handbaggirl

Let me know if the other router works, i havent found a spare one to try, have had ok connection, going to change isp soon, but disabling the wireless connection on the hub settings (type in "bthomehub.home " in your browser to access her hub, you will need her password, the one that came with the hub unless she has already changed it.) seemed to make a bit of a difference, ie ..helped a bit in that my computer did actuall "see" my hub

Yes i have filters on all my connections, i started up this morning and was connected ok, think i will move to o2, at least they have uk based help lines and only i year contracts, cheers for your help :cool:

thanks, i will see if anyone has a spare, i couldnt believe it either when they told my it was working ok, so insistent on me paying for an engineer, not long till my term with them is up..fingers crossed it will be working tomorrow when i start up

spoke with bt help centre for ages re this hub and they insisted it was working properly, all they wanted to do was charge me for an engineer to come out, im nearing the end of my sign up term so im considering ditching them and going elsewhere. i am hoping the new driver will help...thanks

i am happy to use the cable, but im still getting the connection problems mentioned above, have had the cable in since day 2 , to be honest i didnt think you could get many problems if you used the cable, windows also updated the driver for the network adapter today, so im hoping this will help, when i looked at the hub manager, its said i was connected to the internet..true..but it said i had no ethernet connected to the hub..not true?

sorry, forgot to say, i saw in another help forum someone said ito disable the wireless connection,imy wireless connection wasnt in use but i have now disabled it, if that is of any help

back agian...this morning, no connection, reset the hub while using the local area connection diagnosis help, again it was detecting no valid ip configuration, have now this to show you Microsoft Windows [Version 6.1.7601] Copyright © 2009 Microsoft Corporation. All rights reserved. C:\Users\Diane>ipconfig /release Windows IP Configuration No operation can be performed on Wireless Network Connection 2 while it has its media disconnected. No operation can be performed on Wireless Network Connection while it has its me dia disconnected. Wireless LAN adapter Wireless Network Connection 2: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Wireless LAN adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : home Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::f422:2e85:7d69:47db%13 Default Gateway . . . . . . . . . : Tunnel adapter Local Area Connection* 9: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 12: Connection-specific DNS Suffix . : IPv6 Address. . . . . . . . . . . : 2001:0:c612:102:2000:1ef8:3f57:febf Link-local IPv6 Address . . . . . : fe80::2000:1ef8:3f57:febf%12 Default Gateway . . . . . . . . . : :: Tunnel adapter isatap.{59258B41-FBD9-45B2-9A97-F8FC4CD617B9}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.home: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : C:\Users\Diane>ipconfig /renew Windows IP Configuration No operation can be performed on Wireless Network Connection 2 while it has its media disconnected. No operation can be performed on Wireless Network Connection while it has its me dia disconnected. Wireless LAN adapter Wireless Network Connection 2: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Wireless LAN adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : home Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : home Link-local IPv6 Address . . . . . : fe80::f422:2e85:7d69:47db%13 IPv4 Address. . . . . . . . . . . : 192.168.1.64 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.254 Tunnel adapter Local Area Connection* 9: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 12: Connection-specific DNS Suffix . : IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:73b8:2833:1b83:3f57:febf Link-local IPv6 Address . . . . . : fe80::2833:1b83:3f57:febf%12 Default Gateway . . . . . . . . . : :: Tunnel adapter isatap.{59258B41-FBD9-45B2-9A97-F8FC4CD617B9}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.home: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : C:\Users\Diane> after resetting hub and using the network panel to try and resolve it i finally got online, this seems a bit like an intermittent fault i had when using xp, some days i had no connection and if i disabled then re-enabled the connection all was ok, sorry to have to ask for help again

havent tried to connect wirelessly again as i was just pleased to have any connection, i will see how it goes, thanks

my old computer is disconnected, i only had problems on the old one with the hub dropping the connecting for hours at a time,BT was no help in trying to resolve it, my new computer has stayed connected since start up this morning, with no drop in connection Microsoft Windows [Version 6.1.7601] Copyright © 2009 Microsoft Corporation. All rights reserved. C:\Users\Diane>ipconfig /realease Error: unrecognized or incomplete command line. USAGE: ipconfig [/allcompartments] [/? | /all | /renew [adapter] | /release [adapter] | /renew6 [adapter] | /release6 [adapter] | /flushdns | /displaydns | /registerdns | /showclassid adapter | /setclassid adapter [classid] | /showclassid6 adapter | /setclassid6 adapter [classid] ] where adapter Connection name (wildcard characters * and ? allowed, see examples) Options: /? Display this help message /all Display full configuration information. /release Release the IPv4 address for the specified adapter. /release6 Release the IPv6 address for the specified adapter. /renew Renew the IPv4 address for the specified adapter. /renew6 Renew the IPv6 address for the specified adapter. /flushdns Purges the DNS Resolver cache. /registerdns Refreshes all DHCP leases and re-registers DNS names /displaydns Display the contents of the DNS Resolver Cache. /showclassid Displays all the dhcp class IDs allowed for adapter. /setclassid Modifies the dhcp class id. /showclassid6 Displays all the IPv6 DHCP class IDs allowed for adapter . /setclassid6 Modifies the IPv6 DHCP class id. The default is to display only the IP address, subnet mask and default gateway for each adapter bound to TCP/IP. For Release and Renew, if no adapter name is specified, then the IP address leases for all adapters bound to TCP/IP will be released or renewed. For Setclassid and Setclassid6, if no ClassId is specified, then the ClassId is removed. Examples: > ipconfig ... Show information > ipconfig /all ... Show detailed information > ipconfig /renew ... renew all adapters > ipconfig /renew EL* ... renew any connection that has its name starting with EL > ipconfig /release *Con* ... release all matching connections, eg. "Local Area Connection 1" or "Local Area Connection 2" > ipconfig /allcompartments ... Show information about all compartments > ipconfig /allcompartments /all ... Show detailed information about all compartments C:\Users\Diane>ipconfig /renew Windows IP Configuration No operation can be performed on Wireless Network Connection 2 while it has its media disconnected. Wireless LAN adapter Wireless Network Connection 2: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : home Link-local IPv6 Address . . . . . : fe80::b911:7762:fb1b:41c1%14 IPv4 Address. . . . . . . . . . . : 192.168.1.65 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.254 Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : home Link-local IPv6 Address . . . . . : fe80::f422:2e85:7d69:47db%13 IPv4 Address. . . . . . . . . . . : 192.168.1.64 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.254 Tunnel adapter Local Area Connection* 9: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 12: Connection-specific DNS Suffix . : IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:308d:2c49:3f57:febf Link-local IPv6 Address . . . . . : fe80::308d:2c49:3f57:febf%12 Default Gateway . . . . . . . . . : :: Tunnel adapter isatap.{59258B41-FBD9-45B2-9A97-F8FC4CD617B9}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.home: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : home C:\Users\Diane> hope this give you the info you need

did as saked, 4 pkts sent 4 pkts received, no losses..so maybe its all systems go???

Hi, started up this morning and was connected..wired..right away, used this router on the old pc and it was ok, no exclaimation marks, will do what you asked but im hoping its sorted itsself out, thanks

Further to my earlier post, i turned off the pc, on restarting i had no internet connection, despite being wired in..after trying to troubleshoot it i got a message saying local area connection doesnt have a valid ip configuration and default gateway unavailable, i then clicked on to the "view your active networks "clicked where it showed my hub then clicked to change it on the screen showing, home, work, public, picked public network, i then got a connection, but earlier it was already on the public network choice..this is driving me mad !

the connection was ok wired earlier today, but when i came home windows said it couldnt detect any connection even though i had the cable plugged in!, ran the bt cd to enable wired connection, i see lots of neighbours connections, but not mine, but yesterday it showed mine and could connect after i changed the channel, today it didnt show mine , then after 4 refresh and a hub reset it showed mine but wouldnt connect to it, device manager says all is working ok

Hi, got a new windows 7 HP used to had xp, my home hub was playing up, no connection, was using wired connection to old computer, BT kept trying to get me to pay for an engineer, saying it was probably a problem here, since i said no to one coming out, connection hasnt dropped once, on this new one, on day one i set up wireless all went ok, next day no connection, eventually put in wired connection, changed channel in hub, all ok, this morning, no connection, have had to use wired connection, my hub isnt showing on list of available connections, tried all the troubleshooting but nothing helps..any ideas?

thanks:D

Hi, got a brand new pc..windows 7 now instead of xp...seems that after installing zone alarm i lost my wireless connection, and got an error message at start up saying windows hadnt closed properly, then pc shut down twice! had to go to a wired connection, then i stumbled across something saying that the firewall may be stopping access to the internet, in zone alarm interface i couldnt find how to see what programes etc was allowed and what wasnt, this version i downloaded looked nothing like the one i had previously, so i shut off zone alarm to try again...that didnt work but changed the channel on my bt hub2, and got wireless, i have now uninstalled zone alarm but am concerned that windows 7s own firewall just isnt good enough, i do have the BThub firewall enabled..am i ok or do i need to look at another firewall? I am also running avast free, have malware anti-malwarebytes installed too..thanks in advance

evening..further to my problem being sorted out, im reporting that all seems to be going fine now, have been using it without a glitch and hope that this means we are good to go! Thanks soooo much for your time and effort ,i really appreciate it, and know that it is a lot of work for you in your own time ,trying to rid us mere mortals of our computer woes

Cheers for the help, everything seems to be fine, got new wallpaper and i have also been on my husbands side and theres no problems or things gone weird with his docs, previously when we had malware, some of his stuff got rearranged, hope that all is well now, was a bit concerned that avast didnt detect there 2 threats, but i guess thats just one of those things..would you recommend be running that online scanner from time to time ? i run my superanti spyware mannually, even though it did start up on boot it didnt run, its the free version..thanks again i will get back to you in a few days and let you know how things are, i much appreciate your time and effort :cool:

yes, im having some help with avast going awall, im not doing anything that will cause any upsets till i can see if i can find and fix what i have :)

HI, thanks for getting back to me i am posting my findings C:\Program Files\ZoneAlarmSB\bar\1.bin\NPZONESB.DLL Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined C:\Program Files\ZoneAlarmSB\bar\1.bin\Z4PLUGIN.DLL a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\ deleted successfully. C:\Program Files\ZoneAlarm_Security\prxtbZon2.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}\ deleted successfully. C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{91da5e8a-3318-4f8c-b67e-5964de3ab546} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\ not found. File C:\Program Files\ZoneAlarm_Security\prxtbZon2.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}\ deleted successfully. File C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}\ not found. File C:\Program Files\ZoneAlarm_Security\prxtbZon2.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}\ not found. File C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. ========== REGISTRY ========== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\"E0756EFBE3605F45893D325421255D7CCD786625._service_ run"|_ /E : value set successfully! ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Documents and Settings\Diane\Desktop\cmd.bat deleted successfully. C:\Documents and Settings\Diane\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes ->Java cache emptied: 0 bytes User: Diane ->Temp folder emptied: 2409541418 bytes ->Temporary Internet Files folder emptied: 33435284 bytes ->Java cache emptied: 34712254 bytes ->FireFox cache emptied: 90112914 bytes ->Google Chrome cache emptied: 112106996 bytes ->Opera cache emptied: 11025657 bytes ->Flash cache emptied: 10857 bytes User: LocalService ->Temp folder emptied: 2050044 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 4283388 bytes ->Temporary Internet Files folder emptied: 132283300 bytes User: Stewart ->Temp folder emptied: 549333088 bytes ->Temporary Internet Files folder emptied: 33002693 bytes ->Java cache emptied: 97685773 bytes ->FireFox cache emptied: 58535845 bytes ->Opera cache emptied: 25926594 bytes ->Flash cache emptied: 29119 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 129864 bytes %systemroot%\System32 .tmp files removed: 3774993 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 76203316 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 186101146 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 4294869601 bytes Total Files Cleaned = 7,777.00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.33.2 log created on 02232012_083933 Files\Folders moved on Reboot... C:\Documents and Settings\Diane\Local Settings\Temp\~DF5D03.tmp moved successfully. File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found! C:\WINDOWS\temp\Perflib_Perfdata_bdc.dat moved successfully. File\Folder C:\WINDOWS\temp\ZLT07132.TMP not found! Registry entries deleted on Reboot... 2 threats were removed that avast didnt find, also on starting up this morning my wallpaper has now vanished! do you think that this has now solved my problem,? many thanks for your help so far

I seem to have had this happen to me, a couple of weeks back i was having a nightmare with any browers, hanging, not responding etc, the i got avast telling me i had virus in adobe and mcafee site advisor, i removed them both but when i downloaded the newest mcafee i got avast telling me it was infected, im now without it as im scared to download it, i though maybe the first site was a fake site so i tried another and again avast said it was infected...so is this a false positive and should i go and get mcafee again? having said this since i removed it no more browser problems

thanks so much :D

Finally managed to paste these logs, hope you understand them and there is a solution to my little problem

here is the second log from OTL OTL Extras logfile created on: 22/02/2012 09:26:50 - Run 1 OTL by OldTimer - Version 3.2.33.2 Folder = C:\Documents and Settings\Diane\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 501.77 Mb Total Physical Memory | 122.31 Mb Available Physical Memory | 24.38% Memory free 1.24 Gb Paging File | 0.22 Gb Available in Paging File | 17.57% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 145.72 Gb Total Space | 96.65 Gb Free Space | 66.32% Space Free | Partition Type: NTFS Drive D: | 3.32 Gb Total Space | 1.43 Gb Free Space | 43.12% Space Free | Partition Type: FAT32 Computer Name: DIANESCOMPUTER | User Name: Diane | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] "DisableMonitoring" = 1 ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon "C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd) "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION) "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0038B7BB-C6E6-59D4-8F6F-2B2E707F89F6}" = MozyHome "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime "{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{109D28C7-FB38-483A-9C91-001CB59E2699}" = EPSON CardMonitor "{1D643CD2-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{23B59ED4-C360-11D7-875B-0090CC005647}" = EPSON PRINT Image Framer Tool2.1 "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java 6 Update 22 "{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java 6 Update 30 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2B120B1D-1908-4FB3-8C9D-72128A74E80A}" = ZoneAlarm Security "{30482AC3-4FC6-4E35-95F2-0BB415960631}" = Bing Bar "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36C9E08A-BE2B-40A0-83C5-576748F7B777}" = TestDrive Client "{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2 "{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3 "{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{549622DF-3674-459C-81F3-38124A45FA0E}" = MusicBridge "{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}" = PIF DESIGNER2.1 "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader "{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver "{8C64E149-54BA-11D6-91B1-00500462BE80}" = Microsoft Money System Pack "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_PUBLISHERR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PUBLISHERR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PUBLISHERR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PUBLISHERR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_PUBLISHERR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_PUBLISHERR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-0019-0000-0000-0000000FF1CE}" = Microsoft Office Publisher 2007 "{91120000-0019-0000-0000-0000000FF1CE}_PUBLISHERR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0019-0000-0000-0000000FF1CE}_PUBLISHERR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{9600B88C-BE14-4BEA-A529-F5F312900BA3}" = Samsung PC Studio 3 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A386CC19-1E79-4D4C-A54B-C8747871E4AD}" = ZoneAlarm Firewall "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2) "{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C48817E7-AA05-4151-A99D-1E1E550CE801}" = EPSON PhotoStarter3.1 "{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D2A0F8F4-CE50-4857-A21C-3061682B2E87}" = Sansa Media Converter "{DA898F5C-4C85-4CF4-825B-E05D07DC39DD}" = BT Broadband Support Tools "{DAB5C521-80B2-48C3-B0DA-326A1B331F55}" = GoToAssist Corporate "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint "{FF262740-C85A-11D5-BBEC-00D0B740900A}" = Multimedia Keyboard Driver "0BCA6D24013166B380927D270B90FF6D447A4AAA" = Windows Driver Package - OPTO ELECTRONICS CO.,LTD (optousb) Ports (06/02/2008 2.0.5.5) "6194C28A8F62DD817EA1B918E6E46E806A21B452" = Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) "65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) "ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9 "America Online uk" = AOL UK (Choose which version to remove) "American Greetings® Art & More Store" = American Greetings® Art & More Store "AOL Connectivity Services" = AOL Connectivity Services "AOL YGP Screensaver" = AOL You've Got Pictures Screensaver "AOLCoach uk" = AOL Coach Version 1.0(Build:20040201.2 uk) "avast" = avast! Free Antivirus "BT Broadband Desktop Help" = BT Broadband Desktop Help "BTHomeHub" = BTHomeHub "Create your own Event Reminder_is1" = Create your own Event Reminder "EPSON Printer and Utilities" = EPSON Printer Software "EPSON Scanner" = EPSON Scan "EPSON SX218 Series" = EPSON SX218 Series Printer Uninstall "EPSON SX218 Series Manual" = EPSON SX218 Series Manual "FinePix Genie_is1" = FUJIFILM MyFinePix Studio 1.0 "GoToAssist" = GoToAssist Corporate "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "ImgBurn" = ImgBurn "InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader "LastFM_is1" = Last.fm 1.5.4.24567 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 10.0 (x86 en-US)" = Mozilla Firefox 10.0 (x86 en-US) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MSPUB4" = Microsoft Publisher 97 "Nero - Burning Rom!UninstallKey" = Nero OEM "Nero BurnRights!UninstallKey" = Nero BurnRights "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Opera 11.61.1250" = Opera 11.61 "Picasa 3" = Picasa 3 "PrintMaster 7.00" = PrintMaster 7.00 "PROSet" = Intel® PRO Network Adapters and Drivers "PUBLISHERR" = Microsoft Office Publisher 2007 Trial "RealPlayer 6.0" = RealPlayer Basic "SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "Serif DrawPlus 3.0" = Serif DrawPlus 3.0 "SLAMRNTV" = Smart Link 56K Voice Modem "Spotify" = Spotify "StreetPlugin" = Learn2 Player (Uninstall Only) "ViewpointMediaPlayer" = Viewpoint Media Player "WebPost" = Microsoft Web Publishing Wizard 1.52 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Word8.0" = Microsoft Word 97 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "YTdetect" = Yahoo! Detect "ZoneAlarm Free" = ZoneAlarm Free "ZoneAlarm Toolbar" = ZoneAlarm Toolbar "ZoneAlarm_Security Toolbar" = ZoneAlarm Security Toolbar "ZoneAlarmSB Uninstall" = ZoneAlarm Spy Blocker ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 22/01/2012 09:36:33 | Computer Name = DIANESCOMPUTER | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 22/01/2012 09:40:20 | Computer Name = DIANESCOMPUTER | Source = Application Hang | ID = 1002 Description = Hanging application firefox.exe, version 1.9.2.4363, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 29/01/2012 01:53:12 | Computer Name = DIANESCOMPUTER | Source = Application Hang | ID = 1002 Description = Hanging application OSASOI.EXE, version 1.0.3.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 29/01/2012 02:15:21 | Computer Name = DIANESCOMPUTER | Source = MPSampleSubmission | ID = 5000 Description = Error - 29/01/2012 07:31:13 | Computer Name = DIANESCOMPUTER | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 29/01/2012 07:33:40 | Computer Name = DIANESCOMPUTER | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 29/01/2012 07:41:26 | Computer Name = DIANESCOMPUTER | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module msxml3.dll, version 8.100.1052.0, fault address 0x000a1425. Error - 30/01/2012 13:35:45 | Computer Name = DIANESCOMPUTER | Source = Application Hang | ID = 1002 Description = Hanging application firefox.exe, version 9.0.1.4371, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 01/02/2012 14:55:01 | Computer Name = DIANESCOMPUTER | Source = Application Error | ID = 1000 Description = Faulting application firefox.exe, version 9.0.1.4371, faulting module msvcr80.dll, version 8.0.50727.6195, fault address 0x00048b76. Error - 09/02/2012 13:16:13 | Computer Name = DIANESCOMPUTER | Source = Application Error | ID = 1000 Description = Faulting application opera.exe, version 11.61.1250.0, faulting module , version 11.61.1250.0, fault address 0x0091c867. [ System Events ] Error - 09/02/2012 08:34:41 | Computer Name = DIANESCOMPUTER | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 09/02/2012 08:34:41 | Computer Name = DIANESCOMPUTER | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 09/02/2012 08:34:41 | Computer Name = DIANESCOMPUTER | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 09/02/2012 08:34:41 | Computer Name = DIANESCOMPUTER | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 09/02/2012 08:34:41 | Computer Name = DIANESCOMPUTER | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 09/02/2012 08:34:41 | Computer Name = DIANESCOMPUTER | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 14/02/2012 13:44:05 | Computer Name = DIANESCOMPUTER | Source = Service Control Manager | ID = 7011 Description = Timeout (30000 milliseconds) waiting for a transaction response from the wscsvc service. Error - 21/02/2012 10:18:49 | Computer Name = DIANESCOMPUTER | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: aswSnx Error - 21/02/2012 13:19:51 | Computer Name = DIANESCOMPUTER | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: aswSnx Error - 22/02/2012 03:48:54 | Computer Name = DIANESCOMPUTER | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: aswSnx < End of report >

here is the first log from otl OTL logfile created on: 22/02/2012 09:26:50 - Run 1 OTL by OldTimer - Version 3.2.33.2 Folder = C:\Documents and Settings\Diane\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 501.77 Mb Total Physical Memory | 122.31 Mb Available Physical Memory | 24.38% Memory free 1.24 Gb Paging File | 0.22 Gb Available in Paging File | 17.57% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 145.72 Gb Total Space | 96.65 Gb Free Space | 66.32% Space Free | Partition Type: NTFS Drive D: | 3.32 Gb Total Space | 1.43 Gb Free Space | 43.12% Space Free | Partition Type: FAT32 Computer Name: DIANESCOMPUTER | User Name: Diane | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Diane\Desktop\OTL.scr (OldTimer Tools) PRC - C:\Program Files\Opera\opera.exe (Opera Software) PRC - C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD) PRC - C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) PRC - C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies) PRC - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) PRC - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com) PRC - C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.) PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe (Alcatel-Lucent) PRC - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIGDE.EXE (SEIKO EPSON CORPORATION) PRC - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY) PRC - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.) PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) PRC - C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Digital Media Reader\shwiconEM.exe (Alcor Micro, Corp.) PRC - C:\WINDOWS\zHotkey.exe () PRC - C:\WINDOWS\system32\slserv.exe ( ) PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.) PRC - C:\Program Files\Microsoft Office\Office\OSA.EXE () ========== Modules (No Company Name) ========== MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll () MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll () MOD - C:\Program Files\Alwil Software\Avast5\defs\12022101\algo.dll () MOD - C:\Program Files\Alwil Software\Avast5\defs\12022100\algo.dll () MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL () MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll () MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll () MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\WINDOWS\zHotkey.exe () MOD - C:\Program Files\ArcSoft\PhotoImpression 5\Share\PIHook.dll () MOD - C:\WINDOWS\HKNTDLL.dll () MOD - C:\Program Files\Microsoft Office\Office\MSO97.DLL () MOD - C:\Program Files\Microsoft Office\Office\OSA.EXE () ========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- File not found SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV - (vsmon) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD) SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies) SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com) SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.) SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.) SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY) SRV - (PrismXL) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe ( ) SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.) ========== Driver Services (SafeList) ========== DRV - (MBAMSwissArmy) -- File not found DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software) DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software) DRV - (Vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD) DRV - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies) DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider) DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative) DRV - (optovcm) -- C:\WINDOWS\system32\drivers\optovcm.sys (OPTO ELECTRONICS CO.,LTD.) DRV - (optousb) -- C:\WINDOWS\system32\drivers\optousb.sys (OPTO ELECTRONICS CO.,LTD.) DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI Corporation) DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI Corporation) DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI Corporation) DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys () DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.) DRV - (SunkFilt) -- C:\WINDOWS\system32\drivers\Sunkfilt.sys (Alcor Micro Corp.) DRV - (SunkFilt39) -- C:\WINDOWS\system32\drivers\Sunkfilt39.sys (Alcor Micro Corp.) DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys ( ) DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys ( ) DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys ( ) DRV - (RecAgent) -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys ( ) DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK provider) DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys ( ) DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys ( ) DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys ( ) DRV - (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) -- C:\WINDOWS\system32\drivers\alcan5wn.sys (THOMSON) DRV - (alcaudsl) -- C:\WINDOWS\system32\drivers\alcaudsl.sys (THOMSON) DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.) DRV - (DC21x4) -- C:\WINDOWS\system32\drivers\dc21x4.sys (Intel Corporation.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/?ocid=OIE8HP&PC=B8DF IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\prxtbZon2.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Secure Search" FF - prefs.js..browser.search.selectedEngine: "Secure Search" FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/firefox?client=firefox-a&rls=org.mozilla:en-GB:official" FF - prefs.js..extensions.enabledItems: firefox@facebook.com:1.6 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63 FF - prefs.js..extensions.enabledItems: {91da5e8a-3318-4f8c-b67e-5964de3ab546}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.260.0 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1203 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=mcafee&p=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/12/16 08:09:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/02/08 15:24:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/03 15:47:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/09 12:52:34 | 000,000,000 | ---D | M] [2009/01/03 18:39:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Diane\Application Data\Mozilla\Extensions [2012/01/31 14:35:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Diane\Application Data\Mozilla\Firefox\Profiles\x1lx8ebb.default\extensions [2011/12/19 08:05:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Diane\Application Data\Mozilla\Firefox\Profiles\x1lx8ebb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012/01/31 14:35:03 | 000,000,000 | ---D | M] (ZoneAlarm Security Community Toolbar) -- C:\Documents and Settings\Diane\Application Data\Mozilla\Firefox\Profiles\x1lx8ebb.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546} [2010/06/24 07:41:45 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Diane\Application Data\Mozilla\Firefox\Profiles\x1lx8ebb.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011/04/04 12:51:36 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Diane\Application Data\Mozilla\Firefox\Profiles\x1lx8ebb.default\extensions\engine@conduit.com [2011/12/16 08:45:51 | 000,000,000 | ---D | M] (Facebook Toolbar) -- C:\Documents and Settings\Diane\Application Data\Mozilla\Firefox\Profiles\x1lx8ebb.default\extensions\firefox@facebook.com [2011/04/13 14:32:30 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Diane\Application Data\Mozilla\Firefox\Profiles\x1lx8ebb.default\extensions\personas@christopher.beard [2012/01/31 08:20:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/12/16 08:09:54 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF [2011/12/20 14:18:31 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2012/02/03 15:47:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2009/08/27 19:25:26 | 000,308,096 | ---- | M] (British Telecommunications Plc) -- C:\Program Files\mozilla firefox\plugins\npBTEmailConfig.dll [2011/12/20 14:18:28 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012/01/30 13:23:45 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/02/03 16:43:25 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml [2012/01/30 13:23:45 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language} CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\pdf.dll CHR - plugin: BT Broadband Support Tools (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npBTEmailConfig.dll CHR - plugin: getPlusPlus for Adobe 16263 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\ CHR - Extension: Google Search = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\ CHR - Extension: Email this page (by Google) = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dbeoemfhkdniadbojeencpkgmobndpai\1.2.5_0\ CHR - Extension: SiteAdvisor for Chrome = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dckheglehcdhpjkdmmmghbgkcdebhhae\1.0.2_0\ CHR - Extension: SiteAdvisor = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\ CHR - Extension: History Button = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fofpnhmbgmmeaialapfddhbhfongoinh\1.0\ CHR - Extension: Tab Saver = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmabnicpoccpllcbcioincnllkilhiah\0.8.2_0\ CHR - Extension: avast! WebRep = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\ CHR - Extension: Print = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd\2.0.1.8_0\ CHR - Extension: Print Plus = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jddhalnkfenmfffadkkghmamhikplbap\0.3_0\ CHR - Extension: Facebook Styler = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oibchndgminbbeopaejobnnajfjgkcnk\4.1.2_0\ CHR - Extension: Blog This! = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pengoopmcjnbflcjbmoeodbmoflcgjlk\0.0.8_0\ CHR - Extension: Gmail = C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\ O1 HOSTS File: ([2004/08/04 19:00:00 | 000,000,709 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\prxtbZon2.dll (Conduit Ltd.) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O2 - BHO: (ZoneAlarm Spy Blocker BHO) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\prxtbZon2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Toolbar) - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - C:\Program Files\ZoneAlarm_Security\prxtbZon2.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [btbb_McciTrayApp] C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe (Alcatel-Lucent) O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\zHotkey.exe () O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows ® Server 2003 DDK provider) O4 - HKLM..\Run: [iSW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe () O4 - HKLM..\Run: [soundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [sunKistEM] C:\Program Files\Digital Media Reader\shwiconEM.exe (Alcor Micro, Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [E0756EFBE3605F45893D325421255D7CCD786625._service_run] C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKCU..\Run: [EPSON SX218 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGDE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE () O4 - Startup: C:\Documents and Settings\Diane\Start Menu\Programs\Startup\Event Reminder.lnk = C:\Program Files\Mindscape\PrintMaster\PMREMIND.EXE () O4 - Startup: C:\Documents and Settings\Diane\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: internet ([]about in Internet) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.co.uk/s/v/44.11/uploader2.cab (UploadListView Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {EBB176D2-AF75-4706-832F-4C8448F72757} http://www.shopandscan.com/TNSClickrc.CAB (TNSClickerc.Clicker) O16 - DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} https://www.plaxo.com/activex/plx_upldr-2k-xp.cab (Plaxo Auto-Import Utility) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D404B6A-AB75-46EB-8DA0-6F6EDF5A0E02}: DhcpNameServer = 192.168.1.254 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Diane\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Diane\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/09/06 16:55:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2003/08/09 00:24:26 | 000,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012/02/22 09:24:41 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Diane\Desktop\OTL.scr [2012/02/21 14:09:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus [2012/02/21 14:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2012/01/26 14:36:01 | 010,625,632 | ---- | C] (Opera Software ASA) -- C:\Documents and Settings\Diane\Desktop\Opera_1161_int_Setup.exe [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/02/22 09:31:19 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DA921302-8CC3-4A38-A5A2-C7E64541B459}.job [2012/02/22 09:24:41 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Diane\Desktop\OTL.scr [2012/02/22 09:17:03 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3451306906-1080147370-583220059-1007UA.job [2012/02/22 08:16:08 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3451306906-1080147370-583220059-1007Core.job [2012/02/22 07:50:42 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2012/02/22 07:47:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/02/21 14:10:01 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk [2012/02/21 14:09:55 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012/02/21 13:47:33 | 064,207,032 | ---- | M] () -- C:\Documents and Settings\Diane\Desktop\setup_av_free_cnet.exe [2012/02/21 13:26:08 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/02/20 16:28:09 | 000,005,034 | ---- | M] () -- C:\WINDOWS\mozy.blk [2012/02/20 16:28:08 | 000,003,464 | ---- | M] () -- C:\WINDOWS\mozy.flt [2012/02/17 07:48:40 | 000,379,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/02/16 19:14:37 | 000,441,696 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012/02/16 19:14:37 | 000,071,632 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012/02/16 19:05:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012/02/16 08:21:10 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Diane\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012/02/16 08:21:09 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Diane\Desktop\Google Chrome.lnk [2012/02/09 16:04:33 | 000,056,961 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\paris2.jpg [2012/02/09 16:02:52 | 000,225,354 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\paris1.jpg [2012/02/09 13:43:51 | 005,403,172 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\honorecowl.pdf [2012/02/09 13:23:31 | 000,000,553 | -H-- | M] () -- C:\Documents and Settings\Diane\My Documents\Picasa.ini [2012/02/09 13:18:47 | 000,014,947 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\map2.jpeg [2012/02/09 12:52:37 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk [2012/02/09 12:51:55 | 002,972,615 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\map.jpg [2012/02/07 15:29:47 | 000,628,376 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\french.jpg [2012/02/03 14:26:15 | 002,519,308 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\sweetmuffinsuite_valentine_freedownload_postcard_final.pdf [2012/01/31 08:21:57 | 000,415,916 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml [2012/01/29 10:06:42 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/01/29 05:39:00 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/01/29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe [2012/01/26 14:38:23 | 010,625,632 | ---- | M] (Opera Software ASA) -- C:\Documents and Settings\Diane\Desktop\Opera_1161_int_Setup.exe [2012/01/25 22:56:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012/01/23 16:29:02 | 000,091,393 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\36169603226819901_WfhE5c9z_c.jpg [2012/01/23 16:25:08 | 000,052,657 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\5640a78385e94a327f6a59dce667-2.jpg [2012/01/23 16:25:08 | 000,052,657 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\5640a78385e94a327f6a59dce667-1.jpg [2012/01/23 16:25:08 | 000,052,657 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\5640a78385e94a327f6a59dce667.jpg [2012/01/23 11:38:04 | 000,460,730 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\DictionaryOld.jpg [2012/01/23 11:37:04 | 000,345,824 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\OldDesignShop_DictionaryWordsTreasure.jpg [2012/01/23 11:35:17 | 000,073,421 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\6a00e54f0a19ff883401157234df1f970b-500wi.jpg [2012/01/23 11:32:22 | 000,273,439 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\dic1.jpg [2012/01/23 11:29:57 | 000,460,730 | ---- | M] () -- C:\Documents and Settings\Diane\My Documents\blockhouses-byblow-q85-1019x868.jpg [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/02/21 14:10:01 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk [2012/02/21 13:42:37 | 064,207,032 | ---- | C] () -- C:\Documents and Settings\Diane\Desktop\setup_av_free_cnet.exe [2012/02/16 07:51:00 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/02/16 07:51:00 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll [2012/02/09 16:04:33 | 000,056,961 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\paris2.jpg [2012/02/09 16:02:51 | 000,225,354 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\paris1.jpg [2012/02/09 13:43:20 | 005,403,172 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\honorecowl.pdf [2012/02/09 13:18:40 | 000,014,947 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\map2.jpeg [2012/02/09 12:52:37 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk [2012/02/09 12:52:36 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk [2012/02/09 12:51:50 | 002,972,615 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\map.jpg [2012/02/07 15:29:46 | 000,628,376 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\french.jpg [2012/02/06 12:45:59 | 000,052,657 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\5640a78385e94a327f6a59dce667-2.jpg [2012/02/06 12:41:14 | 000,052,657 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\5640a78385e94a327f6a59dce667-1.jpg [2012/02/03 14:26:12 | 002,519,308 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\sweetmuffinsuite_valentine_freedownload_postcard_final.pdf [2012/01/29 10:06:22 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/01/23 16:29:01 | 000,091,393 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\36169603226819901_WfhE5c9z_c.jpg [2012/01/23 16:25:07 | 000,052,657 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\5640a78385e94a327f6a59dce667.jpg [2012/01/23 11:38:03 | 000,460,730 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\DictionaryOld.jpg [2012/01/23 11:37:04 | 000,345,824 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\OldDesignShop_DictionaryWordsTreasure.jpg [2012/01/23 11:35:16 | 000,073,421 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\6a00e54f0a19ff883401157234df1f970b-500wi.jpg [2012/01/23 11:32:21 | 000,273,439 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\dic1.jpg [2012/01/23 11:29:55 | 000,460,730 | ---- | C] () -- C:\Documents and Settings\Diane\My Documents\blockhouses-byblow-q85-1019x868.jpg [2011/05/12 18:03:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2011/05/03 08:31:19 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2010/07/02 17:46:46 | 000,055,808 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll [2010/07/02 17:46:44 | 000,441,705 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll ========== LOP Check ========== [2011/08/04 07:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\!SASCORE [2010/02/02 09:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2012/02/21 14:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2011/11/12 08:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CheckPoint [2011/06/20 09:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix [2011/05/11 16:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON [2010/10/07 14:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FUJIFILM [2009/09/16 13:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm [2009/01/03 16:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier [2011/05/11 16:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL [2009/01/02 14:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2009/03/16 18:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} [2009/04/06 17:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2010/11/13 17:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\Amazon [2010/07/02 10:04:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\CheckPoint [2011/05/12 08:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\EPSON [2009/01/20 14:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\GetRightToGo [2009/01/19 19:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\ICAClient [2009/01/30 18:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\ImgBurn [2010/12/14 16:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\JimbobSoft [2009/03/31 16:42:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\MailFrontier [2009/01/22 18:26:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\OpenOffice.org [2011/12/16 18:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\Opera [2009/01/19 19:15:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\Runaware [2009/01/02 14:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\SampleView [2009/02/11 12:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\Samsung [2009/05/12 13:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\Serif [2011/05/03 08:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\Smart Panel [2010/08/26 17:58:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\Spotify [2009/01/20 15:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Diane\Application Data\Template [2012/02/22 07:50:42 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job [2012/02/22 09:31:19 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DA921302-8CC3-4A38-A5A2-C7E64541B459}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2009/02/22 18:41:27 | 000,000,212 | ---- | M] () -- C:\.html [2004/09/06 16:55:37 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009/04/27 14:47:20 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2004/09/06 16:55:37 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009/05/02 12:58:16 | 000,004,460 | -H-- | M] () -- C:\ffastun.ffa [2009/05/02 12:58:10 | 000,491,520 | -H-- | M] () -- C:\ffastun.ffl [2009/05/02 12:58:14 | 000,180,224 | -H-- | M] () -- C:\ffastun.ffo [2009/05/02 12:58:10 | 001,675,264 | -H-- | M] () -- C:\ffastun0.ffx [2009/05/02 13:51:28 | 000,491,520 | ---- | M] () -- C:\ffastunT.ffl [2004/09/06 16:55:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009/01/02 14:49:19 | 000,000,743 | -H-- | M] () -- C:\IPH.PH [2011/06/23 11:57:17 | 000,057,199 | ---- | M] () -- C:\JCouponPrintLog.txt [2009/02/02 14:18:43 | 000,000,451 | ---- | M] () -- C:\LOG191.log [2004/09/06 16:55:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004/08/04 19:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2009/01/05 18:10:26 | 000,250,048 | RHS- | M] () -- C:\ntldr [2012/02/22 08:11:41 | 840,957,952 | -HS- | M] () -- C:\pagefile.sys [2009/01/02 14:50:00 | 000,000,391 | ---- | M] () -- C:\RtlAudio_Result.txt [2004/10/30 07:41:53 | 000,000,118 | ---- | M] () -- C:\SmartInstaller.log [2010/10/14 09:54:17 | 000,000,203 | ---- | M] () -- C:\twacker.log [1 C:\*.tmp files -> C:\*.tmp -> ] < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll > [2008/07/06 12:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\system32\*.exe /lockedfiles > [6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\System32\config\*.sav > [2004/09/06 09:43:30 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2004/09/06 09:43:30 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2004/09/06 09:43:29 | 000,860,160 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %PROGRAMFILES%\* > [2009/01/24 16:39:06 | 000,010,752 | ---- | M] () -- C:\Program Files\Holidays & Breaks List (4) 2005.wps < %USERPROFILE%\..|smtmp;true;true;true /FP > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -rb [2004/04/02 05:21:24 | 000,016,496 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -hb [2004/04/02 05:21:24 | 000,016,496 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -sb [2004/04/02 05:21:24 | 000,016,496 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AOL9~1.0\aol.exe [2004/04/02 05:21:54 | 000,038,000 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/03 15:47:17 | 000,834,800 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/03 15:47:17 | 000,834,800 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/03 15:47:17 | 000,834,800 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/02/03 15:47:23 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/02/03 15:47:23 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/03 15:47:23 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/12/16 12:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/12/16 12:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/12/16 12:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2012/01/26 14:45:00 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2012/01/26 14:45:00 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2012/01/26 14:45:00 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2012/01/26 14:45:00 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2012/01/26 14:45:00 | 000,949,104 | ---- | M] (Opera Software) < hklm\software\clients\startmenuinternet|command /64 /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -rb [2004/04/02 05:21:24 | 000,016,496 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -hb [2004/04/02 05:21:24 | 000,016,496 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AOL9~1.0\accdef.exe -sb [2004/04/02 05:21:24 | 000,016,496 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AOL9~1.0\aol.exe [2004/04/02 05:21:54 | 000,038,000 | ---- | M] (America Online, Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/03 15:47:17 | 000,834,800 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/03 15:47:17 | 000,834,800 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/03 15:47:17 | 000,834,800 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/02/03 15:47:23 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/02/03 15:47:23 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/03 15:47:23 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/12/16 12:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/12/16 12:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/12/16 12:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2012/01/26 14:45:00 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2012/01/26 14:45:00 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2012/01/26 14:45:00 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2012/01/26 14:45:00 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2012/01/26 14:45:00 | 000,949,104 | ---- | M] (Opera Software) < End of report >