My google page is corrupt

View previous topic View next topic Go down

My google page is corrupt

Post by t.s.white on Sun 08 Apr 2012, 12:51 pm

Google page loads but creates erroneous links to pages...

Here are my scan results:

OTL logfile created on: 4/7/2012 8:15:58 PM - Run 1
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\Shannon\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 52.89% Memory free
4.23 Gb Paging File | 2.87 Gb Available in Paging File | 67.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 88.90 Gb Free Space | 39.90% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.78 Gb Free Space | 67.82% Space Free | Partition Type: NTFS

Computer Name: WHITEHOUSE | User Name: Shannon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/07 20:14:20 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Shannon\Downloads\OTL.com
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/11/28 02:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/11/03 17:20:58 | 000,803,144 | ---- | M] (AVG) -- C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/10/10 06:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011/10/03 05:06:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
PRC - [2011/09/08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/04/25 03:24:16 | 000,726,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2011/04/25 03:22:40 | 000,305,088 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2011/04/22 07:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011/04/22 07:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/04/08 07:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/12/21 01:07:48 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2010/11/24 11:57:36 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/12/11 02:49:38 | 000,626,688 | ---- | M] () -- C:\Windows\Dell\PanelMgr\SSMMgr.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/12/12 19:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/12/12 19:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/11/13 14:43:49 | 000,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
PRC - [2008/03/13 13:05:06 | 000,128,256 | ---- | M] (Mattel Inc.) -- C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe
PRC - [2007/10/11 10:49:50 | 000,465,136 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe
PRC - [2007/07/23 01:27:00 | 004,452,352 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/05/25 12:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) -- C:\Program Files\Dell Network Assistant\hnm_svc.exe
PRC - [2006/11/02 07:34:44 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2006/10/20 18:23:38 | 000,118,784 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/15 04:42:33 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\65450889f3742aada2a6c0cf8e6173e3\System.Windows.Forms.ni.dll
MOD - [2012/02/15 04:42:22 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\137696d0416b65dbc1561152971488b4\System.Drawing.ni.dll
MOD - [2012/02/15 04:41:07 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2011/11/03 17:21:06 | 000,350,024 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup\madExcept_.bpl
MOD - [2011/11/03 17:21:06 | 000,184,136 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup\madBasic_.bpl
MOD - [2011/11/03 17:21:06 | 000,050,504 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup\madDisAsm_.bpl
MOD - [2011/10/12 19:40:01 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/06/29 10:50:52 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2009/12/11 02:49:38 | 000,626,688 | ---- | M] () -- C:\Windows\Dell\PanelMgr\SSMMgr.exe
MOD - [2008/12/12 19:11:26 | 000,148,480 | ---- | M] () -- C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
MOD - [2008/12/12 19:11:26 | 000,097,280 | ---- | M] () -- C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/04/02 12:00:27 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/04/22 07:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/12/12 19:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/11/13 14:43:49 | 000,204,800 | ---- | M] () [Auto | Running] -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/11 10:49:46 | 000,076,016 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe -- (DellAMBrokerService)
SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/25 12:38:46 | 000,112,176 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\Program Files\Dell Network Assistant\hnm_svc.exe -- (hnmsvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 06:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/22 18:52:02 | 000,035,392 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2011/09/13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 01:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 01:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/07/11 01:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/25 02:49:16 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2009/08/01 03:09:55 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.sys -- (SSPORT)
DRV - [2008/12/12 19:05:18 | 000,026,416 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2008/12/12 19:05:18 | 000,024,880 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2007/09/17 08:07:00 | 007,624,192 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/08/23 19:29:10 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\datunidr.sys -- (datunidr)
DRV - [2007/06/21 01:09:08 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/12/18 20:01:20 | 000,012,672 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\packet.sys -- (Packet)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys -- (PTproct)
DRV - [2004/03/10 16:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2002/03/19 10:29:16 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\Pclepci.sys -- (PCLEPCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{B6576C9C-2AE5-4E6F-81C9-A2B34469157A}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:7
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.6.2
FF - prefs.js..extensions.enabledItems: {28197867-b1ef-4140-8e3b-55c45b9c8460}:2.6.17
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:2.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {65e41d20-f092-41b7-bb83-c6e8a9ab0f57}:0.9.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:0.6.20101009
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Shannon\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Shannon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Shannon\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Shannon\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Shannon\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2009/12/26 08:35:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/24 11:57:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/02/01 10:45:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/29 09:54:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/12 14:45:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Shannon\AppData\Roaming\Move Networks [2010/02/19 17:49:40 | 000,000,000 | ---D | M]

[2009/09/15 05:06:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Extensions
[2009/03/23 09:13:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2012/03/27 00:01:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\oa585pf8.default\extensions
[2011/01/09 13:20:27 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\oa585pf8.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2010/07/05 19:15:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\oa585pf8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/16 16:42:36 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\oa585pf8.default\extensions\personas@christopher.beard
[2012/01/07 16:21:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\EXTENSIONS\{65E41D20-F092-41B7-BB83-C6E8A9AB0F57}.XPI
() (No name found) -- C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI
[2012/02/23 06:10:54 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/25 02:58:10 | 000,124,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2011/04/25 03:00:08 | 000,071,104 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2011/04/25 02:59:06 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2011/04/25 02:58:38 | 000,022,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/04/25 03:49:00 | 000,485,288 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2011/04/25 03:00:04 | 000,024,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2012/02/23 06:10:47 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/23 06:10:47 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Shannon\AppData\Local\Google\Chrome\Application\18.0.1025.151\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Shannon\AppData\Local\Google\Chrome\Application\18.0.1025.151\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Shannon\AppData\Local\Google\Chrome\Application\18.0.1025.151\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Shannon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Shannon\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Shannon\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Entanglement = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Angry Birds = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: Glow = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bekmjjakgojplnhahcilegeiklenjbgb\1.0\
CHR - Extension: YouTube = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Rapportive = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin\1.2.6_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
CHR - Extension: AVG Safe Search = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Poppit = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Boomerang for Gmail = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdkdbdadolokifeomchamhifddohomii\1.0_0\
CHR - Extension: Docs PDF/PowerPoint Viewer (by Google) = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.7_0\
CHR - Extension: Google Calendar Checker (by Google) = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek\1.2.2_0\
CHR - Extension: Gmail = C:\Users\Shannon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DACSMiniApp] C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe (Mattel Inc.)
O4 - HKLM..\Run: [Dell PanelMgr] C:\Windows\Dell\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DellAutomatedPCTuneUp] C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - [You must be registered and logged in to see this link.] Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: cernerworks.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: integris-health.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: integrisok.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} [You must be registered and logged in to see this link.] (Kodak Gallery Easy Upload Manager Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_03)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} [You must be registered and logged in to see this link.] (PopCapLoader Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.180.42.100 208.180.42.68
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B91ACB7-E6AF-4D5E-A20A-BA62371AB9BD}: DhcpNameServer = 208.180.42.100 208.180.42.68
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img2.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img2.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{e2e81723-e28a-11dd-9c22-001d097a8260}\Shell\AutoRun\command - "" = G:\slacker.synclauncher.exe
O33 - MountPoints2\{e2e81723-e28a-11dd-9c22-001d097a8260}\Shell\slacker\command - "" = G:\slacker.synclauncher.exe
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\G\Shell\phone\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe - (Eastman Kodak Company)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips GoGear VIBE Device Manager.lnk - C:\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe - (Philips)
MsConfig - StartUpReg: LaunchList - hkey= - key= - C:\Program Files\Pinnacle\Studio 9\LaunchList.exe (Pinnacle Systems)
MsConfig - StartUpReg: PinnacleDriverCheck - hkey= - key= - File not found
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B00441B2-CF00-A603-AF00-EDDB537DF16F} - C:\Windows\system32\My_Server.exe
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3acm - C:\Windows\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\Windows\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\Windows\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.voxacm160 - C:\Windows\System32\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\Windows\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.i420 - C:\Windows\System32\vdrcodec.dll (Pinnacle Systems)
Drivers32: VIDC.MJPG - C:\Windows\System32\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.PIM1 - C:\Windows\System32\pclepim1.dll (Pinnacle Systems)
Drivers32: vidc.XVID - C:\Windows\System32\xvid.dll ()

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2012/04/07 10:38:01 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{5100B273-9168-4C33-834D-A26D6EE8EB31}
[2012/04/07 10:37:50 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{0EE6FBE1-A995-4A45-B495-A227A74734C0}
[2012/04/06 22:37:14 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{69668739-2BEC-4EF9-AF10-D2BF4CBB8BC3}
[2012/04/06 22:36:59 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{ACE19DE3-53A3-4EFD-91CC-DCDBFF91ED83}
[2012/04/06 20:15:58 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Roaming\Malwarebytes
[2012/04/06 20:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/06 20:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/06 20:15:46 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/04/06 20:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/04/06 11:28:17 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Roaming\AVG
[2012/04/06 11:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011
[2012/04/06 10:36:25 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{0D6F8BDD-0419-43DB-9264-86608D749896}
[2012/04/06 10:36:15 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{2709911C-6C5C-4055-B64A-DF1785FD2DF2}
[2012/04/06 10:15:55 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/04/06 10:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Calendar Sync
[2012/04/06 09:50:05 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{75C2F6EC-46E5-4995-9AB0-3785CED67A27}
[2012/04/06 09:17:48 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{2F7B61BE-FE1F-4992-A75F-6BED28665D5E}
[2012/04/05 23:27:13 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{EE21B30C-B815-4A68-8E47-C7F794F9F15F}
[2012/04/05 23:26:54 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{2A53F22F-4D58-4E85-9C51-303A2254104F}
[2012/04/05 11:27:08 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{50937199-E81E-4224-AC1E-EA4F26FB3C7F}
[2012/04/05 11:26:57 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{6A077A8D-81D4-44CB-A4C0-1BAF00C172C8}
[2012/04/04 23:27:02 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{6CCF1668-6006-4B26-919F-13EEEEB3954B}
[2012/04/04 23:26:44 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{23CBB7F1-FC80-49BE-9316-8DF37A6231B5}
[2012/04/04 11:26:58 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{3C7012BE-7B61-46DE-AD12-DACF4920464D}
[2012/04/04 11:26:46 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{6A90417A-C89B-42D9-A3FE-DB2C268EB9C8}
[2012/04/03 23:27:37 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{DCC7F317-A580-429B-AAE0-1C005063EF89}
[2012/04/02 23:26:53 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{001177C8-8484-49C4-8CB2-DDA7784A9AA1}
[2012/04/02 11:26:47 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/04/02 11:26:07 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{D1BCD01C-C346-400D-A19E-D1C9F406CA29}
[2012/03/29 13:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/03/29 13:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/03/29 13:01:10 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/03/29 11:04:40 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{1B571B54-7513-4705-A7FF-60107A28670E}
[2012/03/29 10:15:44 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/03/28 08:47:27 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{1E5424AB-493B-431A-A01A-E487F5C77FC6}
[2012/03/28 08:47:15 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{536DBA53-0F31-4D46-992E-94AB864CDEF3}
[2012/03/27 19:32:19 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{6CAB2624-6A18-44EC-AE9D-F9102321F52E}
[2012/03/27 07:31:51 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{878B2CC0-7209-4581-AA61-403403459629}
[2012/03/26 19:31:17 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{44A78C10-E837-41D4-97A9-BC2F941E81BC}
[2012/03/26 07:30:47 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{C4CD0D5B-25EA-433A-B02F-F1EA78159A83}
[2012/03/25 19:29:50 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{D6D14F6C-6053-4F93-A9E5-9F4AD1EC8647}
[2012/03/25 07:29:24 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{3AFCE447-BB51-4B8C-BCC8-886CE6BA0542}
[2012/03/24 19:28:58 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{A044E2CB-7FD4-4D53-95D0-546920CC9FCF}
[2012/03/24 07:28:32 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{91762E53-E724-4ED1-BCD3-5FE2952D855E}
[2012/03/23 19:28:07 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{70EE3B55-B8D2-4AF3-9196-32D2A5F38D3A}
[2012/03/23 07:27:42 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{47C8C121-D4F9-4F3D-B440-E86B7F3E8042}
[2012/03/22 19:27:14 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{EE8FBB8B-E924-4E79-A18B-B508C2805D3A}
[2012/03/22 07:26:49 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{2CDAC745-2627-4A16-A9F3-9581B058F602}
[2012/03/21 19:26:22 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{7E55090A-14BA-4B57-A531-1A274D5268FC}
[2012/03/21 07:25:56 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{83AA2763-CCDA-4CAF-B8C3-2BAD41F3CDC6}
[2012/03/20 20:09:22 | 000,000,000 | ---D | C] -- C:\Program Files\Pantech
[2012/03/20 19:25:23 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{E0664652-164E-4553-8357-3E0D96B00576}
[2012/03/20 19:25:10 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{7413E2DB-A1D0-4245-AB79-C04B1F1CE559}
[2012/03/19 15:35:26 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{3CA2269C-C720-413B-84F8-FA840816D487}
[2012/03/19 15:35:14 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{89152C83-D2DD-4A01-AD1F-74BC7A2C498A}
[2012/03/19 09:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod(239)
[2012/03/19 09:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes(240)
[2012/03/19 03:34:45 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{ABAA2E89-8A18-492E-A2E1-5252568C947D}
[2012/03/18 15:34:17 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{04E8BE73-45CF-4603-851A-4F965AC8A5A9}
[2012/03/18 03:33:49 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{3382855B-16E7-41A3-A857-522A54EE03CD}
[2012/03/17 15:33:22 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{B034AB9B-876F-4BB6-A087-18967D24BA5F}
[2012/03/17 03:32:57 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{F0F34AA0-EFC7-4EB5-9F6C-81C7B5392982}
[2012/03/16 15:32:30 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{7518BD62-008D-4E77-842C-B8C0F0541006}
[2012/03/16 03:32:03 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{466D7E56-4639-486A-AC52-A74DA4901AAB}
[2012/03/15 15:31:37 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{8066EF25-8E2C-47CD-BD00-23A35EFDD0E6}
[2012/03/15 03:31:12 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{04C29C24-4A18-4E2F-909A-27A89FCABBDC}
[2012/03/15 03:31:01 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{EA880B94-F676-45C5-A6B5-CE03872D9489}
[2012/03/12 08:03:17 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{D532E256-66B4-48D7-BB30-D217F0C19522}
[2012/03/12 08:02:40 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{1699B978-EBFA-4805-83D5-293BC4B8508C}
[2012/03/11 18:42:19 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{DD249F65-9CFB-49D7-8B25-C1C4C3CD762F}
[2012/03/11 11:59:23 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{13BE8468-9502-4B5D-A796-2BB6151217BD}
[2012/03/11 11:58:24 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{AF234B54-2949-445D-A60A-101E246572D2}
[2012/03/09 08:11:17 | 000,000,000 | ---D | C] -- C:\Users\Shannon\AppData\Local\{E8D89A57-1CD5-4E05-97EF-A532A3E21874}
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

t.s.white

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2012-04-08
Operating System : Windows Vista Home

View user profile

Back to top Go down

Re: My google page is corrupt

Post by t.s.white on Sun 08 Apr 2012, 12:53 pm

(continuing OTL file)

========== Files - Modified Within 30 Days ==========

[2012/04/07 20:10:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2141495560-2666751768-628839216-1000UA.job
[2012/04/07 20:09:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/07 20:06:20 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/07 20:06:20 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/07 20:00:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/07 18:11:05 | 094,123,293 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/04/07 18:10:12 | 000,495,517 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/04/07 16:09:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/07 11:10:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2141495560-2666751768-628839216-1000Core.job
[2012/04/07 10:40:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/04/07 08:06:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/07 08:05:51 | 2145,570,816 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/07 08:04:41 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/04/06 19:57:00 | 000,620,130 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/04/06 19:57:00 | 000,109,204 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/04/06 11:26:38 | 000,000,961 | ---- | M] () -- C:\Users\Shannon\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2012/04/06 11:26:38 | 000,000,937 | ---- | M] () -- C:\Users\Shannon\Desktop\AVG PC Tuneup 2011.lnk
[2012/04/06 10:26:20 | 198,163,019 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/04/06 10:00:51 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\Google Calendar.lnk
[2012/04/06 10:00:50 | 000,001,993 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk
[2012/04/03 19:50:01 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\EasyShare Registration Task.job
[2012/04/02 12:00:27 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/04/02 12:00:27 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/03/30 09:28:20 | 000,870,128 | ---- | M] () -- C:\Users\Shannon\AppData\Roaming\mcs.rma
[2012/03/30 09:28:19 | 000,000,004 | ---- | M] () -- C:\Users\Shannon\AppData\Roaming\5A7433
[2012/03/29 13:02:53 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/29 12:52:45 | 000,000,039 | ---- | M] () -- C:\Windows\WININIT.INI
[2012/03/29 11:29:46 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjw.avm
[2012/03/28 10:16:17 | 000,008,268 | ---- | M] () -- C:\Users\Shannon\AppData\Local\d3d9caps.dat
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/06 11:26:38 | 000,000,961 | ---- | C] () -- C:\Users\Shannon\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2012/04/06 11:26:38 | 000,000,937 | ---- | C] () -- C:\Users\Shannon\Desktop\AVG PC Tuneup 2011.lnk
[2012/04/06 10:00:51 | 000,001,184 | ---- | C] () -- C:\Users\Public\Desktop\Google Calendar.lnk
[2012/04/06 10:00:50 | 000,001,993 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk
[2012/04/02 11:26:56 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/03/29 13:02:53 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/29 12:52:45 | 000,000,039 | ---- | C] () -- C:\Windows\WININIT.INI
[2012/03/29 10:14:30 | 198,163,019 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/03/28 09:18:46 | 2145,570,816 | -HS- | C] () -- C:\hiberfil.sys
[2011/03/06 19:23:57 | 000,000,035 | ---- | C] () -- C:\Windows\brassi.dat
[2010/10/07 05:26:22 | 000,484,592 | ---- | C] () -- C:\Windows\SSndii.exe
[2010/10/07 05:21:22 | 000,026,624 | ---- | C] () -- C:\Windows\System32\sdp1ml3.dll
[2010/07/23 14:23:26 | 000,406,016 | ---- | C] () -- C:\Windows\System32\PSDrvCheck.exe
[2010/07/23 11:24:42 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI
[2010/07/06 14:19:47 | 000,027,868 | ---- | C] () -- C:\Users\Shannon\AppData\Roaming\UserTile.png
[2010/06/20 06:13:39 | 000,004,096 | -H-- | C] () -- C:\Users\Shannon\AppData\Local\keyfile3.drm
[2010/06/04 08:33:41 | 000,000,000 | ---- | C] () -- C:\Users\Shannon\AppData\Local\prvlcl.dat

========== Custom Scans ==========

< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2001/02/04 00:41:12 | 000,759,296 | ---- | M] (Brian R Anderson) -- C:\Users\Shannon\Desktop\bubbloids.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2012/02/23 06:10:54 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2012/02/23 06:10:53 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2012/02/23 06:10:47 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2012/02/23 06:10:46 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2012/04/07 20:06:20 | 000,003,696 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/07 20:06:20 | 000,003,696 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2008/03/10 19:28:18 | 000,000,000 | ---D | M] -- C:\Program Files\A-Z
[2011/11/21 11:47:51 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/06/08 19:39:15 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/12/26 08:35:28 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2012/04/06 11:26:26 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2011/06/27 15:49:54 | 000,000,000 | ---D | M] -- C:\Program Files\Azureus
[2011/08/03 17:17:38 | 000,000,000 | ---D | M] -- C:\Program Files\beaTunes3
[2011/10/14 07:54:37 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/07/23 13:42:04 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2011/11/16 06:35:43 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2011/12/01 22:07:27 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2008/11/22 08:55:09 | 000,000,000 | ---D | M] -- C:\Program Files\Coupons
[2008/10/13 10:03:36 | 000,000,000 | ---D | M] -- C:\Program Files\Cozi Express
[2007/12/11 03:40:11 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2010/10/07 05:20:47 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2007/12/11 03:40:43 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Network Assistant
[2007/12/11 03:42:25 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2012/03/29 09:54:47 | 000,000,000 | ---D | M] -- C:\Program Files\DellAutomatedPCTuneUp
[2010/08/20 08:38:01 | 000,000,000 | ---D | M] -- C:\Program Files\Delmar Learning
[2009/09/13 07:07:28 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2008/02/23 19:01:23 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Decrypter
[2008/07/22 05:59:57 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Shrink
[2011/03/06 19:26:43 | 000,000,000 | ---D | M] -- C:\Program Files\Eyes Relaxing And Focusing 3.0
[2011/02/18 19:55:40 | 000,000,000 | ---D | M] -- C:\Program Files\Feedback Tool
[2008/12/26 09:24:51 | 000,000,000 | ---D | M] -- C:\Program Files\Fisher-Price
[2009/09/28 15:52:47 | 000,000,000 | ---D | M] -- C:\Program Files\Garmin
[2009/09/13 07:07:32 | 000,000,000 | ---D | M] -- C:\Program Files\Garmin GPS Plugin
[2012/04/06 10:00:33 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2008/01/09 11:54:12 | 000,000,000 | ---D | M] -- C:\Program Files\Grisoft
[2008/07/19 19:12:17 | 000,000,000 | ---D | M] -- C:\Program Files\ImgBurn
[2012/03/29 09:54:48 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2007/12/11 03:35:41 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2012/02/15 04:34:35 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2012/03/29 13:01:11 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2012/03/08 08:36:21 | 000,000,000 | ---D | M] -- C:\Program Files\iPod(120)
[2012/03/29 11:05:54 | 000,000,000 | ---D | M] -- C:\Program Files\iPod(239)
[2008/08/11 18:39:00 | 000,000,000 | ---D | M] -- C:\Program Files\IrfanView
[2012/03/29 13:02:44 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2012/03/08 08:37:53 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes(121)
[2012/03/19 09:45:17 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes(240)
[2011/11/03 23:16:13 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2012/04/06 12:40:51 | 000,000,000 | ---D | M] -- C:\Program Files\Jawbone
[2007/12/15 09:45:46 | 000,000,000 | ---D | M] -- C:\Program Files\Kodak
[2009/12/28 07:09:10 | 000,000,000 | ---D | M] -- C:\Program Files\Linksys
[2008/04/16 15:50:44 | 000,000,000 | ---D | M] -- C:\Program Files\LiveUpdate
[2008/03/10 19:44:48 | 000,000,000 | ---D | M] -- C:\Program Files\Magic Video Converter
[2012/04/06 20:15:53 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/23 03:02:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2011/07/13 19:09:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Analysis Services
[2006/11/02 07:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/07/13 19:17:02 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2012/02/27 19:16:29 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/04/04 16:55:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/06/26 03:03:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/08/03 16:52:34 | 000,000,000 | ---D | M] -- C:\Program Files\MixMeister BPM Analyzer
[2007/12/17 11:03:02 | 000,000,000 | ---D | M] -- C:\Program Files\Motorola
[2010/08/12 03:25:18 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2012/03/29 09:54:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 07:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2011/07/15 14:23:55 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2007/12/13 21:37:24 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/07/15 20:55:11 | 000,000,000 | ---D | M] -- C:\Program Files\Neuro-Programmer 3
[2011/01/18 09:36:58 | 000,000,000 | ---D | M] -- C:\Program Files\NORTON SECURITY SCAN
[2012/03/20 20:09:22 | 000,000,000 | ---D | M] -- C:\Program Files\Pantech
[2012/03/29 09:54:57 | 000,000,000 | ---D | M] -- C:\Program Files\Pinnacle
[2010/07/23 15:31:56 | 000,000,000 | ---D | M] -- C:\Program Files\Pinnacle Systems
[2012/03/29 09:54:59 | 000,000,000 | ---D | M] -- C:\Program Files\PopCap Games
[2011/11/03 04:44:10 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/11/24 11:58:05 | 000,000,000 | ---D | M] -- C:\Program Files\real
[2006/11/02 07:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/12/01 22:07:28 | 000,000,000 | ---D | M] -- C:\Program Files\Renaissance Learning
[2010/10/11 05:57:04 | 000,000,000 | ---D | M] -- C:\Program Files\Research In Motion
[2009/12/26 09:36:57 | 000,000,000 | ---D | M] -- C:\Program Files\Rhapsody
[2010/10/11 06:05:44 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2009/08/25 19:55:01 | 000,000,000 | ---D | M] -- C:\Program Files\Scrapboy Digital Media Corporation
[2012/03/29 09:55:00 | 000,000,000 | ---D | M] -- C:\Program Files\SmartSound Software
[2008/10/07 13:54:28 | 000,000,000 | ---D | M] -- C:\Program Files\SoundSpectrum
[2009/12/26 07:25:01 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom DesktopSuite
[2009/03/23 09:10:45 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom HOME
[2009/03/23 09:12:20 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom HOME 2
[2009/03/23 09:12:45 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom International B.V
[2009/09/15 08:51:22 | 000,000,000 | ---D | M] -- C:\Program Files\TweetDeck
[2006/11/02 07:58:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2007/12/23 10:37:42 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009/09/15 18:19:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/09/15 18:19:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/09/15 18:19:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2012/04/06 10:09:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2012/03/29 11:21:05 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/10/14 03:23:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 07:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/09/15 18:19:40 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/17 04:20:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2010/10/03 14:04:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2007/12/23 10:06:28 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2008/03/10 19:28:34 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid

< MD5 for: AGP440.SYS >
[2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2007/12/11 11:07:43 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\drivers\AGP440.sys
[2007/12/11 11:07:43 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys
[2007/12/11 11:07:43 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys
[2007/12/11 11:07:43 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 02:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 02:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2007/12/11 11:08:13 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
[2007/12/11 11:16:07 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=61CA2C1E145809813C28752298CF9843 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5da5d093\atapi.sys
[2007/12/11 11:16:07 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=61CA2C1E145809813C28752298CF9843 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20580_none_db8503133dc1c2af\atapi.sys
[2007/12/11 11:16:08 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=7EB55F6BEFB392BD312CD0CD5263305D -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_6c3af7d3\atapi.sys
[2007/12/11 11:16:08 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=7EB55F6BEFB392BD312CD0CD5263305D -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16470_none_db063634249c06f4\atapi.sys
[2007/12/11 11:08:06 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5a9555b4\atapi.sys
[2007/12/11 11:08:06 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20509_none_dbe4850d3d78c736\atapi.sys
[2007/12/11 11:08:13 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys
[2007/12/11 11:08:13 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys
[2008/02/13 16:50:05 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/02/13 16:50:05 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/02/13 16:50:05 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys
[2008/02/13 16:50:05 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: DISK.SYS >
[2009/04/11 01:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/11 01:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009/04/11 01:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/19 02:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/19 02:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTOR.SYS >
[2007/06/21 04:44:04 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Drivers\storage\R154092\iastor.sys
[2007/06/21 04:44:04 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\drivers\iaStor.sys
[2007/06/21 04:44:04 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3a63e5a6\iaStor.sys
[2007/06/21 04:44:04 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_5f6e7be5\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 02:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 02:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 02:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-03-29 16:32:20

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/23 06:10:47 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/23 06:10:47 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/23 06:10:47 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/02/23 06:10:53 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/02/23 06:10:53 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/23 06:10:53 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/04/10 19:07:12 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/04/10 19:07:12 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/04/10 19:07:12 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/10 19:07:14 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/04/10 19:07:14 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/23 06:10:47 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/23 06:10:47 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/23 06:10:47 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/02/23 06:10:53 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/02/23 06:10:53 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/23 06:10:53 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/04/10 19:07:12 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/04/10 19:07:12 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/04/10 19:07:12 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/10 19:07:14 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/04/10 19:07:14 | 000,748,336 | ---- | M] (Microsoft Corporation)

========== Files - Unicode (All) ==========
[2009/12/26 09:35:21 | 000,000,164 | ---- | M] ()(C:\Windows\System32\Ä%?%??) -- C:\Windows\System32\Ä%㎠%Ɏ
[2009/12/26 09:35:21 | 000,000,164 | ---- | C] ()(C:\Windows\System32\Ä%?%??) -- C:\Windows\System32\Ä%㎠%Ɏ

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Vogart-646-sample.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\U6G game schedule.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\The Soup Nazis Mexican Chicken Chili.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Taylors spelling words numb1.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\TaxReturn2008.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\TaxReturn2007.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Sandra Lee Bowles Coulter obituary.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Rules.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\RSVP for Bridal Shower.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Master Addresses for Bridal Shower_REVISED.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Master Addresses for Bridal Shower.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\junk file.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Jackson Bday videotape.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Jackson Bday Marquee.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Family Newsletter.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\ELURA 60 manual.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Dryer Owners Manual.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\civil complaint call.wma:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Cherokee St repair.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Camping List.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\Absent from School form.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Shannon\Documents\100Ways_Eat_less_calories.pdf:Roxio EMC Stream
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:157E1AD3
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:62E2D794

< End of report >

t.s.white

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2012-04-08
Operating System : Windows Vista Home

View user profile

Back to top Go down

Re: My google page is corrupt

Post by t.s.white on Sun 08 Apr 2012, 12:53 pm

OTL Extras logfile created on: 4/7/2012 8:15:58 PM - Run 1
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\Shannon\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 52.89% Memory free
4.23 Gb Paging File | 2.87 Gb Available in Paging File | 67.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 88.90 Gb Free Space | 39.90% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.78 Gb Free Space | 67.82% Space Free | Partition Type: NTFS

Computer Name: WHITEHOUSE | User Name: Shannon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{037E94DA-DC26-4C36-A4BE-0FB1B40321BB}" = lport=445 | protocol=6 | dir=in | name=microsoft directory services |
"{04F39C11-93A3-4410-8C9C-FB72B18E3102}" = lport=138 | protocol=17 | dir=in | app=system |
"{0CDDFE16-9C9D-48F9-865C-C6C54E4E89E0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=file and printer sharing (spooler service - rpc-epmap) |
"{19102DA6-070C-45B2-BDC9-954A4CDBA5A8}" = lport=10426 | protocol=17 | dir=in | name=singleclick icc |
"{1C21A990-6D3F-42AF-878E-606684D8AB4D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1C48997B-722B-4757-9EF3-F6C2895DE514}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{1D2684FA-B082-445C-AECC-30F8BE6913C0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{27EA488D-7A16-490B-8002-11EF92B11031}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{3CECABAE-0BD7-4526-99CB-21F25480BB18}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{455C0802-0E85-4583-9E51-0C56550A869A}" = rport=445 | protocol=6 | dir=out | app=system |
"{472CEC55-37EC-4393-8AEB-9416909746C3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4E6B5502-70FB-4DFA-A188-B6E2412C6F9C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{50D8E91A-170E-4E46-AF76-83B6A1B3FC75}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{58168033-38BF-40F3-A4B6-B706946FED6F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5A3888A6-1A12-433D-8910-1C81696C76B6}" = lport=139 | protocol=6 | dir=in | name=netbios file/printer sharing |
"{635267C8-4A70-4A39-BEAE-F5DEC5DFCBE4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{67E0EC4A-6F4E-42EF-8367-6BA79C4DEF2B}" = lport=137 | protocol=17 | dir=in | name=netbios name service |
"{6BCFD56D-36C1-4F59-AEB6-E8567134219A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{71A01914-2876-4C9A-AEFA-BF7E65B77B85}" = lport=10421 | protocol=17 | dir=in | name=singleclick discovery protocol |
"{7B2933F8-B2C4-41DE-A7A3-5ED276613EA6}" = rport=137 | protocol=17 | dir=out | app=system |
"{7D9BC441-137D-48BC-B7DD-730615C9DBA1}" = lport=137 | protocol=17 | dir=in | name=netbios name service |
"{8152179C-9348-440A-85CC-5F25ABE7E2DA}" = lport=10421 | protocol=17 | dir=in | name=singleclick discovery protocol |
"{86931EE7-0700-43BB-BAF3-F0F7937F6B81}" = lport=10426 | protocol=17 | dir=in | name=singleclick icc |
"{8DFCCE12-77F6-4470-AC84-090054B34AC6}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{9816CB61-D39D-4EB0-B587-C6937C858C66}" = rport=10243 | protocol=6 | dir=out | app=system |
"{98188A01-C1D3-4736-9A61-144794095B94}" = rport=139 | protocol=6 | dir=out | app=system |
"{9820D03B-0789-4B46-85DA-D9D1BC0168E8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9D72DF08-3062-47E2-A1F3-BD3314E55090}" = lport=138 | protocol=17 | dir=in | name=netbios datagram service |
"{A426AE69-15A5-47C9-A03B-8BDE651EE585}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B32BFA7F-820B-43A7-AF36-BDE39BF3F385}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B343DFBF-C3AA-4506-88A9-D209C3D149CE}" = lport=139 | protocol=6 | dir=in | app=system |
"{B46F0C44-FE76-448F-A9FA-12B2D676BF30}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1870CFF-F1C1-4717-B1EC-02028546A7C9}" = lport=137 | protocol=17 | dir=in | app=system |
"{CDB355B6-D4A9-48CC-B091-64F12E4006FF}" = lport=139 | protocol=6 | dir=in | name=netbios file/printer sharing |
"{D4463FC5-0792-4BF9-ADF7-64C2FE679956}" = rport=138 | protocol=17 | dir=out | app=system |
"{DBAAC4AA-CB76-41F6-82B8-A371203E9D01}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DD94754E-886E-4B4B-A8A3-63C6BB36C7EE}" = lport=445 | protocol=6 | dir=in | app=system |
"{E9363BCD-1C6B-4C67-9516-F63D528452F9}" = lport=445 | protocol=6 | dir=in | name=microsoft directory services |
"{F34715AA-C2F8-4CC8-9E77-8CD53AFADA13}" = lport=138 | protocol=17 | dir=in | name=netbios datagram service |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08F2F98F-2487-42E4-8BC9-A9FBB4EAE697}" = protocol=6 | dir=in | app=c:\program files\dell network assistant\ezi_hnm2.exe |
"{0F3F2A47-1B28-431D-B8B7-D37479524BDD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1134B4FF-D9AD-4E97-A731-E3E89EF23936}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{13C669E9-4563-4920-B149-1EC0DA2ED5BC}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{1A7BD7BF-4A54-45EC-BAC7-89689874D064}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{2420A54C-C2F5-4B8B-8FA5-B8F1E9492710}" = protocol=1 | dir=out | name=file and printer sharing (echo request - icmpv4-out) |
"{25B434EB-DD92-485E-8AB7-74878B054AF2}" = protocol=6 | dir=out | app=system |
"{3C3BC89C-F49D-49A8-A7A4-AD18AECF9305}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3DC92D45-5F0B-4EA4-B15A-730DA49B24A1}" = protocol=17 | dir=in | app=c:\program files\google\google calendar sync\googlecalendarsync.exe |
"{3EDB2437-65C9-4EEE-AEB4-E4DA704DA63C}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{466DE771-3BBB-4AF4-886C-485FCAA44DF3}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{48C96533-E7D8-4C3E-B103-99AAC315A5C6}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4BD97C51-865F-4FA6-A3B3-C3BA21CB5B79}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{4F34BAD4-D63D-4B49-B964-2E3CC9A04127}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{50AAF57C-99EF-4154-A106-EEC5A5811DDA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{558AAF9F-013A-4F8B-B8C0-3F808EA24798}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{57C60E41-7FBC-45E4-B161-CCDEFACAD56A}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{60DE38E4-0326-49A9-B3C6-61821A2DE889}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{63AB9485-2BEC-4408-9BFE-DCDDC1834873}" = protocol=6 | dir=in | app=c:\program files\google\google calendar sync\googlecalendarsync.exe |
"{6D9F9B44-8983-4A23-9D3F-9E6EE258814A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{716B42A0-E862-40F6-BA05-A938EBD92D2D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{75A16195-8ADA-418B-86E8-CAB4A9886F97}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{85213758-12CE-4C60-99CD-F212C9984AC9}" = protocol=1 | dir=in | name=file and printer sharing (echo request - icmpv4-in) |
"{8B2208D4-407F-4531-8DB8-8898FB18F90C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{8CA3223A-CE25-4094-AF71-5477F8CA76E4}" = protocol=58 | dir=out | name=file and printer sharing (echo request - icmpv6-out) |
"{8ED2B208-EA8E-4E8C-B25D-38DA7CF3C7DD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{90026F64-DCF2-4AD1-9E34-4331A9C491C8}" = protocol=17 | dir=in | app=c:\program files\dell network assistant\ezi_hnm2.exe |
"{90155ABE-EF22-41E7-8BA9-4D479C00B09B}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{93F7E0E9-F72F-415A-8542-5C1B620433AD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{94BD5771-3232-40C9-A8FE-570571311D27}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{96E5212D-38D3-45C0-B1BD-B3579BA4EC92}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{981023E6-3745-48C2-BDF4-20D71508D81E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9932AEE3-1D48-4659-AC60-57E0AF6DABA0}" = protocol=17 | dir=in | app=c:\program files\jawbone\jawboneupdater.exe |
"{9956449F-2548-4B88-911B-B0F09CB814D4}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{9ABAA33A-7AAE-4017-8949-B20AE4BF72BA}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9AE9C280-3C68-44C8-B2F0-0D187A361256}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ABA503C9-338A-4B99-A4CF-EBD9716A8038}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{AE660D61-96C2-450F-B1F9-79ADCF3BB488}" = protocol=58 | dir=in | name=file and printer sharing (echo request - icmpv6-in) |
"{B994ED96-116E-4259-8A95-1A8917815EBC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CE8C66B2-9B21-48F7-A87F-AE10D99927B8}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D086C81F-8280-4DDE-AD4E-F0C01379822D}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{D121ADC4-3D46-4D5A-8D8C-32DEF8C595F0}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{DB319BED-AD51-4C73-B40A-FB22681A9924}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{DBC07574-541F-45C0-A3FE-12D7631C6B3B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E374B4E8-7931-4BF4-9692-9723FF63D33D}" = protocol=6 | dir=in | app=c:\program files\dell network assistant\ezi_hnm2.exe |
"{E863AC30-17AE-4E8A-A027-27AC0B05B557}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{F835508B-5DDE-42DC-AC48-7CF64C397578}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F97145E6-66AA-4C41-8391-DEF7D2E8F625}" = protocol=6 | dir=in | app=c:\program files\jawbone\jawboneupdater.exe |
"{FB0F4098-CC26-4803-B916-5A5DDE3D4053}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FC383E34-511E-43BC-839B-4FE63A288DE1}" = protocol=17 | dir=in | app=c:\program files\dell network assistant\ezi_hnm2.exe |
"TCP Query User{171F96BC-61F8-4D80-9B84-B37A0F18FE12}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{1FFB7DAE-3716-44EB-9890-A45F18D6EEE8}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{4DF5440C-3E84-4C12-866A-032B6BF16D8C}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{7C2647B9-D238-4643-81F3-76F109E316B3}C:\program files\kodak\kodak easyshare software\bin\easyshare.exe" = protocol=6 | dir=in | app=c:\program files\kodak\kodak easyshare software\bin\easyshare.exe |
"TCP Query User{A6A106EB-8737-4A0A-B659-A0DD40C5B58B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{A870E633-2BDB-4E96-821E-C414F5E2BB48}C:\program files\rhapsody\rhapsody.exe" = protocol=6 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"TCP Query User{BAEB5775-B02B-4565-9F70-C7C52B8D69CD}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{C779E149-5145-4F86-8023-A763EA7A982E}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"TCP Query User{CD0D3299-8C84-43F6-9D0C-79D33343455B}C:\users\shannon\appdata\roaming\macromedia\flash player\[You must be registered and logged in to see this link.] = protocol=6 | dir=in | app=c:\users\shannon\appdata\roaming\macromedia\flash player\[You must be registered and logged in to see this link.] |
"TCP Query User{D47E547F-C861-4D47-9443-B25CE8E125DA}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{063A2C8A-9F03-4D68-AE0C-98574541B9B6}C:\users\shannon\appdata\roaming\macromedia\flash player\[You must be registered and logged in to see this link.] = protocol=17 | dir=in | app=c:\users\shannon\appdata\roaming\macromedia\flash player\[You must be registered and logged in to see this link.] |
"UDP Query User{0E3D6FEB-F43F-42FE-8FEC-3670219A98B3}C:\program files\kodak\kodak easyshare software\bin\easyshare.exe" = protocol=17 | dir=in | app=c:\program files\kodak\kodak easyshare software\bin\easyshare.exe |
"UDP Query User{1C5731D1-1371-421A-8814-150A0C94CF75}C:\program files\rhapsody\rhapsody.exe" = protocol=17 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"UDP Query User{4AC045C0-2673-4303-B532-7632C61A3CE1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{8B343098-1B09-4D74-9B02-026EFA76C063}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"UDP Query User{8B6F7333-E78A-484B-AD56-78841BE3F9CB}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{E338C9C3-2882-48E7-A302-4CCD1E16C89B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{F8CE5085-6FDE-4CBF-8F29-144FAA2482F5}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{FD538205-253C-42BE-A90C-ECE9EBD99BEC}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{0240BDFB-2995-4A3F-8C96-18D41282B716}" = Dell Network Assistant
"{033931C9-23DC-41B1-80D8-75FFC38855A5}" = Fluent Reader RP Student
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = QualxServ Service Agreement
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{16976C6C-F8D5-4317-9DE8-1F6352B66725}" = RAW Image Task
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety
"{26BDE7D8-93F0-4A07-AD47-1707DB417941}" = Camera Support Core Library
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{38FFFD17-81AD-49EE-80F0-12DF92162DD2}_is1" = EyesRelaxingAndFocusing 3.0
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{54B207B9-B183-4A12-B329-01D35C9F83DE}" = Cozi
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5DBC79DA-87D2-376D-A65D-B14097C06C71}" = Google Talk Plugin
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{641DD3D8-8028-DEB5-2C41-8F2422F964E3}" = TweetDeck
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7170F93F-6B61-4DC1-A664-0E222744CEC7}" = Citrix online plug-in (DV)
"{75685CA8-0B74-45BB-9C64-744A0FB79EDC}" = Business Tools Launcher
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7D542452-84EB-47C0-97BA-735C523AB555}" = Garmin Training Center
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{821DC151-4691-4E26-AE7E-522921D0FD54}" = RemoteCapture Task
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8ACE0437-ABC8-42EE-A165-D5ADD81A1BD3}" = Pixie registration fix
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{91490409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Primary Interop Assemblies
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{930240B3-F09F-4725-8820-7C7480104351}" = AVG 2012
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007C-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Facebook 32-bit
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{983338D4-D972-4C58-AA6D-B81445070451}" = The Digital Arts and Crafts Studio
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB85A4DB-357F-41B5-94A6-C9A4CBBD791B}" = DV Network Software
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AE66F944-596A-4D09-9A1C-DAF3DE836991}" = Citrix online plug-in (HDX)
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}" = Camera Window
"{B3C9A441-C34D-40F3-9D3B-00EDDDAC74F1}" = Garmin Communicator Plugin
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B700113B-24A8-4D4C-8484-0CC944F764C8}" = Google SketchUp 8
"{BEF56F2D-56ED-4176-BF72-7B68D4A3B98D}" = Canon PhotoRecord
"{BF2A74BF-8D12-47F1-8B19-22B30AF6B0D1}" = Linksys EasyLink Advisor
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CC8E0363-B20C-4792-8A1C-8DF5E01B68A6}" = GoGear VIBE Device Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D641760F-FE66-4655-99B9-59A451F2FFAB}" = Citrix online plug-in (USB)
"{D6A1E429-CCE1-4140-A615-710B806D12BA}" = Motorola Driver Installation 3.2.0
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE286975-ACF1-45B8-9EF7-34E162B2C817}" = MovieEdit Task
"{DE659AC8-EEF0-4115-AA0C-6500D194FB10}" = Garmin Training Center v5
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E623BB3F-F7ED-4148-BEB5-A0D1DB28B4DE}" = Media Converter for Philips
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}" = PhotoStitch
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{F9F0C5D5-AAE5-45FA-95C2-CA1EE0FA067A}" = Citrix online plug-in (Web)
"{FBDBC490-089D-4476-BF72-1F7A6368200A}" = Pure Networks Platform
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE34691C-4298-4667-9758-D7F534DD0B94}" = Dell Automated PC TuneUp
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG" = AVG 2012
"A-Z Video Converter Ultimate_is1" = A-Z Video Converter Ultimate 7.82
"Azureus Vuze" = Azureus Vuze
"beaTunes3" = beaTunes 3.0.3
"Bejeweled 3" = Bejeweled 3
"Bejeweled Twist 1.0" = Bejeweled Twist 1.0
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Dell 1130 Laser Printer" = Dell 1130 Laser Printer
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"Google Calendar Sync" = Google Calendar Sync
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"ImgBurn" = ImgBurn
"InstallShield_{16976C6C-F8D5-4317-9DE8-1F6352B66725}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{26BDE7D8-93F0-4A07-AD47-1707DB417941}" = Canon Camera Support Core Library
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{821DC151-4691-4E26-AE7E-522921D0FD54}" = Canon RemoteCapture Task for ZoomBrowser EX
"InstallShield_{AB85A4DB-357F-41B5-94A6-C9A4CBBD791B}" = DV Network Software
"InstallShield_{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}" = Canon Camera Window for ZoomBrowser EX
"InstallShield_{DE286975-ACF1-45B8-9EF7-34E162B2C817}" = Canon MovieEdit Task for ZoomBrowser EX
"InstallShield_{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}" = Canon Utilities PhotoStitch 3.1
"Jawbone Updater" = Jawbone Updater
"Linksys EasyLink Advisor" = Linksys EasyLink Advisor
"Magic Video Converter_is1" = Magic Video Converter 8.0.8.25
"Mahjong Escape: Ancient Japan 1.0.0.1" = Mahjong Escape: Ancient Japan 1.0.0.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
"Mozilla Firefox 10.0.2 (x86 en-US)" = Mozilla Firefox 10.0.2 (x86 en-US)
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.SingleImage" = Microsoft Office Professional 2010
"Picasa 3" = Picasa 3
"PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
"RealPlayer 12.0" = RealPlayer
"Relaxing Ocean V3" = Relaxing Ocean V3 Screen Saver
"Rhapsody" = Rhapsody
"StudyWARE to accompany Cardiopulmonary Anatomy a~37F67D74_is1" = StudyWARE to accompany Cardiopulmonary Anatomy and Physiology V
"TomTom HOME" = TomTom HOME 2.8.2.2264
"VLC media player" = VLC media player 1.1.10
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"XviD" = XviD MPEG-4 Codec
"Xvid_is1" = Xvid 1.1.3 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/7/2012 9:10:16 PM | Computer Name = WhiteHouse | Source = Windows Search Service | ID = 3013
Description =

Error - 4/7/2012 9:10:16 PM | Computer Name = WhiteHouse | Source = Windows Search Service | ID = 3013
Description =

Error - 4/7/2012 9:10:18 PM | Computer Name = WhiteHouse | Source = Windows Search Service | ID = 3013
Description =

Error - 4/7/2012 9:10:18 PM | Computer Name = WhiteHouse | Source = Windows Search Service | ID = 3013
Description =

Error - 4/7/2012 9:10:20 PM | Computer Name = WhiteHouse | Source = Windows Search Service | ID = 3013
Description =

Error - 4/7/2012 9:10:20 PM | Computer Name = WhiteHouse | Source = Windows Search Service | ID = 3013
Description =

Error - 4/7/2012 9:10:21 PM | Computer Name = WhiteHouse | Source = Windows Search Service | ID = 3013
Description =

Error - 4/7/2012 9:10:21 PM | Computer Name = WhiteHouse | Source = Windows Search Service | ID = 3013
Description =

Error - 4/7/2012 9:21:20 PM | Computer Name = WhiteHouse | Source = SPP | ID = 16387
Description =

Error - 4/7/2012 9:21:20 PM | Computer Name = WhiteHouse | Source = System Restore | ID = 8193
Description =

[ System Events ]
Error - 4/7/2012 4:56:24 AM | Computer Name = WhiteHouse | Source = Service Control Manager | ID = 7043
Description =

Error - 4/7/2012 4:59:20 AM | Computer Name = WhiteHouse | Source = Service Control Manager | ID = 7000
Description =

Error - 4/7/2012 4:59:20 AM | Computer Name = WhiteHouse | Source = Service Control Manager | ID = 7000
Description =

Error - 4/7/2012 8:38:15 AM | Computer Name = WhiteHouse | Source = DCOM | ID = 10010
Description =

Error - 4/7/2012 8:38:35 AM | Computer Name = WhiteHouse | Source = Service Control Manager | ID = 7043
Description =

Error - 4/7/2012 8:41:39 AM | Computer Name = WhiteHouse | Source = Service Control Manager | ID = 7000
Description =

Error - 4/7/2012 8:41:39 AM | Computer Name = WhiteHouse | Source = Service Control Manager | ID = 7000
Description =

Error - 4/7/2012 9:04:32 AM | Computer Name = WhiteHouse | Source = Service Control Manager | ID = 7043
Description =

Error - 4/7/2012 9:07:20 AM | Computer Name = WhiteHouse | Source = Service Control Manager | ID = 7000
Description =

Error - 4/7/2012 9:07:20 AM | Computer Name = WhiteHouse | Source = Service Control Manager | ID = 7000
Description =


< End of report >

t.s.white

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2012-04-08
Operating System : Windows Vista Home

View user profile

Back to top Go down

Re: My google page is corrupt

Post by t.s.white on Sun 08 Apr 2012, 12:54 pm

Results of screen317's Security Check version 0.99.32
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
AVG 2012
AVG PC Tuneup
AVG 2012
StudyWARE to accompany Cardiopulmonary Anatomy and Physiology V
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

AVG PC Tuneup
Java(TM) SE Runtime Environment 6
Java(TM) 6 Update 3
Java version out of date!
Adobe Flash Player 11.2.202.228
Adobe Reader X (10.1.2)
Mozilla Firefox 10.0.2 Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
``````````End of Log````````````

t.s.white

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2012-04-08
Operating System : Windows Vista Home

View user profile

Back to top Go down

Re: My google page is corrupt

Post by Superdave on Mon 09 Apr 2012, 5:33 am

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
*********************************************
Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: My google page is corrupt

Post by t.s.white on Mon 09 Apr 2012, 12:16 pm

SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 04/08/2012 at 07:42 PM

Application Version : 5.0.1146

Core Rules Database Version : 8424
Trace Rules Database Version: 6236

Scan type : Complete Scan
Total Scan Time : 02:59:44

Operating System Information
Windows Vista Home Basic 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 779
Memory threats detected : 0
Registry items scanned : 34896
Registry threats detected : 33
File items scanned : 234747
File threats detected : 369

Adware.HBHelper
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32#ThreadingModel
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ProgID
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\TypeLib
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\VersionIndependentProgID
HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKCR\URLSearchHook.ToolbarURLSearchHook.1
HKCR\URLSearchHook.ToolbarURLSearchHook.1\CLSID
HKCR\URLSearchHook.ToolbarURLSearchHook
HKCR\URLSearchHook.ToolbarURLSearchHook\CLSID
HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0
HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0
HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0\win32
HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\FLAGS
HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\HELPDIR

PUP.MyWebSearch/FunWebProducts
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version

Browser Hijacker.Deskbar
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version

Adware.Tracking Cookie
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\DGEL45L0.txt [ /atdmt.com ]
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\U7GV53K5.txt [ /trafficmp.com ]
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\DYZ9AQKU.txt [ /doubleclick.net ]
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\JZQRZZ9Q.txt [ /ad.yieldmanager.com ]
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\4M7P4TVP.txt [ /2o7.net ]
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\YLEKTRH7.txt [ /invitemedia.com ]
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\3ZSQCXPY.txt [ /specificclick.net ]
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\XWANCDKW.txt [ /media6degrees.com ]
C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Cookies\QX0PYCCK.txt [ /microsoftwllivemkt.112.2o7.net ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\2QHD7NYK.txt [ Cookie:shannon@fastclick.net/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\S7TXRKJ3.txt [ Cookie:shannon@click.get-answers-fast.com/ads-clicktrack/click/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\9NEWLYHN.txt [ Cookie:shannon@admarketplace.net/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\G88UWRJM.txt [ Cookie:shannon@apmebf.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\E99HT3O2.txt [ Cookie:shannon@interclick.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\37RZGZBP.txt [ Cookie:shannon@traffic.prod.cobaltgroup.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\GT1B1YQG.txt [ Cookie:shannon@casalemedia.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\PZ8JJVTY.txt [ Cookie:shannon@bizzclick.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\RT9NEGCX.txt [ Cookie:shannon@doubleclick.net/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\H7CEUN8W.txt [ Cookie:shannon@dmtracker.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\OQDSO06R.txt [ Cookie:shannon@adbrite.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\NY2LOEP8.txt [ Cookie:shannon@statcounter.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\DQTGMYBB.txt [ Cookie:shannon@collective-media.net/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\5WJRYITD.txt [ Cookie:shannon@tribalfusion.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\G5FSRINX.txt [ Cookie:shannon@[You must be registered and logged in to see this link.] ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\R1MKYZRM.txt [ Cookie:shannon@bridge1.admarketplace.net/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q5N34TO8.txt [ Cookie:shannon@accounts.google.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\BPEU4995.txt [ Cookie:shannon@legolas-media.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\NZHP7GAK.txt [ Cookie:shannon@ad.yieldmanager.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\EILBZXTS.txt [ Cookie:shannon@advertising.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\G4IFT99K.txt [ Cookie:shannon@ru4.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q084JFHX.txt [ Cookie:shannon@at.atwola.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\UYZXLOLU.txt [ Cookie:shannon@invitemedia.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\XO6AXT90.txt [ Cookie:shannon@insightexpressai.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\53AKX18G.txt [ Cookie:shannon@revsci.net/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\2XWGDVLP.txt [ Cookie:shannon@media6degrees.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\0M9MV2ZP.txt [ Cookie:shannon@kanoodle.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z84J2YQ7.txt [ Cookie:shannon@kontera.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\ITIV6SJV.txt [ Cookie:shannon@lucidmedia.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\CV43YI51.txt [ Cookie:shannon@a1.interclick.com/ ]
C:\USERS\SHANNON\AppData\Roaming\Microsoft\Windows\Cookies\Low\F7Y731YR.txt [ Cookie:shannon@zedo.com/ ]
C:\USERS\SHANNON\Cookies\U7GV53K5.txt [ Cookie:shannon@trafficmp.com/ ]
C:\USERS\SHANNON\Cookies\DYZ9AQKU.txt [ Cookie:shannon@doubleclick.net/ ]
C:\USERS\SHANNON\Cookies\JZQRZZ9Q.txt [ Cookie:shannon@ad.yieldmanager.com/ ]
C:\USERS\SHANNON\Cookies\YLEKTRH7.txt [ Cookie:shannon@invitemedia.com/ ]
C:\USERS\SHANNON\Cookies\XWANCDKW.txt [ Cookie:shannon@media6degrees.com/ ]
C:\USERS\SHANNON\Cookies\QX0PYCCK.txt [ Cookie:shannon@microsoftwllivemkt.112.2o7.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\O3HQVV9I.txt [ Cookie:tom@[You must be registered and logged in to see this link.] ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\1710R4HI.txt [ Cookie:tom@pointroll.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\MECCIE2O.txt [ Cookie:tom@serving-sys.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\LO4O7E4G.txt [ Cookie:tom@imrworldwide.com/cgi-bin ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y4VU5YDQ.txt [ Cookie:tom@atdmt.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\4AY0TLS7.txt [ Cookie:tom@2o7.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\09SXMIBC.txt [ Cookie:tom@invitemedia.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\0UVP88N7.txt [ Cookie:tom@statcounter.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\JVJOBTK1.txt [ Cookie:tom@doubleclick.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\JOCF47NE.txt [ Cookie:tom@ads.pointroll.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\RBKLS0DJ.txt [ Cookie:tom@mediaite.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\NKY6H3QW.txt [ Cookie:tom@collective-media.net/ ]
.atdmt.com [ C:\USERS\SHANNON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\SHANNON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\SHANNON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SHANNON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\SHANNON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\SHANNON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\SHANNON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
acvs.mediaonenetwork.net [ C:\USERS\SHANNON\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\SHANNON\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8ETERC24 ]
media.thewb.com [ C:\USERS\SHANNON\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\SHANNON\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8ETERC24 ]
dcl.wdpromedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CH696UUJ ]
.invitemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.akamai.interclickproxy.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.msnportal.112.2o7.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.virgopublishing.112.2o7.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.www.burstnet.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
tracking.callmeasurement.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
tracking.callmeasurement.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
tracking.callmeasurement.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
sales.liveperson.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
sales.liveperson.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.clickbooth.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.s.clickability.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.s.clickability.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
stats.adotube.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
a.visualrevenue.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.247realmedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.247realmedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
tracking.oggifinogi.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.survey.g.doubleclick.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
srv.clickfuse.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
srv.clickfuse.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
srv.clickfuse.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.traveladvertising.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.traveladvertising.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
lovecomm.rotator.hadj7.adjuggler.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
lovecomm.rotator.hadj7.adjuggler.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
lovecomm.rotator.hadj7.adjuggler.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
network.realmedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
network.realmedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.media2.legacy.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.media2.legacy.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.hitbox.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ehg-emmiscommunications.hitbox.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.hitbox.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
f.blogads.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.kanoodle.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
z.blogads.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
click.get-answers-fast.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
server.iad.liveperson.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
bridge1.admarketplace.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.admarketplace.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.avgtechnologies.112.2o7.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.bizzclick.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.c.gigcount.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.warnerbros.112.2o7.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
mediaservices-d.openxenterprise.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SHANNON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OA585PF8.DEFAULT\COOKIES.SQLITE ]
cdn.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JZTQN9UP ]
cdn2.baronsmedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JZTQN9UP ]
content.yieldmanager.edgesuite.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JZTQN9UP ]
convoad.technoratimedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JZTQN9UP ]
core.insightexpressai.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JZTQN9UP ]
crackle.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JZTQN9UP ]
i.adultswim.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JZTQN9UP ]
media1.break.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JZTQN9UP ]
objects.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JZTQN9UP ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JZTQN9UP ]
sftrack.searchforce.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JZTQN9UP ]
tag.2bluemedia.hiro.tv [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JZTQN9UP ]

Trojan.Agent/Gen-MultiC
C:\PROGRAMDATA\MICROSOFT\WINDOWS\DRM\BB73.TMP
C:\USERS\SHANNON\APPDATA\LOCAL\TEMP\LOW\BE90.TMP

Adware.CouponBar
C:\USERS\SHANNON\APPDATA\LOCAL\TEMP\LOW\CPNPRT2.CID

t.s.white

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2012-04-08
Operating System : Windows Vista Home

View user profile

Back to top Go down

Re: My google page is corrupt

Post by t.s.white on Mon 09 Apr 2012, 7:40 pm

Malwarebytes Anti-Malware 1.60.1.1000
[You must be registered and logged in to see this link.]

Database version: v2012.04.09.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Shannon :: WHITEHOUSE [administrator]

4/8/2012 8:27:54 PM
mbam-log-2012-04-08 (20-27-54).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 478388
Time elapsed: 3 hour(s), 48 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

t.s.white

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2012-04-08
Operating System : Windows Vista Home

View user profile

Back to top Go down

Re: My google page is corrupt

Post by Superdave on Tue 10 Apr 2012, 5:41 am

Download Combofix from any of the links below, and save it to your DESKTOP.

Link 1
Link 2
Link 3

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: My google page is corrupt

Post by t.s.white on Tue 10 Apr 2012, 6:46 am

ComboFix 12-04-09.05 - Shannon 04/09/2012 14:15:15.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2045.944 [GMT -5:00]
Running from: c:\users\Shannon\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Public\HijackThis.exe
c:\users\Shannon\AppData\Local\assembly\tmp
c:\users\Shannon\AppData\Local\assembly\tmp\L6O3IXCR\VaultServiceProxy.DLL
c:\users\Shannon\AppData\Local\Microsoft\Windows\Temporary Internet Files\{4CD1DB12-6723-4A91-8F1E-0D8861E4B918}.xps
c:\windows\system32\RENB0B6.tmp
c:\windows\system32\uninstall.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-03-09 to 2012-04-09 )))))))))))))))))))))))))))))))
.
.
2012-04-09 19:27 . 2012-04-09 19:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-09 19:27 . 2012-04-09 19:27 -------- d-----w- c:\users\Tom\AppData\Local\temp
2012-04-09 19:27 . 2012-04-09 19:27 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-04-08 21:39 . 2012-04-08 21:39 -------- d-----w- c:\users\Shannon\AppData\Roaming\SUPERAntiSpyware.com
2012-04-08 21:39 . 2012-04-08 21:39 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-04-07 13:03 . 2012-04-07 13:03 -------- d-----w- c:\users\Public\backups
2012-04-07 01:15 . 2012-04-07 01:15 -------- d-----w- c:\users\Shannon\AppData\Roaming\Malwarebytes
2012-04-07 01:15 . 2012-04-09 01:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-07 01:15 . 2011-12-10 20:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-06 16:28 . 2012-04-06 16:29 -------- d-----w- c:\users\Shannon\AppData\Roaming\AVG
2012-04-06 15:15 . 2012-04-06 15:15 -------- d-----w- c:\windows\en
2012-04-06 15:14 . 2012-03-08 23:32 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-04-06 15:07 . 2012-04-06 15:07 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\eee206ef1cd140603\MeshBetaRemover.exe
2012-04-06 15:06 . 2012-04-06 15:06 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\db77ef2f1cd140602\DSETUP.dll
2012-04-06 15:06 . 2012-04-06 15:06 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\db77ef2f1cd140602\DXSETUP.exe
2012-04-06 15:06 . 2012-04-06 15:06 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\db77ef2f1cd140602\dsetup32.dll
2012-04-02 16:26 . 2012-04-02 17:00 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-29 18:01 . 2012-03-29 18:01 -------- d-----w- c:\program files\iPod
2012-03-29 18:01 . 2012-03-29 18:02 -------- d-----w- c:\program files\iTunes
2012-03-29 15:49 . 2012-01-31 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-03-21 01:09 . 2012-03-21 01:09 -------- d-----w- c:\program files\Pantech
2012-03-11 20:10 . 2012-03-11 20:10 -------- d-----w- c:\users\Guest\AppData\Roaming\ICAClient
2012-03-11 20:10 . 2012-03-11 20:10 -------- d-----w- c:\users\Guest\AppData\Local\Citrix
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-02 17:00 . 2011-06-04 14:29 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-08 23:50 . 2012-03-08 23:50 49016 ----a-w- c:\windows\system32\sirenacm.dll
2012-03-08 23:37 . 2012-03-08 23:37 302448 ----a-w- c:\windows\WLXPGSS.SCR
2012-02-15 16:01 . 2012-02-15 16:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-15 16:01 . 2012-02-15 16:01 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-01-12 19:52 . 2012-02-14 23:49 2044416 ----a-w- c:\windows\system32\win32k.sys
2011-04-25 07:58 . 2011-04-25 07:58 124864 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
2011-04-25 08:48 . 2011-04-25 08:48 13760 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2011-04-25 08:00 . 2011-04-25 08:00 71104 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2011-04-25 07:59 . 2011-04-25 07:59 92096 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2011-04-25 07:58 . 2011-04-25 07:58 22976 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2011-04-25 07:57 . 2011-04-25 07:57 255936 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2011-04-25 07:58 . 2011-04-25 07:58 32192 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2011-04-25 07:58 . 2011-04-25 07:58 40896 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2011-04-25 07:51 . 2011-04-25 07:51 898480 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2011-04-25 08:00 . 2011-04-25 08:00 24512 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2012-02-23 11:10 . 2011-04-10 19:08 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-06-29 15:50 . 2009-11-25 20:42 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellAutomatedPCTuneUp"="c:\program files\DellAutomatedPCTuneUp\PTAgnt.exe" [2007-10-11 465136]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-11 68856]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-05-25 17920]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-23 4452352]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-29 30192]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-10-10 16384]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-09-17 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-17 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-17 81920]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"DACSMiniApp"="c:\program files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe" [2008-03-13 128256]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-13 642856]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"Dell PanelMgr"="c:\windows\Dell\PanelMgr\SSMMgr.exe" [2009-12-11 626688]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2010-11-24 274608]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2011-04-25 305088]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-31 460872]
.
c:\users\Shannon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips GoGear VIBE Device Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Philips GoGear VIBE Device Manager.lnk
backup=c:\windows\pss\Philips GoGear VIBE Device Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchList]
2004-08-09 23:24 45056 ----a-w- c:\program files\Pinnacle\Studio 9\LaunchList.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2004-03-10 21:26 406016 ----a-w- c:\windows\System32\PSDrvCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2011-04-22 12:21 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 253600]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 17:00]
.
2012-04-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-11 02:20]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-24 00:08]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-24 00:08]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2141495560-2666751768-628839216-1000Core.job
- c:\users\Shannon\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 15:13]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2141495560-2666751768-628839216-1000UA.job
- c:\users\Shannon\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 15:13]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: cernerworks.com
Trusted Zone: google.com
Trusted Zone: integris-health.com
Trusted Zone: integrisok.com
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
TCP: DhcpNameServer = 208.180.42.100 208.180.42.68
FF - ProfilePath - c:\users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\oa585pf8.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_ActiveSetup-{B00441B2-CF00-A603-AF00-EDDB537DF16F} - c:\windows\system32\My_Server.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\Shannon\AppData\Roaming\Macromedia\Flash Player\[You must be registered and logged in to see this link.]
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2012-04-09 14:31
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-04-09 14:37:58
ComboFix-quarantined-files.txt 2012-04-09 19:37
.
Pre-Run: 94,579,351,552 bytes free
Post-Run: 95,346,835,456 bytes free
.
- - End Of File - - AA672E0FE3F885FE434142C57393BDF3

t.s.white

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2012-04-08
Operating System : Windows Vista Home

View user profile

Back to top Go down

Re: My google page is corrupt

Post by Superdave on Tue 10 Apr 2012, 10:06 am

You should not have Trusted zones for the reasons listed below.

Internet Explorer's security is based upon a set of zones. Each zone has different security in terms of what scripts and applications can be run from a site that is in that zone. There is a security zone called the Trusted Zone. This zone has the lowest security and allows scripts and applications from sites in this zone to run without your knowledge. It is therefore a popular setting for malware sites to use so that future infections can be easily done on your computer without your knowledge as these sites will be in the Trusted Zone. Therefore, I recommend that nothing be allowed in the trusted zone. If you agree, please do the following.Please place a check mark next to this/these line/lines.
If you agree, please do this:

Please download: HiJackThis to your Desktop.

  • Double Click the HijackThis icon, located on your Desktop.
  • By Default, it will install to: C:\Program Files\Trend Micro\HijackThis
  • Accept the license agreement.
  • Click the Open the Misc Tools section button.
  • Click Select [B]Do a system scan only

    Place a check mark next to the following entries: (if there)

    Trusted Zone: cernerworks.com
    Trusted Zone: google.com
    Trusted Zone: integris-health.com
    Trusted Zone: integrisok.com
    Trusted Zone: real.com\rhap-app-4-0
    Trusted Zone: real.com\rhapreg


    Important: Close all open windows except for HijackThis and then click Fix checked.

    Once completed, exit HijackThis.

***************************************************
Let's run a few more scans to see what turns up.

Please download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it



Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



On completion of the scan click save log, save it to your desktop and post in your next reply
********************************************************
SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

[You must be registered and logged in to see this link.]

Unzip it into a folder on your desktop.

  • Double click Sysprot.exe to start the program.
  • Click on the Log tab.
  • In the Write to log box select the following items.

    • Process << Selected
    • Kernel Modules << Selected
    • SSDT << Selected
    • Kernel Hooks << Selected
    • IRP Hooks << NOT Selected
    • Ports << NOT Selected
    • Hidden Files << Selected

  • At the bottom of the page

    • Hidden Objects Only << Selected

  • Click on the Create Log button on the bottom right.
  • After a few seconds a new window should appear.
  • Select Scan Root Drive. Click on the Start button.
  • When it is complete a new window will appear to indicate that the scan is finished.
  • The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: My google page is corrupt

Post by Sponsored content Today at 5:50 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum