Need Help uninstalling iLivid
I mistakedly downloaded iLivid and need help removing . I followed the preliminary instructions and I saved the dds to my desktop but can't seem to copy and paste it to this post.When my wife gets home I'll see if she can help post it to this thread.Thanks in advance for your help, Bruce
Please see attachment
OTL.txt and Extras.txt that you required
OTL logfile created on: 12/21/2011 7:45:35 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Bruce\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.94 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 42.84% Memory free
4.11 Gb Paging File | 2.61 Gb Available in Paging File | 63.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.79 Gb Total Space | 108.17 Gb Free Space | 48.55% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.69 Gb Free Space | 56.86% Space Free | Partition Type: NTFS
Computer Name: BRUCE-PC | User Name: Bruce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/12/21 19:42:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
PRC - [2011/12/06 05:17:56 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/11/15 06:40:23 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/11/12 12:49:09 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/09/06 12:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 12:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe
PRC - [2011/01/05 20:21:00 | 000,025,984 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2010/10/12 12:21:30 | 001,693,464 | ---- | M] (ParetoLogic) -- C:\Program Files\ParetoLogic\FileCure\FileCure.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/02/18 23:33:08 | 000,809,488 | ---- | M] (Logitech, Inc.) -- C:\Program Files\SetPoint\SetPoint.exe
PRC - [2009/02/18 23:30:36 | 000,059,920 | ---- | M] (Logitech Inc.) -- C:\Program Files\SetPoint\LBTWiz.exe
PRC - [2009/02/18 23:30:20 | 000,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
PRC - [2009/02/18 23:28:52 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/11/19 09:47:24 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/10/28 16:42:30 | 000,156,968 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2008/02/25 11:38:12 | 000,595,184 | ---- | M] ( ) -- C:\Windows\System32\dldtcoms.exe
PRC - [2007/03/09 11:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2007/02/08 00:16:24 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
========== Modules (No Company Name) ==========
MOD - [2011/10/31 08:37:30 | 000,088,976 | ---- | M] () -- C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll
MOD - [2011/10/14 14:51:46 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011/10/13 20:38:24 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011/10/13 20:38:04 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011/10/13 20:37:54 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011/10/13 20:37:27 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8adb45c62e4c797bd4c706afe9e8bfb9\System.Core.ni.dll
MOD - [2011/10/13 20:37:21 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\231b0b42eff55de5c7d7debe555c16b7\PresentationFramework.Aero.ni.dll
MOD - [2011/10/13 20:37:19 | 014,328,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\94f892556ec9fa7a508fc9d214ceaedf\PresentationFramework.ni.dll
MOD - [2011/10/13 20:36:54 | 012,216,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53f949f4664bb316f9b7a00d73a6e290\PresentationCore.ni.dll
MOD - [2011/10/13 20:36:33 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd2c727bcef2e019eb96c1145f423701\WindowsBase.ni.dll
MOD - [2011/10/13 20:36:25 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011/10/13 20:35:05 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/12/23 07:33:30 | 000,047,616 | ---- | M] () -- C:\Program Files\Uniblue\RegistryBooster\cache.dll
MOD - [2010/08/14 10:58:52 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2009/02/18 23:30:20 | 000,121,360 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/11/19 09:47:24 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/10/28 16:42:30 | 000,156,968 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/08/24 18:23:27 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/02/25 15:38:16 | 000,099,568 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldtserv.exe -- (dldtCATSCustConnectService)
SRV - [2008/02/25 11:38:12 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dldtcoms.exe -- (dldt_device)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/19 11:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
========== Driver Services (SafeList) ==========
DRV - [2011/12/03 08:35:04 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111221.019\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/12/03 08:35:04 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/12/03 08:35:04 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111221.019\NAVENG.SYS -- (NAVENG)
DRV - [2011/11/14 14:28:02 | 000,819,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111221.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/11/09 05:53:45 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/10/15 14:18:40 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/10/14 21:43:08 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111220.001\IDSvix86.sys -- (IDSVix86)
DRV - [2011/03/30 22:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0501000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 22:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 19:39:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0501000.01D\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2011/03/14 21:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/27 01:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\SYMDS.SYS -- (SymDS)
DRV - [2010/11/15 20:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2008/12/18 22:43:48 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/12/18 22:43:40 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/12/16 01:43:48 | 000,054,400 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GzOFVsp.sys -- (GzOFVsp)
DRV - [2008/12/16 01:43:48 | 000,054,400 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GzOFMdm.sys -- (GzOFMdm)
DRV - [2008/12/16 01:43:48 | 000,033,408 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GzOFBus.sys -- (GzOFBus)
DRV - [2007/05/01 07:26:26 | 000,131,368 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007/05/01 07:26:26 | 000,102,696 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/03/05 03:07:46 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/02/08 00:16:26 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/12/20 14:31:34 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2006/12/07 23:25:00 | 004,456,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006/11/01 18:50:00 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/10/18 13:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011/10/19 04:54:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_4_3 [2011/12/21 06:45:21 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent File not found
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter File not found
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\..Trusted Ranges: GD ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{936F5662-F742-42F8-9394-D480B27297A0}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) -C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) -C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Users\Bruce\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Bruce\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/21 19:42:15 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
[2011/12/16 07:57:37 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/12/16 07:57:35 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/12/16 07:57:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/12/16 07:57:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/12/16 07:57:34 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/12/16 07:57:32 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/12/15 19:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/12/15 19:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/15 19:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/12/15 10:30:19 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/12/15 10:30:18 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/12/15 10:30:15 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/12/15 10:30:13 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/12/15 10:30:11 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/12/15 10:30:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/12/12 21:07:39 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Desktop\New Folder (3)
[2011/12/12 10:53:32 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Local\Ilivid Player
[2011/12/12 10:52:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
[2011/12/12 10:52:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
[2011/12/12 10:52:26 | 000,000,000 | ---D | C] -- C:\Program Files\iLivid
[2011/12/12 10:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2011/12/06 18:28:27 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Desktop\New Folder
[2011/11/29 18:57:04 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Desktop\New Folder (2)
[2008/09/06 13:06:55 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\DLDThcp.dll
[2008/09/06 13:06:47 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldtinpa.dll
[2008/09/06 13:06:46 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldtiesc.dll
[2008/09/06 13:06:44 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\dldtusb1.dll
[2008/09/06 13:06:43 | 001,105,920 | ---- | C] ( ) -- C:\Windows\System32\dldtserv.dll
[2008/09/06 13:06:42 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\dldtprox.dll
[2008/09/06 13:06:41 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\dldtpmui.dll
[2008/09/06 13:06:40 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\dldtlmpm.dll
[2008/09/06 13:06:37 | 000,320,752 | ---- | C] ( ) -- C:\Windows\System32\dldtih.exe
[2008/09/06 13:06:36 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\dldthbn3.dll
[2008/09/06 13:06:32 | 000,595,184 | ---- | C] ( ) -- C:\Windows\System32\dldtcoms.exe
[2008/09/06 13:06:31 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\dldtcomc.dll
[2008/09/06 13:06:31 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\dldtcomm.dll
[2008/09/06 13:06:29 | 000,365,808 | ---- | C] ( ) -- C:\Windows\System32\dldtcfg.exe
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/12/21 19:42:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
[2011/12/21 19:40:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/21 19:00:03 | 000,000,290 | -H-- | M] () -- C:\Windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2011/12/21 18:45:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/21 18:45:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/21 18:00:02 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2011/12/21 16:40:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/21 14:00:09 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/12/21 06:51:34 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/21 06:51:34 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/12/21 06:48:44 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\FileCure Startup.job
[2011/12/21 06:48:44 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2011/12/21 06:45:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/20 22:53:28 | 000,002,714 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/12/20 17:55:24 | 024,664,064 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mb
[2011/12/20 17:55:23 | 047,326,208 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mbb
[2011/12/16 08:17:58 | 000,313,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/15 19:04:55 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/12/12 10:52:36 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2011/12/09 22:08:06 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Bruce.job
[2011/12/05 18:38:18 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/12/02 08:34:49 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\Documents\ATT00682.jpg
[2011/12/01 15:10:45 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2011/12/01 15:10:45 | 000,001,854 | ---- | M] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/12/01 15:10:01 | 000,001,245 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2011/11/29 18:56:44 | 000,144,448 | ---- | M] () -- C:\Users\Bruce\Desktop\100_9973.jpg
[2011/11/29 18:56:44 | 000,139,387 | ---- | M] () -- C:\Users\Bruce\Desktop\101_0126.jpg
[2011/11/29 18:56:44 | 000,081,941 | ---- | M] () -- C:\Users\Bruce\Desktop\101_0641.jpg
[2011/11/27 21:01:06 | 000,145,530 | ---- | M] () -- C:\Users\Bruce\Desktop\100_0524.jpg
[2011/11/23 08:37:27 | 002,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/12/15 19:04:54 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/12/12 10:52:36 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2011/12/02 08:34:48 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\Documents\ATT00682.jpg
[2011/11/29 18:56:44 | 000,144,448 | ---- | C] () -- C:\Users\Bruce\Desktop\100_9973.jpg
[2011/11/29 18:56:44 | 000,139,387 | ---- | C] () -- C:\Users\Bruce\Desktop\101_0126.jpg
[2011/11/29 18:56:44 | 000,081,941 | ---- | C] () -- C:\Users\Bruce\Desktop\101_0641.jpg
[2011/11/27 21:01:06 | 000,145,530 | ---- | C] () -- C:\Users\Bruce\Desktop\100_0524.jpg
[2011/05/18 16:59:52 | 000,001,940 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2009/09/16 18:25:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/16 18:25:32 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/11/17 17:34:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/09/06 13:08:36 | 000,017,648 | ---- | C] () -- C:\Windows\System32\dldtwupd.exe
[2008/09/06 13:08:32 | 000,102,400 | ---- | C] () -- C:\Windows\System32\dldtwupd.dll
[2008/09/06 13:07:02 | 000,348,160 | ---- | C] () -- C:\Windows\System32\DLDTinst.dll
[2008/09/06 13:06:45 | 000,520,192 | ---- | C] () -- C:\Windows\System32\dldtutil.dll
[2008/09/06 13:06:39 | 000,180,224 | ---- | C] () -- C:\Windows\System32\dldtinsb.dll
[2008/09/06 13:06:39 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dldtjswr.dll
[2008/09/06 13:06:38 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldtins.dll
[2008/09/06 13:06:38 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dldtinsr.dll
[2008/09/06 13:06:35 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldtgrd.dll
[2008/09/06 13:06:33 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldtcub.dll
[2008/09/06 13:06:33 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldtcu.dll
[2008/09/06 13:06:33 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldtcur.dll
[2008/02/21 19:41:24 | 000,782,336 | ---- | C] () -- C:\Windows\System32\dldtdrs.dll
[2008/02/19 21:25:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\dldtcaps.dll
[2008/01/22 01:05:12 | 000,077,906 | ---- | C] () -- C:\Windows\System32\dldtcfg.dll
[2007/12/12 20:32:40 | 000,360,448 | ---- | C] () -- C:\Windows\System32\dldtcoin.dll
[2007/11/13 18:13:10 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dldtcnv4.dll
[2007/10/13 08:29:19 | 000,033,792 | ---- | C] () -- C:\Users\Bruce\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/13 08:21:35 | 000,002,714 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/04/28 13:41:50 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dldtvs.dll
[2006/11/10 08:26:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,313,424 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,264 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,103,964 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
========== LOP Check ==========
[2008/03/30 13:01:26 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Leadertech
[2010/12/10 19:35:37 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\PCDr
[2009/01/29 18:44:10 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Skinux
[2010/08/15 07:12:49 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Tific
[2011/01/05 20:20:57 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Uniblue
[2011/06/12 02:56:52 | 000,000,364 | ---- | M] () -- C:\Windows\Tasks\FileCure Default.job
[2011/12/21 06:48:44 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\FileCure Startup.job
[2011/12/21 18:00:02 | 000,000,444 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2011/04/01 04:43:00 | 000,000,418 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job
[2011/12/05 18:38:18 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/12/21 06:48:44 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2011/12/20 22:53:18 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/12/21 14:00:09 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
[2010/09/03 20:24:56 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{40FFB3E6-5C62-43BA-803E-82D3168ED07A}.job
[2011/12/21 19:00:03 | 000,000,290 | -H-- | M] () -- C:\Windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 804 bytes -> C:\Users\Bruce\Documents\Fwd_ [Fwd_ FW_ S.Y.B.S.T.D.].eml:OECustomProperty
< End of report >
OTL Extras logfile created on: 12/21/2011 7:45:35 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Bruce\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.94 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 42.84% Memory free
4.11 Gb Paging File | 2.61 Gb Available in Paging File | 63.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.79 Gb Total Space | 108.17 Gb Free Space | 48.55% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.69 Gb Free Space | 56.86% Space Free | Partition Type: NTFS
Computer Name: BRUCE-PC | User Name: Bruce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\ParetoLogic\FileCure\FileCure_noapp.exe %1 (ParetoLogic)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C71FE6-FD48-485C-AF13-3808DC87F217}" = rport=138 | protocol=17 | dir=out | app=system |
"{0614EFC1-D649-4348-9388-4DDE71007316}" = rport=139 | protocol=6 | dir=out | app=system |
"{143FB136-D8E0-4AA0-B5A9-8C8D8064AABD}" = lport=137 | protocol=17 | dir=in | app=system |
"{41937103-B807-4395-82F0-5DF463440BDE}" = rport=137 | protocol=17 | dir=out | app=system |
"{4B351C59-02A7-4868-81B3-0AEB069AB52A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{63D50AA6-4DCA-4A6B-B677-8088ED6F04BF}" = lport=445 | protocol=6 | dir=in | app=system |
"{6AE72094-FDDC-4ACD-BE11-0B837B2B8841}" = lport=138 | protocol=17 | dir=in | app=system |
"{7CC836D6-6F69-43B3-B802-11CFD279CB06}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{87829809-6925-44EC-B0F4-9FD38BD5424C}" = rport=445 | protocol=6 | dir=out | app=system |
"{AAAA0641-7FD8-4D52-83A0-F02BE7821F5C}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011558CB-9AD7-43BA-9799-60F9CC69854D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{078680B7-2530-4CDC-A0F3-6259239A5BE1}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{0C01E7FA-7331-4A63-81A7-22B4F6980655}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{1890D10E-D950-4AB2-8144-2ABBBB54D52A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{33A24A0A-DABD-49BD-8E2D-5C47809F5D7B}" = protocol=6 | dir=in | app=c:\program files\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
"{34980A69-2428-46A5-AAB5-3EA8BA49BF92}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3A4F0DC8-415B-48D7-BAD8-612A8EFD67BA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3C2F3189-ACE2-4514-AC48-BA372DCA9BBD}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{548FE892-E2C1-4734-9622-CDC154D8950A}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{56D766BF-352A-4538-A6ED-210C372318B2}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{5AF716DF-7D29-476C-9B19-47C1AC2E9A23}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{680F9F34-4315-4B4B-9BC5-DD706129F1ED}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{6E3C1CE7-99DA-4F6C-A4D1-81B6581ADABD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{84C0CD36-566D-4FBA-8BC7-8CFD02AD49A1}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{936A5380-2522-4AB3-AF91-F5B127DC6F4F}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{A2BA0F5E-0619-47FF-874A-AD28EE49D254}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A764267E-DFFB-4736-A41F-2A30D2444975}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{A8A24D1E-68FC-4065-8C3E-A22C7F14B4A9}" = protocol=6 | dir=in | app=c:\program files\dell v305\frun.exe |
"{B9AEF5AB-16EA-447E-BC82-78B3832C8520}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{BAAE4544-A02D-42C3-8D4E-05CF6655B595}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{BFCDC973-B85D-4568-B17B-0A367E15011A}" = protocol=17 | dir=in | app=c:\program files\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
"{C3C84773-D758-480E-A42B-40A86D8CD75A}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{C4B812CF-49A9-4FC5-A0D8-7D71AD891495}" = protocol=17 | dir=in | app=c:\program files\dell v305\frun.exe |
"{D295D8C1-4942-4798-9DEC-3BC89FD808D2}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{D58EA2EE-3ABF-4C74-9B1E-63F73876DEF3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EFFEC8CA-527A-4187-A197-0EA5FA88C14D}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{F061D39C-4EA5-4406-A2CB-F89E392DC400}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F4ACB043-CE5C-4E51-8754-58F695A6084D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{23170F69-40C1-2701-0920-000001000000}" = 7-Zip 9.20
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9060B698-2B29-4A1F-B876-BEAC4C0A25D5}" = KhalSetup
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93762E6-8EA6-4E7F-9557-64E51AA3AB84}" = CASIO USB Driver V1.0.8003.1229
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{C1C441C4-57FA-4950-BDBA-BABFBAA2AA39}" = ParetoLogic FileCure
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Boxster Models" = Boxster Models 1.0
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"Dell Support Center" = Dell Support Center
"Dell V305" = Dell V305
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ieSpell" = ieSpell
"iLivid" = iLivid
"InstallShield_{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"N360" = Norton Security Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"Windows Searchqu Toolbar" = Windows iLivid Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2519207516-3531264281-3220632969-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MS AntiSpyware 2009 5.7" = MS AntiSpyware 2009
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/18/2011 3:00:04 PM | Computer Name = Bruce-PC | Source = Perflib | ID = 1010
Description =
Error - 12/18/2011 3:00:06 PM | Computer Name = Bruce-PC | Source = Perflib | ID = 1008
Description =
Error - 12/19/2011 3:00:05 PM | Computer Name = Bruce-PC | Source = Perflib | ID = 1010
Description =
Error - 12/20/2011 3:00:04 PM | Computer Name = Bruce-PC | Source = Perflib | ID = 1010
Description =
Error - 12/20/2011 3:00:05 PM | Computer Name = Bruce-PC | Source = Perflib | ID = 1008
Description =
Error - 12/20/2011 5:30:59 PM | Computer Name = Bruce-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1b0c Start Time: 01ccbf568d9c36e7 Termination Time: 16
Error - 12/20/2011 11:46:13 PM | Computer Name = Bruce-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 12/21/2011 11:17:32 AM | Computer Name = Bruce-PC | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "č Ą.. "
Error - 12/21/2011 3:00:05 PM | Computer Name = Bruce-PC | Source = Perflib | ID = 1010
Description =
Error - 12/21/2011 3:00:06 PM | Computer Name = Bruce-PC | Source = Perflib | ID = 1008
Description =
[ Dell Events ]
Error - 12/11/2010 8:29:21 AM | Computer Name = Bruce-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 12/11/2010 8:29:21 AM | Computer Name = Bruce-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 12/11/2010 8:37:42 AM | Computer Name = Bruce-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 12/11/2010 8:37:42 AM | Computer Name = Bruce-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 1/9/2011 9:44:01 PM | Computer Name = Bruce-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 1/9/2011 9:44:01 PM | Computer Name = Bruce-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 7/14/2011 9:18:25 PM | Computer Name = Bruce-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
[ Media Center Events ]
Error - 12/16/2007 6:54:04 PM | Computer Name = Bruce-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 12/16/2007 8:41:56 PM | Computer Name = Bruce-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/24/2008 6:49:07 PM | Computer Name = Bruce-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 5/29/2008 7:09:17 PM | Computer Name = Bruce-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 6/1/2008 6:51:43 PM | Computer Name = Bruce-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 6/4/2008 6:34:19 AM | Computer Name = Bruce-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 6/8/2008 2:18:22 PM | Computer Name = Bruce-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 6/8/2008 9:16:15 PM | Computer Name = Bruce-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 7/22/2008 5:49:06 PM | Computer Name = Bruce-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 1/17/2009 6:35:28 PM | Computer Name = Bruce-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 12/20/2011 9:52:38 AM | Computer Name = Bruce-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12/20/2011 9:52:38 AM | Computer Name = Bruce-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12/20/2011 9:57:27 AM | Computer Name = Bruce-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 12/20/2011 9:57:57 AM | Computer Name = Bruce-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 12/20/2011 8:28:24 PM | Computer Name = Bruce-PC | Source = Print | ID = 6161
Description = The document 3.5 x 5 in. (4), owned by Bruce, failed to print on printer
Dell V305. Try to print the document again, or restart the print spooler. Data
type: LEMF. Size of the spool file in bytes: 9360742. Number of bytes printed: 9360742.
Total number of pages in the document: 1. Number of pages printed: 0. Client computer:
\\BRUCE-PC. Win32 error code returned by the print processor: 0. The operation
completed successfully.
Error - 12/21/2011 7:46:47 AM | Computer Name = Bruce-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 12/21/2011 7:46:47 AM | Computer Name = Bruce-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12/21/2011 7:46:47 AM | Computer Name = Bruce-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12/21/2011 7:49:05 AM | Computer Name = Bruce-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 12/21/2011 7:49:35 AM | Computer Name = Bruce-PC | Source = Service Control Manager | ID = 7011
Description =
< End of report >
checkup.txt Step 3 required
Results of screen317's Security Check version 0.99.30
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Java(TM) SE Runtime Environment 6
Adobe Reader 8 Adobe Reader out of date!
Adobe Reader X KB403742.. Adobe Reader out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Norton ccSvcHst.exe
``````````End of Log````````````
Hi and thanks for your patience.
I will follow the instructions as soon as I can get an assist from my wife.
As for the Uniblue Registry , I don't know how I got it and have been trying to get rid of it for months. As for the Go to assist and Paretologic file Cure ,I don't know where they came from and will gladly get rid of them as well as any other sugestions you may have .Thank you for all your help so far and as soon as I take the next step I''ll post it. Thanks again , Bruce
Scolabar ,Sucess ( I think) and Happy New Year
Step 5 ,1. No problems
2.;AOL Install, Go to Assist 8.0.0514,Paretologic File cure and Uniblue Reg. Booster all successfully uninstalled.
3.OTL.txt , done
4. System Look ,txt. done
SystemLook 30.07.11 by jpshortstuff
Log created at 20:56 on 27/12/2011 by Bruce
Administrator - Elevation successful
========== filefind ==========
Searching for "*Fun4IM*"
No files found.
Searching for "*Bandoo*"
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js --a---- 27324 bytes [13:37 31/10/2011] [13:37 31/10/2011] C4F2571481A116A0C24C9644F0E4B4F5
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js --a---- 33963 bytes [13:37 31/10/2011] [13:37 31/10/2011] 11363D5ADC24F5BBC44C678BE8A29FCC
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\bandoo.css --a---- 8308 bytes [13:37 31/10/2011] [13:37 31/10/2011] D98167EFDC45E8EC6F4769791A15CE36
Searching for "*Searchqu*"
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchquband.dll --a---- 449424 bytes [13:37 31/10/2011] [13:37 31/10/2011] 39ECB144372B2ED7B1B91A1E63D3F275
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll --a---- 88976 bytes [13:37 31/10/2011] [13:37 31/10/2011] AD14E447F7CED4CA987B91B379EAF952
Searching for "*iLivid*"
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\iLivid\ilivid.exe --a---- 2033152 bytes [15:52 12/12/2011] [14:20 05/08/2011] A485B5376A7BD86E17DA042A64EE3E86
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\iLivid\ilivid.ico --a---- 9662 bytes [15:52 12/12/2011] [09:41 04/11/2009] D64C36521A1839B54788D7D0A82DAF08
C:\_OTL\MovedFiles\12272011_185541\C_ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid\iLivid Download Manager.lnk --a---- 844 bytes [15:52 12/12/2011] [15:52 12/12/2011] BB2864E331DB1BA31D424C2571333C6E
C:\_OTL\MovedFiles\12272011_185541\C_ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}\iLividSetupV1.dat --a--c- 225 bytes [15:52 12/12/2011] [15:52 12/12/2011] 28707D5C41928D3463F7379C09AEF8AD
C:\_OTL\MovedFiles\12272011_185541\C_ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}\iLividSetupV1.exe --a--c- 3002188 bytes [15:52 12/12/2011] [10:22 06/12/2011] 190C64038FC1B7F407C9440970796660
C:\_OTL\MovedFiles\12272011_185541\C_ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}\iLividSetupV1.lnk --a--c- 0 bytes [15:52 12/12/2011] [15:52 12/12/2011] D41D8CD98F00B204E9800998ECF8427E
C:\_OTL\MovedFiles\12272011_185541\C_ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}\iLividSetupV1.msi --a--c- 290816 bytes [15:52 12/12/2011] [10:22 06/12/2011] 124EA05DAF45A65251AE088E794FCC6A
C:\_OTL\MovedFiles\12272011_185541\C_ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}\iLividSetupV1.par --a--c- 1493 bytes [15:52 12/12/2011] [15:52 12/12/2011] 545DE9BE9EF6B67297A5CC14E3C900A4
C:\_OTL\MovedFiles\12272011_185541\C_ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}\iLividSetupV1.res --a--c- 2459440 bytes [15:52 12/12/2011] [10:22 06/12/2011] 0F1F6441CD4452A373C49CF6CC22BBB4
C:\_OTL\MovedFiles\12272011_185541\C_Users\Public\Desktop\iLivid Download Manager.lnk --a---- 826 bytes [15:52 12/12/2011] [15:52 12/12/2011] 84CD79C2BEC432B29CC4FDC24B5CE7B1
Searching for "*whitesmoke*"
No files found.
Searching for "*datamngr*"
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll --a---- 1236368 bytes [15:52 12/12/2011] [10:17 06/12/2011] A66079777083006EA2EB658205FA2780
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe --a---- 1694608 bytes [15:52 12/12/2011] [10:17 06/12/2011] D8B3EB0A5B5FDBC1609E4E2B66CE3F93
Searching for "*trolltech*"
No files found.
========== folderfind ==========
Searching for "*Fun4IM*"
No folders found.
Searching for "*Bandoo*"
No folders found.
Searching for "*Searchqu*"
C:\_OTL\MovedFiles\12262011_150845\C_Users\Bruce\AppData\LocalLow\searchquband d------ [15:53 12/12/2011]
C:\_OTL\MovedFiles\12262011_150845\C_Users\Bruce\AppData\LocalLow\searchqutoolbar d------ [15:52 12/12/2011]
Searching for "*iLivid*"
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\iLivid d------ [15:52 12/12/2011]
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar d------ [15:52 12/12/2011]
C:\_OTL\MovedFiles\12262011_150845\C_Users\Bruce\AppData\Local\Ilivid Player d------ [15:53 12/12/2011]
C:\_OTL\MovedFiles\12272011_185541\C_ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid d------ [15:52 12/12/2011]
Searching for "*whitesmoke*"
No folders found.
Searching for "*datamngr*"
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr d------ [15:52 12/12/2011]
C:\_OTL\MovedFiles\12262011_150845\C_Users\Bruce\AppData\LocalLow\DataMngr d------ [15:53 12/12/2011]
Searching for "*trolltech*"
No folders found.
========== Regfind ==========
Searching for "Fun4IM"
No data found.
Searching for "Bandoo"
No data found.
Searching for "Searchqu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
"@"="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
"@"="ISearchQueryHelper"
Searching for "iLivid"
No data found.
Searching for "whitesmoke"
No data found.
Searching for "datamngr"
No data found.
Searching for "kelkoopartners"
No data found.
Searching for "trolltech"
No data found.
-= EOF =-
OTL logfile created on: 12/21/2011 7:45:35 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Bruce\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.94 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 42.84% Memory free
4.11 Gb Paging File | 2.61 Gb Available in Paging File | 63.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.79 Gb Total Space | 108.17 Gb Free Space | 48.55% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.69 Gb Free Space | 56.86% Space Free | Partition Type: NTFS
Computer Name: BRUCE-PC | User Name: Bruce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/12/21 19:42:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
PRC - [2011/12/06 05:17:56 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/11/15 06:40:23 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/11/12 12:49:09 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/09/06 12:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 12:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe
PRC - [2011/01/05 20:21:00 | 000,025,984 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2010/10/12 12:21:30 | 001,693,464 | ---- | M] (ParetoLogic) -- C:\Program Files\ParetoLogic\FileCure\FileCure.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/02/18 23:33:08 | 000,809,488 | ---- | M] (Logitech, Inc.) -- C:\Program Files\SetPoint\SetPoint.exe
PRC - [2009/02/18 23:30:36 | 000,059,920 | ---- | M] (Logitech Inc.) -- C:\Program Files\SetPoint\LBTWiz.exe
PRC - [2009/02/18 23:30:20 | 000,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
PRC - [2009/02/18 23:28:52 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/11/19 09:47:24 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/10/28 16:42:30 | 000,156,968 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2008/02/25 11:38:12 | 000,595,184 | ---- | M] ( ) -- C:\Windows\System32\dldtcoms.exe
PRC - [2007/03/09 11:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2007/02/08 00:16:24 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
========== Modules (No Company Name) ==========
MOD - [2011/10/31 08:37:30 | 000,088,976 | ---- | M] () -- C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll
MOD - [2011/10/14 14:51:46 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011/10/13 20:38:24 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011/10/13 20:38:04 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011/10/13 20:37:54 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011/10/13 20:37:27 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8adb45c62e4c797bd4c706afe9e8bfb9\System.Core.ni.dll
MOD - [2011/10/13 20:37:21 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\231b0b42eff55de5c7d7debe555c16b7\PresentationFramework.Aero.ni.dll
MOD - [2011/10/13 20:37:19 | 014,328,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\94f892556ec9fa7a508fc9d214ceaedf\PresentationFramework.ni.dll
MOD - [2011/10/13 20:36:54 | 012,216,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53f949f4664bb316f9b7a00d73a6e290\PresentationCore.ni.dll
MOD - [2011/10/13 20:36:33 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd2c727bcef2e019eb96c1145f423701\WindowsBase.ni.dll
MOD - [2011/10/13 20:36:25 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011/10/13 20:35:05 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/12/23 07:33:30 | 000,047,616 | ---- | M] () -- C:\Program Files\Uniblue\RegistryBooster\cache.dll
MOD - [2010/08/14 10:58:52 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2009/02/18 23:30:20 | 000,121,360 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/11/19 09:47:24 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/10/28 16:42:30 | 000,156,968 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/08/24 18:23:27 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/02/25 15:38:16 | 000,099,568 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldtserv.exe -- (dldtCATSCustConnectService)
SRV - [2008/02/25 11:38:12 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dldtcoms.exe -- (dldt_device)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/19 11:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
========== Driver Services (SafeList) ==========
DRV - [2011/12/03 08:35:04 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111221.019\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/12/03 08:35:04 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/12/03 08:35:04 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111221.019\NAVENG.SYS -- (NAVENG)
DRV - [2011/11/14 14:28:02 | 000,819,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111221.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/11/09 05:53:45 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/10/15 14:18:40 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/10/14 21:43:08 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111220.001\IDSvix86.sys -- (IDSVix86)
DRV - [2011/03/30 22:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0501000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 22:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 19:39:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0501000.01D\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2011/03/14 21:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/27 01:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\SYMDS.SYS -- (SymDS)
DRV - [2010/11/15 20:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0501000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2008/12/18 22:43:48 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/12/18 22:43:40 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/12/16 01:43:48 | 000,054,400 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GzOFVsp.sys -- (GzOFVsp)
DRV - [2008/12/16 01:43:48 | 000,054,400 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GzOFMdm.sys -- (GzOFMdm)
DRV - [2008/12/16 01:43:48 | 000,033,408 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GzOFBus.sys -- (GzOFBus)
DRV - [2007/05/01 07:26:26 | 000,131,368 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007/05/01 07:26:26 | 000,102,696 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/03/05 03:07:46 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/02/08 00:16:26 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/12/20 14:31:34 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2006/12/07 23:25:00 | 004,456,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006/11/01 18:50:00 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/10/18 13:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011/10/19 04:54:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_4_3 [2011/12/21 06:45:21 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent File not found
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter File not found
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2519207516-3531264281-3220632969-1000\..Trusted Ranges: GD ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{936F5662-F742-42F8-9394-D480B27297A0}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) -C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) -C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Users\Bruce\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Bruce\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/21 19:42:15 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
[2011/12/16 07:57:37 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/12/16 07:57:35 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/12/16 07:57:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/12/16 07:57:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/12/16 07:57:34 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/12/16 07:57:32 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/12/15 19:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/12/15 19:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/15 19:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/12/15 10:30:19 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/12/15 10:30:18 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/12/15 10:30:15 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/12/15 10:30:13 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/12/15 10:30:11 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/12/15 10:30:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/12/12 21:07:39 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Desktop\New Folder (3)
[2011/12/12 10:53:32 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Local\Ilivid Player
[2011/12/12 10:52:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
[2011/12/12 10:52:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
[2011/12/12 10:52:26 | 000,000,000 | ---D | C] -- C:\Program Files\iLivid
[2011/12/12 10:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2011/12/06 18:28:27 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Desktop\New Folder
[2011/11/29 18:57:04 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Desktop\New Folder (2)
[2008/09/06 13:06:55 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\DLDThcp.dll
[2008/09/06 13:06:47 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldtinpa.dll
[2008/09/06 13:06:46 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldtiesc.dll
[2008/09/06 13:06:44 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\dldtusb1.dll
[2008/09/06 13:06:43 | 001,105,920 | ---- | C] ( ) -- C:\Windows\System32\dldtserv.dll
[2008/09/06 13:06:42 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\dldtprox.dll
[2008/09/06 13:06:41 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\dldtpmui.dll
[2008/09/06 13:06:40 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\dldtlmpm.dll
[2008/09/06 13:06:37 | 000,320,752 | ---- | C] ( ) -- C:\Windows\System32\dldtih.exe
[2008/09/06 13:06:36 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\dldthbn3.dll
[2008/09/06 13:06:32 | 000,595,184 | ---- | C] ( ) -- C:\Windows\System32\dldtcoms.exe
[2008/09/06 13:06:31 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\dldtcomc.dll
[2008/09/06 13:06:31 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\dldtcomm.dll
[2008/09/06 13:06:29 | 000,365,808 | ---- | C] ( ) -- C:\Windows\System32\dldtcfg.exe
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/12/21 19:42:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
[2011/12/21 19:40:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/21 19:00:03 | 000,000,290 | -H-- | M] () -- C:\Windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2011/12/21 18:45:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/21 18:45:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/21 18:00:02 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2011/12/21 16:40:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/21 14:00:09 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/12/21 06:51:34 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/21 06:51:34 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/12/21 06:48:44 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\FileCure Startup.job
[2011/12/21 06:48:44 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2011/12/21 06:45:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/20 22:53:28 | 000,002,714 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/12/20 17:55:24 | 024,664,064 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mb
[2011/12/20 17:55:23 | 047,326,208 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mbb
[2011/12/16 08:17:58 | 000,313,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/15 19:04:55 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/12/12 10:52:36 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2011/12/09 22:08:06 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Bruce.job
[2011/12/05 18:38:18 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/12/02 08:34:49 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\Documents\ATT00682.jpg
[2011/12/01 15:10:45 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2011/12/01 15:10:45 | 000,001,854 | ---- | M] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/12/01 15:10:01 | 000,001,245 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2011/11/29 18:56:44 | 000,144,448 | ---- | M] () -- C:\Users\Bruce\Desktop\100_9973.jpg
[2011/11/29 18:56:44 | 000,139,387 | ---- | M] () -- C:\Users\Bruce\Desktop\101_0126.jpg
[2011/11/29 18:56:44 | 000,081,941 | ---- | M] () -- C:\Users\Bruce\Desktop\101_0641.jpg
[2011/11/27 21:01:06 | 000,145,530 | ---- | M] () -- C:\Users\Bruce\Desktop\100_0524.jpg
[2011/11/23 08:37:27 | 002,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/12/15 19:04:54 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/12/12 10:52:36 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2011/12/02 08:34:48 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\Documents\ATT00682.jpg
[2011/11/29 18:56:44 | 000,144,448 | ---- | C] () -- C:\Users\Bruce\Desktop\100_9973.jpg
[2011/11/29 18:56:44 | 000,139,387 | ---- | C] () -- C:\Users\Bruce\Desktop\101_0126.jpg
[2011/11/29 18:56:44 | 000,081,941 | ---- | C] () -- C:\Users\Bruce\Desktop\101_0641.jpg
[2011/11/27 21:01:06 | 000,145,530 | ---- | C] () -- C:\Users\Bruce\Desktop\100_0524.jpg
[2011/05/18 16:59:52 | 000,001,940 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2009/09/16 18:25:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/16 18:25:32 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/11/17 17:34:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/09/06 13:08:36 | 000,017,648 | ---- | C] () -- C:\Windows\System32\dldtwupd.exe
[2008/09/06 13:08:32 | 000,102,400 | ---- | C] () -- C:\Windows\System32\dldtwupd.dll
[2008/09/06 13:07:02 | 000,348,160 | ---- | C] () -- C:\Windows\System32\DLDTinst.dll
[2008/09/06 13:06:45 | 000,520,192 | ---- | C] () -- C:\Windows\System32\dldtutil.dll
[2008/09/06 13:06:39 | 000,180,224 | ---- | C] () -- C:\Windows\System32\dldtinsb.dll
[2008/09/06 13:06:39 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dldtjswr.dll
[2008/09/06 13:06:38 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldtins.dll
[2008/09/06 13:06:38 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dldtinsr.dll
[2008/09/06 13:06:35 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldtgrd.dll
[2008/09/06 13:06:33 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldtcub.dll
[2008/09/06 13:06:33 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldtcu.dll
[2008/09/06 13:06:33 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldtcur.dll
[2008/02/21 19:41:24 | 000,782,336 | ---- | C] () -- C:\Windows\System32\dldtdrs.dll
[2008/02/19 21:25:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\dldtcaps.dll
[2008/01/22 01:05:12 | 000,077,906 | ---- | C] () -- C:\Windows\System32\dldtcfg.dll
[2007/12/12 20:32:40 | 000,360,448 | ---- | C] () -- C:\Windows\System32\dldtcoin.dll
[2007/11/13 18:13:10 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dldtcnv4.dll
[2007/10/13 08:29:19 | 000,033,792 | ---- | C] () -- C:\Users\Bruce\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/13 08:21:35 | 000,002,714 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/04/28 13:41:50 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dldtvs.dll
[2006/11/10 08:26:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,313,424 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,264 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,103,964 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
========== LOP Check ==========
[2008/03/30 13:01:26 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Leadertech
[2010/12/10 19:35:37 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\PCDr
[2009/01/29 18:44:10 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Skinux
[2010/08/15 07:12:49 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Tific
[2011/01/05 20:20:57 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Uniblue
[2011/06/12 02:56:52 | 000,000,364 | ---- | M] () -- C:\Windows\Tasks\FileCure Default.job
[2011/12/21 06:48:44 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\FileCure Startup.job
[2011/12/21 18:00:02 | 000,000,444 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2011/04/01 04:43:00 | 000,000,418 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job
[2011/12/05 18:38:18 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/12/21 06:48:44 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2011/12/20 22:53:18 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/12/21 14:00:09 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
[2010/09/03 20:24:56 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{40FFB3E6-5C62-43BA-803E-82D3168ED07A}.job
[2011/12/21 19:00:03 | 000,000,290 | -H-- | M] () -- C:\Windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 804 bytes -> C:\Users\Bruce\Documents\Fwd_ [Fwd_ FW_ S.Y.B.S.T.D.].eml:OECustomProperty
< End of report >
Thank You again for all of your patience and excellent help. Bruce
Hi and thanks for your patience.
Hi Scolabar ., Thanks for the next step ,but I won't be able to do it until tommorow eve. I'll get back to you then ., Thanks, Bruce
Scan log ;I found my way again
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org
Database version: v2011.12.30.03
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Bruce :: BRUCE-PC [administrator]
12/30/2011 4:07:30 PM
mbam-log-2011-12-30 (16-07-30).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 176117
Time elapsed: 4 minute(s), 18 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(
Step 6 Include in next post
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
File c:\Program Files\Java\jre1.6.0\bin\ssv.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Bluetooth Connection Assistant deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
File c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll not found.
C:\ProgramData\SPLA24A.tmp deleted successfully.
C:\ProgramData\SPLBC05.tmp deleted successfully.
C:\ProgramData\SPLBD01.tmp deleted successfully.
========== FILES ==========
C:\Users\Bruce\AppData\Roaming\Uniblue\RegistryBooster\_temp folder moved successfully.
C:\Users\Bruce\AppData\Roaming\Uniblue\RegistryBooster\history folder moved successfully.
C:\Users\Bruce\AppData\Roaming\Uniblue\RegistryBooster\backup folder moved successfully.
C:\Users\Bruce\AppData\Roaming\Uniblue\RegistryBooster folder moved successfully.
C:\Users\Bruce\AppData\Roaming\Uniblue folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Bruce\Desktop\cmd.bat deleted successfully.
C:\Users\Bruce\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Bruce
->Temp folder emptied: 582909 bytes
->Temporary Internet Files folder emptied: 255799268 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1658 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 450 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 180173 bytes
Total Files Cleaned = 245.00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 01012012_211833
Files\Folders moved on Reboot...
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DFA484.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DFA48E.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DFA4E2.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DFA4ED.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DFA523.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DFA52D.tmp not found!
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LJI2829Q\showthread[1].htm moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.
Registry entries deleted on Reboot...
Step 3 OTL Script-Sorry for the confusion on previous reply
Correction: last post was labeled Step 6- It was actually step 3 OTL Script
Quote:
Originally Posted by
Bruce C
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
File c:\Program Files\Java\jre1.6.0\bin\ssv.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Bluetooth Connection Assistant deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
File c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll not found.
C:\ProgramData\SPLA24A.tmp deleted successfully.
C:\ProgramData\SPLBC05.tmp deleted successfully.
C:\ProgramData\SPLBD01.tmp deleted successfully.
========== FILES ==========
C:\Users\Bruce\AppData\Roaming\Uniblue\RegistryBooster\_temp folder moved successfully.
C:\Users\Bruce\AppData\Roaming\Uniblue\RegistryBooster\history folder moved successfully.
C:\Users\Bruce\AppData\Roaming\Uniblue\RegistryBooster\backup folder moved successfully.
C:\Users\Bruce\AppData\Roaming\Uniblue\RegistryBooster folder moved successfully.
C:\Users\Bruce\AppData\Roaming\Uniblue folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Bruce\Desktop\cmd.bat deleted successfully.
C:\Users\Bruce\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Bruce
->Temp folder emptied: 582909 bytes
->Temporary Internet Files folder emptied: 255799268 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1658 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 450 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 180173 bytes
Total Files Cleaned = 245.00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 01012012_211833
Files\Folders moved on Reboot...
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DFA484.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DFA48E.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DFA4E2.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DFA4ED.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DFA523.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DFA52D.tmp not found!
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LJI2829Q\showthread[1].htm moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.
Registry entries deleted on Reboot...
Step 4 EST online scanner
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\DnsBHO.dll a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\DnsBHO.dll a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\DnsBHO.dll a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\DnsBHO.dll a variant of Win32/Toolbar.SearchSuite application
C:\_OTL\MovedFiles\12262011_150845\C_Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll a variant of Win32/Toolbar.SearchSuite application
Results of scan :systemlook scan
Hi Scolobar
No problem with instructions , however I did'nt see a SystemLook .txt on my Desktop so I copy and pasted the results here.Thanks Bruce
Log created at 07:14 on 06/01/2012 by Bruce
Administrator - Elevation successful
========== filefind ==========
Searching for "*MS AntiSpyware 2009*"
No files found.
========== folderfind ==========
Searching for "*MS AntiSpyware 2009*"
No folders found.
========== regfind ==========
Searching for "MS AntiSpyware 2009"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MS AntiSpyware 2009 5.7]
[HKEY_USERS\S-1-5-21-2519207516-3531264281-3220632969-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MS AntiSpyware 2009 5.7]
========== contents ==========
C:\_OTL\MovedFiles\12272011_185541.log - Opened succesfully.
’žAll processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iLivid\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2519207516-3531264281-3220632969-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Windows Searchqu Toolbar\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iLivid\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92EVUHGP\iLividSetupV1.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Bruce\AppData\Local\Temp\mia6549.tmp\iLividSetupV1.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\iLivid\ilivid.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ilivid\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\ilivid\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\817FDB46B46DE8B4AAD499F1DAFF341D\\2B1E51D87B2D71A44BB42DDD5E894160 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5A9327D31011C244A196F700637C701\\2B1E51D87B2D71A44BB42DDD5E894160 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6B84CEB2810F104BA0E5FC5C8EACD7E\\2B1E51D87B2D71A44BB42DDD5E894160 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{33A24A0A-DABD-49BD-8E2D-5C47809F5D7B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33A24A0A-DABD-49BD-8E2D-5C47809F5D7B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFCDC973-B85D-4568-B17B-0A367E15011A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFCDC973-B85D-4568-B17B-0A367E15011A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{33A24A0A-DABD-49BD-8E2D-5C47809F5D7B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33A24A0A-DABD-49BD-8E2D-5C47809F5D7B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFCDC973-B85D-4568-B17B-0A367E15011A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFCDC973-B85D-4568-B17B-0A367E15011A}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\"{33A24A0A-DABD-49BD-8E2D-5C47809F5D7B}"|"- /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFCDC973-B85D-4568-B17B-0A367E15011A} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFCDC973-B85D-4568-B17B-0A367E15011A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2519207516-3531264281-3220632969-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iLivid\ not found.
Registry value HKEY_USERS\S-1-5-21-2519207516-3531264281-3220632969-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92EVUHGP\iLividSetupV1.exe not found.
Registry value HKEY_USERS\S-1-5-21-2519207516-3531264281-3220632969-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Bruce\AppData\Local\Temp\mia6549.tmp\iLividSetupV1.exe not found.
Registry value HKEY_USERS\S-1-5-21-2519207516-3531264281-3220632969-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\iLivid\ilivid.exe not found.
Registry value HKEY_USERS\S-1-5-21-2519207516-3531264281-3220632969-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92EVUHGP\iLividSetupV1.exe not found.
Registry value HKEY_USERS\S-1-5-21-2519207516-3531264281-3220632969-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Bruce\AppData\Local\Temp\mia6549.tmp\iLividSetupV1.exe not found.
Registry value HKEY_USERS\S-1-5-21-2519207516-3531264281-3220632969-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\iLivid\ilivid.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BrowserConnection.Loader\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BrowserConnection.Loader.1\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E6A6D16-F99D-4C47-BB7E-BAD5708FCC25}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6A6D16-F99D-4C47-BB7E-BAD5708FCC25}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{33A24A0A-DABD-49BD-8E2D-5C47809F5D7B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33A24A0A-DABD-49BD-8E2D-5C47809F5D7B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFCDC973-B85D-4568-B17B-0A367E15011A} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFCDC973-B85D-4568-B17B-0A367E15011A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{33A24A0A-DABD-49BD-8E2D-5C47809F5D7B} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33A24A0A-DABD-49BD-8E2D-5C47809F5D7B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFCDC973-B85D-4568-B17B-0A367E15011A} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFCDC973-B85D-4568-B17B-0A367E15011A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{33A24A0A-DABD-49BD-8E2D-5C47809F5D7B} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33A24A0A-DABD-49BD-8E2D-5C47809F5D7B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFCDC973-B85D-4568-B17B-0A367E15011A} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFCDC973-B85D-4568-B17B-0A367E15011A}\ not found.
========== FILES ==========
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid\iLivid Download Manager.lnk moved successfully.
C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318} folder moved successfully.
File\Folder C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\iLivid\iLivid Download Manager.lnk not found.
File\Folder C:\Users\All Users\{B49A644A-1076-4A3D-B124-DAA7862F2318} not found.
C:\Users\Public\Desktop\iLivid Download Manager.lnk moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid folder moved successfully.
File\Folder C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\iLivid not found.
File\Folder C:\Program Files\iLivid not found.
File\Folder C:\Program Files\Windows iLivid Toolbar not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Bruce\Desktop\cmd.bat deleted successfully.
C:\Users\Bruce\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Bruce
->Temp folder emptied: 320628 bytes
->Temporary Internet Files folder emptied: 63747516 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1867 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 90 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 27648 bytes
Total Files Cleaned = 61.00 mb
Error: Unable to interpret <[resethosts]Then click the Run Fix button at the > in the current context!
OTL by OldTimer - Version 3.2.31.0 log created on 12272011_185541
Files\Folders moved on Reboot...
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DF937D.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DF9389.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DF93DB.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DF93E7.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DF9421.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DF942D.tmp not found!
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DMFZI5XP\0f0ca97dac[1].htm moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DMFZI5XP\blank[1].gif moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DMFZI5XP\blank[1].htm moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DMFZI5XP\ProductDisplay[1].htm moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DMFZI5XP\showthread[2].htm moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CJUL4508\mybostonharley_com[1].htm moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CJUL4508\questionshome[1].htm moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CJUL4508\reviews[1].htm moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3B7SFPP4\proxy[1].htm moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.
Step 3 notepad after reboot
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MS AntiSpyware 2009 5.7\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2519207516-3531264281-3220632969-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MS AntiSpyware 2009 5.7\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Bruce
->Temp folder emptied: 523043 bytes
->Temporary Internet Files folder emptied: 202610430 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 3006 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7290 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 194.00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 01082012_220908
Files\Folders moved on Reboot...
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DF2AF2.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DF2AFE.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DF2B56.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DF2B6F.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DF2BA7.tmp not found!
File\Folder C:\Users\Bruce\AppData\Local\Temp\~DF2BBD.tmp not found!
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TG91WWCK\showthread[1].htm moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\Bruce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.
Registry entries deleted on Reboot...