Favorites\?tsorted Bookmarks) -- C:\Users\Shannon\Favorites\�ţsorted Bookmarks

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\our board.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00242-20101024-1536.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00241-20101024-1536.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00240-20101024-1536.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00239-20101024-1532.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00238-20101024-1507.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00237-20101024-1507.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00236-20101024-1507.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00235-20101024-1507.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00234-20101024-1506.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00233-20101024-1505.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00232-20101024-1504.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00231-20101024-1504.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00230-20101024-1503.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00228-20101024-1502.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00227-20101024-1501.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00226-20101024-1501.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00225-20101024-1501.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00224-20101024-1500.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00222-20101024-1452.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00220-20101024-1451.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00219-20101024-1451.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00214-20101024-1447.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00212-20101024-1446.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00211-20101024-1446.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00210-20101024-1445.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00209-20101024-1444.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00208-20101024-1443.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00207-20101024-1440.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00206-20101024-1440.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00205-20101024-1439.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00204-20101024-1437.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00202-20101024-1436.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00201-20101024-1434.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00200-20101024-1433.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00199-20101024-1433.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00198-20101024-1432.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00197-20101024-1406.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00196-20101024-1406.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00195-20101024-1404.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00194-20101024-1403.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00193-20101024-1403.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00192-20101024-1403.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00191-20101024-1402.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00190-20101024-1402.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00185-20101023-2006.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00184-20101023-2006.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00183-20101023-1959.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00182-20101023-1958.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00181-20101023-1951.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00180-20101023-1922.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00179-20101023-1921.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00178-20101023-1413.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00174-20101019-1248.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00172-20101009-1934.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00171-20101009-1439.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00169-20101009-1435.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00168-20101009-1435.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00167-20101009-1320.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00166-20101009-1319.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00165-20101009-1319.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00164-20101002-1708.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Closet-SoundMAX_Digital_Audio.mp3:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\ax265.txt:Roxio EMC Stream

< End of report >

Broni · Jan 3, 2012

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:OTL
PRC - [2011/05/17 12:29:46 | 000,395,144 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-501\..\URLSearchHook: {1c583e40-0629-4bb9-ab68-1cf539f2f782} - No CLSID value found
FF - prefs.js..extensions.enabledItems: searchtoolbar@zugo.com:1.2
[2011/12/15 10:51:06 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\ extensions\toolbar@ask.com
[2010/11/20 19:01:36 | 000,010,058 | ---- | M] () -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\ searchplugins\mywebsearch.xml
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1590791344-3878488123-162718608-501\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
IE - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=ZUGO&form=ZGAPHP
[2011/05/16 09:07:39 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\ extensions\searchtoolbar@zugo.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearc h.com: C:\Program Files\MyWebSearch\bar\1.bin
[2011/10/13 10:21:59 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\ extensions\m3ffxtbr@mywebsearch.com
[2010/11/20 19:01:36 | 000,010,058 | ---- | M] () -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\ searchplugins\mywebsearch.xml
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4 - HKU\S-1-5-21-1590791344-3878488123-162718608-501..\Run: [tNWFkRdJVp.exe] C:\ProgramData\tNWFkRdJVp.exe File not found
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..Trusted Domains: convergysworkathome.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-1590791344-3878488123-162718608-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-1590791344-3878488123-162718608-501\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} Reg Error: Key error. (GameTap Player)
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\our board.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00242-20101024-1536.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00241-20101024-1536.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00240-20101024-1536.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00239-20101024-1532.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00238-20101024-1507.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00237-20101024-1507.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00236-20101024-1507.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00235-20101024-1507.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00234-20101024-1506.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00233-20101024-1505.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00232-20101024-1504.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00231-20101024-1504.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00230-20101024-1503.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00228-20101024-1502.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00227-20101024-1501.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00226-20101024-1501.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00225-20101024-1501.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00224-20101024-1500.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00222-20101024-1452.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00220-20101024-1451.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00219-20101024-1451.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00214-20101024-1447.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00212-20101024-1446.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00211-20101024-1446.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00210-20101024-1445.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00209-20101024-1444.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00208-20101024-1443.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00207-20101024-1440.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00206-20101024-1440.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00205-20101024-1439.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00204-20101024-1437.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00202-20101024-1436.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00201-20101024-1434.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00200-20101024-1433.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00199-20101024-1433.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00198-20101024-1432.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00197-20101024-1406.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00196-20101024-1406.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00195-20101024-1404.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00194-20101024-1403.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00193-20101024-1403.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00192-20101024-1403.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00191-20101024-1402.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00190-20101024-1402.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00185-20101023-2006.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00184-20101023-2006.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00183-20101023-1959.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00182-20101023-1958.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00181-20101023-1951.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00180-20101023-1922.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00179-20101023-1921.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00178-20101023-1413.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00174-20101019-1248.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00172-20101009-1934.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00171-20101009-1439.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00169-20101009-1435.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00168-20101009-1435.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00167-20101009-1320.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00166-20101009-1319.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00165-20101009-1319.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\IMG00164-20101002-1708.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Closet-SoundMAX_Digital_Audio.mp3:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\ax265.txt:Roxio EMC Stream

:Services

:Reg

:Files
C:\Program Files\Ask.com

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.

=============================================================

1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.

============================================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

Disable your antivirus program
Tick the box next to YES, I accept the Terms of Use
Click Start
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click on List of found threats
Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
NOTE. If Eset won't find any threats, it won't produce any log.

ShannonD · Jan 3, 2012

I rebooted after OTL ran but I did not receive a log...should I re-run?

Broni · Jan 3, 2012

Please do.

ShannonD · Jan 3, 2012

All processes killed
========== OTL ==========
No active process named Updater.exe was found!
HKU\S-1-5-21-1590791344-3878488123-162718608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1590791344-3878488123-162718608-501\Software\Microsoft\Internet Explorer\URLSearchHooks\\{1c583e40-0629-4bb9-ab68-1cf539f2f782} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c583e40-0629-4bb9-ab68-1cf539f2f782}\ not found.
Prefs.js: searchtoolbar@zugo.com:1.2 removed from extensions.enabledItems
Folder C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\ extensions\toolbar@ask.com\ not found.
File C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\ searchplugins\mywebsearch.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1590791344-3878488123-162718608-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1590791344-3878488123-162718608-501\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater not found.
File C:\Program Files\Ask.com\Updater\Updater.exe not found.
HKU\S-1-5-21-1590791344-3878488123-162718608-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Folder C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\ extensions\searchtoolbar@zugo.com\ not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearc h.com: C:\Program Files\MyWebSearch\bar\1.bin not found.
Folder C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\ extensions\m3ffxtbr@mywebsearch.com\ not found.
File C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\44jfusc6.default\ searchplugins\mywebsearch.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_USERS\S-1-5-21-1590791344-3878488123-162718608-501\Software\Microsoft\Windows\CurrentVersion\Run\\tNWFkRdJVp.exe not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http not found.
Registry key HKEY_USERS\S-1-5-21-1590791344-3878488123-162718608-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\convergysworkathome.com\www\ not found.
Registry value HKEY_USERS\S-1-5-21-1590791344-3878488123-162718608-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http not found.
Registry value HKEY_USERS\S-1-5-21-1590791344-3878488123-162718608-501\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http not found.
Starting removal of ActiveX control {4F29DE54-5EB7-4D76-B610-A86B5CD2A234}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}\ not found.
Unable to delete ADS C:\Users\Shannon\Documents\our board.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00242-20101024-1536.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00241-20101024-1536.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00240-20101024-1536.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00239-20101024-1532.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00238-20101024-1507.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00237-20101024-1507.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00236-20101024-1507.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00235-20101024-1507.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00234-20101024-1506.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00233-20101024-1505.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00232-20101024-1504.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00231-20101024-1504.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00230-20101024-1503.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00228-20101024-1502.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00227-20101024-1501.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00226-20101024-1501.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00225-20101024-1501.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00224-20101024-1500.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00222-20101024-1452.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00220-20101024-1451.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00219-20101024-1451.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00214-20101024-1447.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00212-20101024-1446.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00211-20101024-1446.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00210-20101024-1445.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00209-20101024-1444.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00208-20101024-1443.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00207-20101024-1440.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00206-20101024-1440.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00205-20101024-1439.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00204-20101024-1437.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00202-20101024-1436.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00201-20101024-1434.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00200-20101024-1433.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00199-20101024-1433.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00198-20101024-1432.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00197-20101024-1406.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00196-20101024-1406.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00195-20101024-1404.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00194-20101024-1403.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00193-20101024-1403.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00192-20101024-1403.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00191-20101024-1402.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00190-20101024-1402.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00185-20101023-2006.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00184-20101023-2006.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00183-20101023-1959.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00182-20101023-1958.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00181-20101023-1951.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00180-20101023-1922.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00179-20101023-1921.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00178-20101023-1413.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00174-20101019-1248.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00172-20101009-1934.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00171-20101009-1439.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00169-20101009-1435.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00168-20101009-1435.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00167-20101009-1320.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00166-20101009-1319.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00165-20101009-1319.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\IMG00164-20101002-1708.jpg:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\Closet-SoundMAX_Digital_Audio.mp3:Roxio EMC Stream .
Unable to delete ADS C:\Users\Shannon\Documents\ax265.txt:Roxio EMC Stream .
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File\Folder C:\Program Files\Ask.com not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 49596 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 17497560 bytes
->Flash cache emptied: 456 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Shannon
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1578 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 17.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: Public

User: Shannon
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 01032012_135656

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

ShannonD · Jan 3, 2012

Im having some problems with JavaRa...Im not seeing where I need to run it as administrator??

ShannonD · Jan 3, 2012

Is it because I am possibly doing all of this from the "guest" account on my laptop. I am on the guest account (this is the account my kids use) and where all the problems started?

Broni · Jan 3, 2012

At this point your computer should be rather clean so you can restart in admin account.

ShannonD · Jan 3, 2012

Ok I am not longer on the guest account...How do I get the JavaRa to save to my desktop and run it as admin?

ShannonD · Jan 3, 2012

It prompts me to open with (shows WinRAR.zip as my default) or to save file...when I save file it brings it up but did not save it to my desktop

Broni · Jan 3, 2012

Save it wherever you want and then move it to the desktop.

ShannonD · Jan 4, 2012

When I right click it, it does not give me the option to run as admin??

Broni · Jan 4, 2012

Are you in admin account?
Did you unzip downloaded file?

ShannonD · Jan 4, 2012

Yes I am under my account...and no I didnt unzip as I am really not sure how to do so..I have never done it before.

Broni · Jan 4, 2012

Double click on zipped file and it'll unzip.

Inactive [A] Hard drive clusters are partly damaged issue!

Posts: 30 +0

Posts: 56,041 +516

Posts: 30 +0

Posts: 30 +0

Posts: 30 +0

Posts: 56,041 +516

Posts: 30 +0

Posts: 56,041 +516

Posts: 30 +0

Posts: 30 +0

Posts: 30 +0

Posts: 56,041 +516

Posts: 30 +0

Posts: 30 +0

Posts: 56,041 +516

Posts: 30 +0

Posts: 56,041 +516

Posts: 30 +0

Posts: 56,041 +516

Similar threads