Checkup.txt
Results of screen317's Security Check version 0.99.59
Windows XP Service Pack 2 x86
Out of date service pack!!
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java 6 Update 17
Java SE Runtime Environment 6 Update 1
Java version out of Date!
Adobe Flash Player 10
Flash Player out of Date!
Adobe Reader 9
Adobe Reader out of Date!
Google Chrome 24.0.1312.57
Google Chrome 25.0.1364.97
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 6%
````````````````````End of Log``````````````````````
OTL logfile created on: 2/24/2013 1:33:32 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Gayle Perry\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.42 Mb Total Physical Memory | 378.74 Mb Available Physical Memory | 37.34% Memory free
2.38 Gb Paging File | 1.87 Gb Available in Paging File | 78.63% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.15 Gb Total Space | 59.25 Gb Free Space | 63.60% Space Free | Partition Type: NTFS
Drive D: | 1.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: GAYLE | User Name: Gayle Perry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Gayle Perry\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe (RealNetworks, Inc.)
PRC - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (Netscape Communications Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
========== Services (SafeList) ==========
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE (Symantec Corporation)
SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (NCUpdateSvc) -- C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (Netscape Communications Corporation)
========== Driver Services (SafeList) ==========
DRV - (Winsock - Google Desktop Search Backup Before Last Install) -- File not found
DRV - (Winsock - Google Desktop Search Backup Before First Install) -- File not found
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (MRESP50a64) -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS File not found
DRV - (MREMP50a64) -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (aswMBR) -- C:\DOCUME~1\GAYLEP~1\LOCALS~1\Temp\aswMBR.sys File not found
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (V0230VID) -- C:\WINDOWS\system32\drivers\V0230VID.sys (Creative Technology Ltd.)
DRV - (V0230Vfx) -- C:\WINDOWS\system32\drivers\V0230Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (CAMCHALA) -- C:\WINDOWS\system32\drivers\camc6hal.sys (Conexant Systems Inc.)
DRV - (CAMCAUD) -- C:\WINDOWS\system32\drivers\camc6aud.sys (Conexant Systems Inc.)
DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (w29n51) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (eabfiltr) -- C:\WINDOWS\system32\drivers\eabfiltr.sys (Hewlett-Packard Company)
DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.)
DRV - (LHidUsb) -- C:\WINDOWS\system32\drivers\LHidUsb.sys (Logitech, Inc.)
DRV - (LHidFlt2) -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys (Logitech, Inc.)
DRV - (cdrbsvsd) -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys (B.H.A Corporation)
DRV - (eabusb) -- C:\WINDOWS\system32\drivers\EabUsb.sys (Hewlett-Packard Company)
DRV - (PalmUSBD) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys (Palm, Inc.)
DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...mp;sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" =
http://dts.search-re...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.99searchengines.com/?op [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.condui...&ctid=CT3239904
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {2421d847-721c-404f-87b4-bbd2b95d1087} - C:\Program Files\SocialSearchBar_App\prxtbSoc0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...amp;Form=IE8SRC
IE - HKCU\..\SearchScopes\{14D166C7-3F4D-4261-A3C1-7117FFEB4668}: "URL" =
http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{2D37E082-6FB8-4CC1-9B09-7B6570FA76C3}: "URL" =
http://rover.ebay.co...e={searchTerms}
IE - HKCU\..\SearchScopes\{33F025C6-193B-4E50-A2A3-AAC77F3985FE}: "URL" =
http://delicious.com...p={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...mp;sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" =
http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{97811D0C-8BEE-4B63-933C-A2A837E994E3}: "URL" =
http://www.dealio.co...d={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" =
http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" =
http://search.condui...;ctid=CT3239904
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" =
http://search.yahoo....amp;fr=chr-tyc8
IE - HKCU\..\SearchScopes\{F4FC0811-AB17-4759-9E77-BA12542D28F3}: "URL" =
http://www.flickr.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{FE190563-3211-40AE-A99A-5B3386B655D0}: "URL" =
http://www.google.co...amp;rlz=1I7HPID
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/01/02 09:41:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/01/21 20:14:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\support@unfriendapp.com: C:\Program Files\UnfriendApp\Firefox\ [2013/01/23 20:35:35 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - homepage:
http://search.imesh.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{g
oogle:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
http://search.imesh.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealDownloader = C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
CHR - Extension: UnfriendApp = C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.5.65263_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Gmail = C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2004/08/04 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O2 - BHO: (SocialSearchBar_App Toolbar) - {2421d847-721c-404f-87b4-bbd2b95d1087} - C:\Program Files\SocialSearchBar_App\prxtbSoc0.dll (Conduit Ltd.)
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (UnfriendApp) - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\Program Files\UnfriendApp\IE\common.dll (UnfriendApp)
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O2 - BHO: (BellSouth Toolbar) - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:\Program Files\blstoolbar\blstoolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (SocialSearchBar_App Toolbar) - {2421d847-721c-404f-87b4-bbd2b95d1087} - C:\Program Files\SocialSearchBar_App\prxtbSoc0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (BellSouth Toolbar) - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:\Program Files\blstoolbar\blstoolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (SocialSearchBar_App Toolbar) - {2421D847-721C-404F-87B4-BBD2B95D1087} - C:\Program Files\SocialSearchBar_App\prxtbSoc0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BellSouth Toolbar) - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:\Program Files\blstoolbar\blstoolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard )
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [V0230Mon.exe] C:\WINDOWS\system32\V0230Mon.exe (Creative Technology Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A}
http://web1.shutterf...ds/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A998300-9DC8-42E4-8824-68041F057F79}: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{862FA24B-CAFC-44E9-806B-FDF4317F6B0F}: DhcpNameServer = 65.32.5.111 65.32.5.112
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\BTXPPanel.dll (Broadcom Corporation.)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logitech\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = QW] -- "C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\ffd.exe" -a "%1" %* ()
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2013/02/24 12:57:13 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Gayle Perry\Desktop\aswMBR.exe
[2013/02/24 12:47:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gayle Perry\Desktop\OTL.exe
[2013/02/23 21:24:55 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Gayle Perry\Desktop\HiJackThis.exe
[2013/02/23 21:00:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Gayle Perry\Recent
[2013/02/07 18:57:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gayle Perry\My Documents\RealPlayer Downloads
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/02/24 13:34:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2013/02/24 13:28:26 | 000,000,490 | ---- | M] () -- C:\Documents and Settings\Gayle Perry\Desktop\MBR.zip
[2013/02/24 13:26:44 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Gayle Perry\Desktop\MBR.dat
[2013/02/24 13:23:03 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2013/02/24 12:57:13 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Gayle Perry\Desktop\aswMBR.exe
[2013/02/24 12:47:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gayle Perry\Desktop\OTL.exe
[2013/02/24 12:39:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/24 12:38:40 | 000,881,935 | ---- | M] () -- C:\Documents and Settings\Gayle Perry\Desktop\SecurityCheck.exe
[2013/02/24 12:27:55 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-43951139-821738831-4022988679-1005.job
[2013/02/24 12:27:51 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/24 12:27:23 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/24 12:27:22 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-43951139-821738831-4022988679-1005.job
[2013/02/24 12:27:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/24 12:27:12 | 1063,768,064 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/24 09:35:19 | 000,015,346 | -HS- | M] () -- C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\6o4v7yr6ikfw18072u
[2013/02/24 09:35:19 | 000,015,346 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\6o4v7yr6ikfw18072u
[2013/02/23 21:57:26 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/02/23 21:25:00 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Gayle Perry\Desktop\HiJackThis.exe
[2013/02/23 21:09:08 | 000,232,902 | ---- | M] () -- C:\Documents and Settings\Gayle Perry\My Documents\cc_20130223_210855.reg
[2013/02/23 20:52:46 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-43951139-821738831-4022988679-1005.job
[2013/02/23 20:15:39 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/02/22 20:22:21 | 000,242,688 | ---- | M] () -- C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\ffd.exe
[2013/02/21 20:06:43 | 000,000,320 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-43951139-821738831-4022988679-1005.job
[2013/02/07 18:56:51 | 000,000,338 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-43951139-821738831-4022988679-1005.job
[2013/02/05 21:14:27 | 000,000,044 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2013/02/02 23:26:56 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\Gayle Perry\My Documents\spider.sav
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/02/24 13:28:26 | 000,000,490 | ---- | C] () -- C:\Documents and Settings\Gayle Perry\Desktop\MBR.zip
[2013/02/24 13:26:44 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Gayle Perry\Desktop\MBR.dat
[2013/02/24 12:38:39 | 000,881,935 | ---- | C] () -- C:\Documents and Settings\Gayle Perry\Desktop\SecurityCheck.exe
[2013/02/23 21:09:01 | 000,232,902 | ---- | C] () -- C:\Documents and Settings\Gayle Perry\My Documents\cc_20130223_210855.reg
[2013/02/23 20:06:58 | 1063,768,064 | -HS- | C] () -- C:\hiberfil.sys
[2013/02/22 20:22:26 | 000,015,346 | -HS- | C] () -- C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\6o4v7yr6ikfw18072u
[2013/02/22 20:22:26 | 000,015,346 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\6o4v7yr6ikfw18072u
[2013/02/22 20:22:21 | 000,242,688 | ---- | C] () -- C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\ffd.exe
[2013/02/07 19:03:18 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-43951139-821738831-4022988679-1005.job
[2013/02/07 18:57:10 | 000,000,312 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-43951139-821738831-4022988679-1005.job
[2013/02/07 18:57:09 | 000,000,320 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-43951139-821738831-4022988679-1005.job
[2013/02/07 18:56:50 | 000,000,338 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-43951139-821738831-4022988679-1005.job
[2007/08/05 17:40:53 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/03 20:04:35 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/01/29 14:13:37 | 000,001,664 | ---- | C] () -- C:\Documents and Settings\Gayle Perry\Application Data\ViewerApp.dat
[2005/07/25 03:32:49 | 000,001,646 | ---- | C] () -- C:\Documents and Settings\Gayle Perry\Application Data\wklnhst.dat
[2005/07/25 03:21:46 | 000,002,510 | ---- | C] () -- C:\Documents and Settings\Gayle Perry\secedit.INTEG.RAW
========== ZeroAccess Check ==========
[2004/08/07 08:09:18 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2006/10/23 10:34:22 | 001,497,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 05:20:33 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/04 03:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012/09/28 19:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\171C5
[2011/07/22 21:13:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2007/02/24 19:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2011/07/22 21:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iMesh
[2008/10/02 16:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2005/04/18 14:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2005/12/07 19:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Netscape Internet Service
[2013/01/09 20:49:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/15 17:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2011/07/22 21:14:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{0ACE0403-C75D-488C-A403-7A57E9848B62}
[2010/04/20 06:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/11 17:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/09 17:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/07/22 21:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gayle Perry\Application Data\imeshbandmltbpi
[2005/08/11 16:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gayle Perry\Application Data\InterVideo
[2008/11/28 13:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gayle Perry\Application Data\iWin
[2005/08/14 13:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gayle Perry\Application Data\Leadertech
[2012/02/21 20:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gayle Perry\Application Data\mediabarim
[2012/09/18 20:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gayle Perry\Application Data\OpenOffice.org
[2009/08/14 08:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gayle Perry\Application Data\SpinTop
[2005/07/25 03:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gayle Perry\Application Data\Template
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2005/11/13 15:06:53 | 000,260,608 | ---- | M] () -- C:\bejewel_patch.exe
[2005/08/21 08:45:56 | 001,008,608 | ---- | M] (Microsoft Corp.) -- C:\Pandora10a.exe
< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2007/06/13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
[2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/04 03:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
< MD5 for: SERVICES.EXE >
[2009/02/06 06:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\services.exe
[2009/02/06 12:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 12:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\system32\services.exe
[2009/02/06 05:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2004/08/04 03:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[2004/08/04 03:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USERINIT.EXE >
[2004/08/04 03:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004/08/04 03:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe
< %systemroot%\*. /rp /s >
< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >
========== Drive Information ==========
Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: TOSHIBA MK1031GAS
Partitions: 1
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 93.00GB
Starting Offset: 32256
Hidden sectors: 0
========== Alternate Data Streams ==========
@Alternate Data Stream - 179 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B97C9F84
@Alternate Data Stream - 175 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3B00D439
@Alternate Data Stream - 175 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3597A698
@Alternate Data Stream - 161 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9ACFF27B
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7715B65F
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2BDCFAD6
< End of report >
OTL Extras logfile created on: 2/24/2013 1:33:32 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Gayle Perry\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.42 Mb Total Physical Memory | 378.74 Mb Available Physical Memory | 37.34% Memory free
2.38 Gb Paging File | 1.87 Gb Available in Paging File | 78.63% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.15 Gb Total Space | 59.25 Gb Free Space | 63.60% Space Free | Partition Type: NTFS
Drive D: | 1.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: GAYLE | User Name: Gayle Perry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = QW] -- C:\Documents and Settings\Gayle Perry\Local Settings\Application Data\ffd.exe ()
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh -- (iMesh, Inc)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Disabled:Earthlink
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\SightSpeed\SightSpeed.exe" = C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed -- (SightSpeed Inc.)
"C:\Program Files\att-nap\McciBrowser.exe" = C:\Program Files\att-nap\McciBrowser.exe:*:Enabled:motivebrowser.exe -- (Motive Communications, Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh -- (iMesh, Inc)
"C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{06ECCCF4-9295-468E-851C-9529A7C181E8}" = HP User Guides 0001
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0EE11800-A1BD-11D3-BFEB-005004AF2D32}" = Risk II
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}" = Picture Package
"{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 17
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant
"{4ecaf021-478c-40c1-b777-3368a15f9966}" = Macromedia Flash Player
"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel
"{534AA552-E1F1-4965-B2AA-FBDEB0730D60}" = muvee autoProducer 4.0 - SE
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5D3543CC-82B3-447E-B7D5-430C41946A54}" = Hoyle Puzzle Games 2003
"{5F5FA055-84C1-459B-B0B6-D48D210AE50A}" = Hoyle Casino 2003
"{618F637A-5D4D-48F4-9679-D02F45BD4315}" = LS_HSI
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile
"{8E50332B-772C-4AEA-BF56-94DE6A1D5F10}" = TIxx21
"{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A65F7CF8-6F76-40CE-B44D-D5A89D9881C7}" = MSN Toolbar Platform
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Picture Package Music Transfer
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.10 B2
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{EE35B247-F872-4FFD-BCD1-1970C7E86C84}" = GPS Image Tracker
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{FB26A501-6BA6-459B-89AA-9736730752FB}" = VoiceOver Kit
"{FFC3B772-C00A-42da-90A6-A87F4AFD73D9}" = Netscape Internet Service
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Advanced Video FX Engine" = Advanced Video FX Engine
"Alchemy and Bejeweled Pack" = Alchemy and Bejeweled Pack
"Bejeweled 2" = Bejeweled 2
"blstoolbar" = BellSouth Toolbar 2.0
"BroadJump Client Foundation" = BroadJump Client Foundation
"Canon iP90 Setup Utility" = Canon iP90 Setup Utility
"CANONBJ_Deinstall_CNMCP71.DLL" = Canon iP90
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_3080103C" = Soft Data Fax Modem with SmartCP
"Conexant PCI Audio" = Conexant AC-Link Audio
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Live! Cam Manager" = Creative Live! Cam Manager
"Creative Live! Cam Video IM Pro User's Guide English" = Creative Live! Cam Video IM Pro User's Guide (English)
"Creative Photo Calendar" = Creative Photo Calendar
"Creative Photo Manager" = Creative Photo Manager
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative VF0230" = Creative Live! Cam Video IM Pro Driver (1.00.07.0725)
"Defraggler" = Defraggler
"Dynasty" = Dynasty (remove only)
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"Free Pandora" = Free Pandora 1.0
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"Hoyle Board Games 3" = Hoyle Board Games 3
"Hoyle Card Games 4" = Hoyle Card Games 4
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"iMesh" = iMesh
"iMesh 1 MediaBar" = MediaBar
"InstallShield_{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"InstallShield_{5D3543CC-82B3-447E-B7D5-430C41946A54}" = Hoyle Puzzle Games 2003
"InstallShield_{5F5FA055-84C1-459B-B0B6-D48D210AE50A}" = Hoyle Casino 2003
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"InstallShield_{8E50332B-772C-4AEA-BF56-94DE6A1D5F10}" = Texas Instruments PCIxx21/x515 drivers.
"Jewel Quest" = Jewel Quest
"Jewel Quest® II" = Jewel Quest® II
"Jewel Quest® III" = Jewel Quest® III
"LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation)
"Luxor" = Luxor
"Luxor - Amun Rising" = Luxor - Amun Rising (remove only)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Money2005b" = Microsoft Money 2005
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Pandora's Box 1.0" = Microsoft Pandora's Box
"Puzzle Inlay" = Puzzle Inlay
"RealPlayer 16.0" = RealPlayer
"SCRABBLE" = SCRABBLE
"SightSpeed" = SightSpeed (remove only)
"SocialSearchBar_App Toolbar" = SocialSearchBar_App Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SysInfo" = Creative System Information
"The Weather Channel App" = The Weather Channel App
"UnfriendApp" = UnfriendApp
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"XLS Converter_is1" = XLS Converter 1.5.9
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2/20/2013 10:58:08 PM | Computer Name = GAYLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2/20/2013 10:58:09 PM | Computer Name = GAYLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16594
Error - 2/20/2013 10:58:09 PM | Computer Name = GAYLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16594
Error - 2/21/2013 9:15:06 PM | Computer Name = GAYLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2/21/2013 9:15:06 PM | Computer Name = GAYLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16047
Error - 2/21/2013 9:15:06 PM | Computer Name = GAYLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16047
Error - 2/22/2013 9:16:18 PM | Computer Name = GAYLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2/22/2013 9:16:18 PM | Computer Name = GAYLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 86488359
Error - 2/22/2013 9:16:18 PM | Computer Name = GAYLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 86488359
Error - 2/23/2013 9:47:37 PM | Computer Name = GAYLE | Source = Application Error | ID = 1000
Description = Faulting application reimagerepair.exe, version 1.2.6.1, faulting
module unknown, version 0.0.0.0, fault address 0x010233e7.
[ System Events ]
Error - 2/23/2013 9:09:33 PM | Computer Name = GAYLE | Source = Service Control Manager | ID = 7000
Description = The Automatic LiveUpdate Scheduler service failed to start due to
the following error: %%1053
Error - 2/23/2013 9:14:04 PM | Computer Name = GAYLE | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460
Error - 2/23/2013 9:52:41 PM | Computer Name = GAYLE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the WebClient service to
connect.
Error - 2/23/2013 9:52:42 PM | Computer Name = GAYLE | Source = Service Control Manager | ID = 7000
Description = The WebClient service failed to start due to the following error:
%%1053
Error - 2/23/2013 9:57:29 PM | Computer Name = GAYLE | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460
Error - 2/24/2013 12:56:18 AM | Computer Name = GAYLE | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.5 on
the Network Card with network address 0012F06D9E1C.
Error - 2/24/2013 10:46:37 AM | Computer Name = GAYLE | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460
Error - 2/24/2013 11:43:26 AM | Computer Name = GAYLE | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460
Error - 2/24/2013 12:38:12 PM | Computer Name = GAYLE | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.5 on
the Network Card with network address 0012F06D9E1C.
Error - 2/24/2013 1:32:47 PM | Computer Name = GAYLE | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460
< End of report >
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-24 13:02:14
-----------------------------
13:02:14.343 OS Version: Windows 5.1.2600 Service Pack 2
13:02:14.343 Number of processors: 1 586 0xD08
13:02:14.343 ComputerName: GAYLE UserName:
13:02:14.828 Initialize success
13:08:38.046 AVAST engine defs: 13022400
13:10:14.796 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
13:10:14.796 Disk 0 Vendor: TOSHIBA_MK1031GAS AA204C Size: 95396MB BusType: 3
13:10:14.828 Disk 0 MBR read successfully
13:10:14.843 Disk 0 MBR scan
13:10:14.953 Disk 0 unknown MBR code
13:10:14.953 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 95385 MB offset 63
13:10:14.968 Disk 0 scanning sectors +195350400
13:10:15.078 Disk 0 scanning C:\WINDOWS\system32\drivers
13:10:31.843 Service scanning
13:11:07.468 Modules scanning
13:12:05.578 Disk 0 trace - called modules:
13:12:05.656 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
13:12:05.671 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f44ab8]
13:12:06.218 3 CLASSPNP.SYS[f761d05b] -> nt!IofCallDriver -> \Device\00000079[0x86f57778]
13:12:06.234 5 ACPI.sys[f7493620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x86fa7d98]
13:12:07.578 AVAST engine scan C:\WINDOWS
13:12:15.062 AVAST engine scan C:\WINDOWS\system32
13:14:57.359 AVAST engine scan C:\WINDOWS\system32\drivers
13:15:18.375 AVAST engine scan C:\Documents and Settings\Gayle Perry
13:23:51.234 AVAST engine scan C:\Documents and Settings\All Users
13:26:06.281 Scan finished successfully
13:26:44.640 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Gayle Perry\Desktop\MBR.dat"
13:26:44.656 The log file has been saved successfully to "C:\Documents and Settings\Gayle Perry\Desktop\aswMBR.txt"