Malware removal logs

[magicmindfreak99]

here is the SuperAntispyware logSUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/11/2010 at 02:36 AM

Application Version : 4.42.1000

Core Rules Database Version : 5488
Trace Rules Database Version: 3300

Scan type       : Complete Scan
Total Scan Time : 06:57:49

Memory items scanned      : 839
Memory threats detected   : 6
Registry items scanned    : 7825
Registry threats detected : 1239
File items scanned        : 163914
File threats detected     : 189

Adware.MyWebSearch
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\F3HKSTUB.DLL
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\F3HKSTUB.DLL
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\MWSOESTB.DLL
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\MWSOESTB.DLL
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\MWSSRCAS.DLL
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\MWSSRCAS.DLL
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\MWSOEMON.EXE
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\MWSOEMON.EXE
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\M3SRCHMN.EXE
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\M3SRCHMN.EXE
   [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\BAR\2.BIN\MWSOEMON.EXE
   C:\PROGRA~1\MYWEBS~1\BAR\2.BIN\MWSOEMON.EXE
   [My Web Search Bar Search Scope Monitor] C:\PROGRA~1\MYWEBS~1\BAR\2.BIN\M3SRCHMN.EXE
   C:\PROGRA~1\MYWEBS~1\BAR\2.BIN\M3SRCHMN.EXE
   HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
   HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
   HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
   HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32
   HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
   HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\Programmable
   HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
   HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
   HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
   HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32
   HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
   HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\Programmable
   HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32
   HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\MWSBAR.DLL
   HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32
   HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
   HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
   HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
   HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\Control
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\InprocServer32
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\MiscStatus
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\MiscStatus\1
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\ProgID
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\Programmable
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\TypeLib
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\Version
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\VersionIndependentProgID
   HKCR\MyWebSearchToolBar.SettingsPlugin.1
   HKCR\MyWebSearchToolBar.SettingsPlugin.1\CLSID
   HKCR\MyWebSearchToolBar.SettingsPlugin
   HKCR\MyWebSearchToolBar.SettingsPlugin\CLSID
   HKCR\MyWebSearchToolBar.SettingsPlugin\CurVer
   HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
   HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0
   HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\0
   HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\0\win32
   HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\FLAGS
   HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\HELPDIR
   HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
   HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
   HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKLM\Software\Microsoft\Internet Explorer\Toolbar#{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks#{00A6FAF6-072E-44cf-8957-5838F569A31D}
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Internet Explorer\URLSearchHooks#{00A6FAF6-072E-44cf-8957-5838F569A31D}
   HKU\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks#{00A6FAF6-072E-44cf-8957-5838F569A31D}

Adware.ShopAtHome/SelectRebates
   C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE
   C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE
   [SelectRebates] C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE

Adware.HotBar/SpamBlockerUtility (Low Risk)
   HKLM\Software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Control
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Implemented Categories
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Implemented Categories\{00021494-0000-0000-C000-000000000046}
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\InprocServer32
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\InprocServer32#ThreadingModel
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Instance
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Instance#CLSID
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Instance\InitPropertyBag
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Instance\InitPropertyBag#Url
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\MiscStatus
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\MiscStatus\1
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\ProgID
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Programmable
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\ToolboxBitmap32
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\TypeLib
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\Version
   HKCR\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}\VersionIndependentProgID
   HKCR\HBMain.CommBand.1
   HKCR\HBMain.CommBand.1\CLSID
   HKCR\HBMain.CommBand
   HKCR\HBMain.CommBand\CLSID
   HKCR\HBMain.CommBand\CurVer
   HKCR\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}
   HKCR\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}\1.0
   HKCR\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}\1.0\0
   HKCR\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}\1.0\0\win32
   HKCR\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}\1.0\FLAGS
   HKCR\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}\1.0\HELPDIR
   C:\PROGRAM FILES\HOTBAR\BIN\11.0.117.0\HOSTIE.DLL
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
   HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}

Adware.MyWebSearch/FunWebProducts
   HKLM\Software\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
   HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
   HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
   HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\InprocServer32
   HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\InprocServer32#ThreadingModel
   HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\ProgID
   HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\VersionIndependentProgID
   HKCR\FunWebProducts.HTMLMenu.2
   HKCR\FunWebProducts.HTMLMenu.2\CLSID
   HKCR\FunWebProducts.HTMLMenu
   HKCR\FunWebProducts.HTMLMenu\CLSID
   HKCR\FunWebProducts.HTMLMenu\CurVer
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\F3HTMLMU.DLL
   HKLM\Software\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
   HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
   HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
   HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\InprocServer32
   HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\InprocServer32#ThreadingModel
   HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\ProgID
   HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\VersionIndependentProgID
   HKCR\FunWebProducts.HTMLMenu.1
   HKCR\FunWebProducts.HTMLMenu.1\CLSID
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A}
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Control
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\InprocServer32
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\InprocServer32#ThreadingModel
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus\1
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\ProgID
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Programmable
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\TypeLib
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Version
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\VersionIndependentProgID
   HKCR\FunWebProducts.DataControl.1
   HKCR\FunWebProducts.DataControl.1\CLSID
   HKCR\FunWebProducts.DataControl
   HKCR\FunWebProducts.DataControl\CLSID
   HKCR\FunWebProducts.DataControl\CurVer
   HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
   HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0
   HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\0
   HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\0\win32
   HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\FLAGS
   HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\HELPDIR
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\F3DTACTL.DLL
   HKLM\SOFTWARE\Fun Web Products
   HKLM\SOFTWARE\Fun Web Products#JpegConversionLib
   HKLM\SOFTWARE\Fun Web Products#CacheDir
   HKLM\SOFTWARE\Fun Web Products\MSNMessenger
   HKLM\SOFTWARE\Fun Web Products\MSNMessenger#DLLFile
   HKLM\SOFTWARE\Fun Web Products\MSNMessenger#DLLDir
   HKLM\SOFTWARE\Fun Web Products\ScreenSaver
   HKLM\SOFTWARE\Fun Web Products\ScreenSaver#ImagesDir
   HKLM\SOFTWARE\Fun Web Products\Settings
   HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#ETag
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.numActive
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.0
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqNone
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.numActive
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.0
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqUninstalled
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive2
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.2
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.1
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.4
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.6
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.3
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.5
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.8
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.7
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#ETag
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\SOFTWARE\FunWebProducts
   HKLM\SOFTWARE\FunWebProducts
   HKLM\SOFTWARE\FunWebProducts\Installer
   HKLM\SOFTWARE\FunWebProducts\Installer#Dir
   HKLM\SOFTWARE\FunWebProducts\Installer#CurInstall
   HKLM\SOFTWARE\FunWebProducts\Installer#sr
   HKLM\SOFTWARE\FunWebProducts\Installer#pl
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\SOFTWARE\MyWebSearch
   HKLM\SOFTWARE\MyWebSearch
   HKLM\SOFTWARE\MyWebSearch\bar
   HKLM\SOFTWARE\MyWebSearch\bar#Maximized
   HKLM\SOFTWARE\MyWebSearch\bar#Visible
   HKLM\SOFTWARE\MyWebSearch\bar#pid
   HKLM\SOFTWARE\MyWebSearch\bar#fwp
   HKLM\SOFTWARE\MyWebSearch\bar#mwsask
   HKLM\SOFTWARE\MyWebSearch\bar#tiec
   HKLM\SOFTWARE\MyWebSearch\bar#Dir
   HKLM\SOFTWARE\MyWebSearch\bar#PluginPath
   HKLM\SOFTWARE\MyWebSearch\bar#UninstallString
   HKLM\SOFTWARE\MyWebSearch\bar#RegHookPath
   HKLM\SOFTWARE\MyWebSearch\bar#Id
   HKLM\SOFTWARE\MyWebSearch\bar#CurInstall
   HKLM\SOFTWARE\MyWebSearch\bar#SettingsDir
   HKLM\SOFTWARE\MyWebSearch\bar#sr
   HKLM\SOFTWARE\MyWebSearch\bar#pl
   HKLM\SOFTWARE\MyWebSearch\bar#HistoryDir
   HKLM\SOFTWARE\MyWebSearch\bar#un
   HKLM\SOFTWARE\MyWebSearch\bar#CacheDir
   HKLM\SOFTWARE\MyWebSearch\bar#ConfigRevision
   HKLM\SOFTWARE\MyWebSearch\bar#ConfigRevisionURL
   HKLM\SOFTWARE\MyWebSearch\bar#ConfigDateStamp
   HKLM\SOFTWARE\MyWebSearch\bar#HTMLMenuRevision
   HKLM\SOFTWARE\MyWebSearch\bar#sscSet
   HKLM\SOFTWARE\MyWebSearch\bar#sscLabel
   HKLM\SOFTWARE\MyWebSearch\bar#sscURL
   HKLM\SOFTWARE\MyWebSearch\bar#AlertCount
   HKLM\SOFTWARE\MyWebSearch\bar#AlertPeriod
   HKLM\SOFTWARE\MyWebSearch\bar#AlertPausePeriod
   HKLM\SOFTWARE\MyWebSearch\bar#NoThrottleAlert
   HKLM\SOFTWARE\MyWebSearch\bar#NextConfigRequest
   HKLM\SOFTWARE\MyWebSearch\bar#LastConfigRequest
   HKLM\SOFTWARE\MyWebSearch\bar#Flags
   HKLM\SOFTWARE\MyWebSearch\bar#AutocompleteURL
   HKLM\SOFTWARE\MyWebSearch\MWSOEMON
   HKLM\SOFTWARE\MyWebSearch\MWSOEMON#Version
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG#Version
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG#Path
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG#StandardSmileyDir.AIM
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.numActive2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.1
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.3
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.5
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.0
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.7
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.9
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.4
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.6
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.8
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.numActive2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.1.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.numActive
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.0.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.2.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.5.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.3.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.4.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.6.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.7.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.9.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.8.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.10.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.11.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.12.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.13.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.numActive
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.numActive2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.0.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.1.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.2.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.3.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.4.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.5.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.6.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.7.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.8
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.numActive2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.0
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.1
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.3
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.4
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.5
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.6
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.7
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.8
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.9
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.numActive2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.0
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.1
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.3
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.4
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.5
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.6
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.7
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.9
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.10
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.10
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.11
   HKLM\SOFTWARE\MyWebSearch\OEHosts
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows10
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows2
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows3
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows4
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows5
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows6
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows7
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows8
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows9
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pid
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#fwp
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#mwsask
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#esh
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#lsp
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#LastRequest
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#NextRequest
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Id
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ABS
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#DES
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ie8h
   HKLM\SOFTWARE\MyWebSearch\SkinTools
   HKLM\SOFTWARE\MyWebSearch\SkinTools#PlayerPath
   HKCR\FunWebProducts.HistoryKillerScheduler
   HKCR\FunWebProducts.HistoryKillerScheduler\CLSID
   HKCR\FunWebProducts.HistoryKillerScheduler\CurVer
   HKCR\FunWebProducts.HistoryKillerScheduler.1
   HKCR\FunWebProducts.HistoryKillerScheduler.1\CLSID
   HKCR\FunWebProducts.HistorySwatterControlBar
   HKCR\FunWebProducts.HistorySwatterControlBar\CLSID
   HKCR\FunWebProducts.HistorySwatterControlBar\CurVer
   HKCR\FunWebProducts.HistorySwatterControlBar.1
   HKCR\FunWebProducts.HistorySwatterControlBar.1\CLSID
   HKCR\FunWebProducts.IECookiesManager
   HKCR\FunWebProducts.IECookiesManager\CLSID
   HKCR\FunWebProducts.IECookiesManager\CurVer
   HKCR\FunWebProducts.IECookiesManager.1
   HKCR\FunWebProducts.IECookiesManager.1\CLSID
   HKCR\FunWebProducts.KillerObjManager
   HKCR\FunWebProducts.KillerObjManager\CLSID
   HKCR\FunWebProducts.KillerObjManager\CurVer
   HKCR\FunWebProducts.KillerObjManager.1
   HKCR\FunWebProducts.KillerObjManager.1\CLSID
   HKCR\FunWebProducts.PopSwatterBarButton
   HKCR\FunWebProducts.PopSwatterBarButton\CLSID
   HKCR\FunWebProducts.PopSwatterBarButton\CurVer
   HKCR\FunWebProducts.PopSwatterBarButton.1
   HKCR\FunWebProducts.PopSwatterBarButton.1\CLSID
   HKCR\FunWebProducts.PopSwatterSettingsControl
   HKCR\FunWebProducts.PopSwatterSettingsControl\CLSID
   HKCR\FunWebProducts.PopSwatterSettingsControl\CurVer
   HKCR\FunWebProducts.PopSwatterSettingsControl.1
   HKCR\FunWebProducts.PopSwatterSettingsControl.1\CLSID
   HKCR\MyWebSearch.ChatSessionPlugin
   HKCR\MyWebSearch.ChatSessionPlugin\CLSID
   HKCR\MyWebSearch.ChatSessionPlugin\CurVer
   HKCR\MyWebSearch.ChatSessionPlugin.1
   HKCR\MyWebSearch.ChatSessionPlugin.1\CLSID
   HKCR\MyWebSearch.HTMLPanel
   HKCR\MyWebSearch.HTMLPanel\CLSID
   HKCR\MyWebSearch.HTMLPanel\CurVer
   HKCR\MyWebSearch.HTMLPanel.1
   HKCR\MyWebSearch.HTMLPanel.1\CLSID
   HKCR\MyWebSearch.OutlookAddin
   HKCR\MyWebSearch.OutlookAddin\CLSID
   HKCR\MyWebSearch.OutlookAddin\CurVer
   HKCR\MyWebSearch.OutlookAddin.1
   HKCR\MyWebSearch.OutlookAddin.1\CLSID
   HKCR\MyWebSearch.PseudoTransparentPlugin
   HKCR\MyWebSearch.PseudoTransparentPlugin\CLSID
   HKCR\MyWebSearch.PseudoTransparentPlugin\CurVer
   HKCR\MyWebSearch.PseudoTransparentPlugin.1
   HKCR\MyWebSearch.PseudoTransparentPlugin.1\CLSID
   HKCR\MyWebSearchToolBar.ToolbarPlugin
   HKCR\MyWebSearchToolBar.ToolbarPlugin\CLSID
   HKCR\MyWebSearchToolBar.ToolbarPlugin\CurVer
   HKCR\MyWebSearchToolBar.ToolbarPlugin.1
   HKCR\MyWebSearchToolBar.ToolbarPlugin.1\CLSID
   HKCR\ScreenSaverControl.ScreenSaverInstaller
   HKCR\ScreenSaverControl.ScreenSaverInstaller\CLSID
   HKCR\ScreenSaverControl.ScreenSaverInstaller\CurVer
   HKCR\ScreenSaverControl.ScreenSaverInstaller.1
   HKCR\ScreenSaverControl.ScreenSaverInstaller.1\CLSID
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\InprocServer32
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\InprocServer32#ThreadingModel
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\ProgID
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\Programmable
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\TypeLib
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\VersionIndependentProgID
   HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
   HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}\TreatAs
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Implemented Categories
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\InprocServer32
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\InprocServer32#ThreadingModel
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance#CLSID
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance\InitPropertyBag
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance\InitPropertyBag#Url
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Control
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\InprocServer32
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\InprocServer32#ThreadingModel
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus\1
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\ProgID
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Programmable
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\TypeLib
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Version
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\VersionIndependentProgID
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\InprocServer32
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\InprocServer32#ThreadingModel
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\ProgID
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\Programmable
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\TypeLib
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\VersionIndependentProgID
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\InprocServer32
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\InprocServer32#ThreadingModel
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\ProgID
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\Programmable
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\VersionIndependentProgID
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\Control
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32#ThreadingModel
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\Programmable
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\Version
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\Control
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32#ThreadingModel
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\ProgID
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\Programmable
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\Version
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\VersionIndependentProgID
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\Control
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32#ThreadingModel
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\Programmable
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\Version
   HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
   HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}\InprocServer32
   HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}\InprocServer32#ThreadingModel
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\InprocServer32
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\InprocServer32#ThreadingModel
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\ProgID
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\Programmable
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\TypeLib
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\VersionIndependentProgID
   HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
   HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}\InprocServer32
   HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}\InprocServer32#ThreadingModel
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\InprocServer32
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\InprocServer32#ThreadingModel
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\MiscStatus
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\MiscStatus\1
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\ProgID
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\Programmable
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\TypeLib
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\Version
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\VersionIndependentProgID
   HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}
   HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}\TreatAs
   HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}
   HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\InprocServer32
   HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\InprocServer32#ThreadingModel
   HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\Programmable
   HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\TypeLib
   HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
   HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\InprocServer32
   HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\InprocServer32#ThreadingModel
   HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\ProgID
   HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\Programmable
   HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\VersionIndependentProgID
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\InprocServer32
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\InprocServer32#ThreadingModel
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\MiscStatus
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\MiscStatus\1
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\ProgID
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\Programmable
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\TypeLib
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\Version
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\VersionIndependentProgID
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\InprocServer32
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\InprocServer32#ThreadingModel
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\MiscStatus
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\MiscStatus\1
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\ProgID
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\Programmable
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\TypeLib
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\Version
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\VersionIndependentProgID
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\InprocServer32
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\InprocServer32#ThreadingModel
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\ProgID
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\Programmable
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\TypeLib
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\VersionIndependentProgID
   HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
   HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\InprocServer32
   HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\InprocServer32#ThreadingModel
   HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\Programmable
   HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\TypeLib
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\Control
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\InprocServer32
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\InprocServer32#ThreadingModel
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\MiscStatus
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\MiscStatus\1
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\ProgID
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\Programmable
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\TypeLib
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\Version
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\VersionIndependentProgID
   HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
   HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0
   HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\0
   HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\0\win32
   HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\FLAGS
   HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\HELPDIR
   HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
   HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0
   HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\0
   HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\0\win32
   HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\FLAGS
   HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\HELPDIR
   HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
   HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0
   HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\0
   HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\0\win32
   HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\FLAGS
   HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\HELPDIR
   HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
   HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0
   HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\0
   HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\0\win32
   HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\FLAGS
   HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\HELPDIR
   HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
   HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0
   HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\0
   HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\0\win32
   HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\FLAGS
   HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\HELPDIR
   HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
   HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0
   HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\0
   HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\0\win32
   HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\FLAGS
   HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\HELPDIR
   HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
   HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0
   HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0
   HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0\win32
   HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\FLAGS
   HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\HELPDIR
   HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
   HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0
   HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\0
   HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\0\win32
   HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\FLAGS
   HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\HELPDIR
   HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
   HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0
   HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0\0
   HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0\0\win32
   HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0\FLAGS
   HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0\HELPDIR
   HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
   HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0
   HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\0
   HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\0\win32
   HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\FLAGS
   HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\HELPDIR
   HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
   HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid
   HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
   HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib
   HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
   HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
   HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid
   HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
   HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib
   HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
   HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
   HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid
   HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid32
   HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib
   HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib#Version
   HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
   HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid
   HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid32
   HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib
   HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib#Version
   HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
   HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid
   HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid32
   HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib
   HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib#Version
   HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
   HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid
   HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid32
   HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib
   HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib#Version
   HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
   HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid
   HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid32
   HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib
   HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib#Version
   HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
   HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
   HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
   HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
   HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
   HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
   HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid
   HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid32
   HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib
   HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib#Version
   HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
   HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid
   HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid32
   HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib
   HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib#Version
   HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
   HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid
   HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
   HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib
   HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib#Version
   HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
   HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid
   HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
   HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib
   HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib#Version
   HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
   HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid
   HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
   HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
   HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
   HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
   HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid
   HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
   HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
   HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
   HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
   HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid
   HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid32
   HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib
   HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib#Version
   HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
   HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\ProxyStubClsid
   HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\ProxyStubClsid32
   HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\TypeLib
   HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\TypeLib#Version
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version
   HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
   HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
   HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
   HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
   HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
   HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
   HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
   HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
   HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
   HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
   HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
   HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
   HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
   HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
   HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
   HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
   HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
   HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid
   HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid32
   HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib
   HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib#Version
   HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
   HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid
   HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid32
   HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib
   HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib#Version
   HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
   HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid
   HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid32
   HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib
   HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib#Version
   HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
   HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid
   HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid32
   HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib
   HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib#Version
   HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
   HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid
   HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid32
   HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib
   HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib#Version
   HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
   HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid
   HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid32
   HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib
   HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib#Version
   HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
   HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid
   HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid32
   HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib
   HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib#Version
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid32
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib#Version
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid32
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib#Version
   HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
   HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid
   HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
   HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
   HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
   HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
   HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid
   HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
   HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
   HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
   HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
   HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid
   HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid32
   HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib
   HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib#Version
   HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
   HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid
   HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid32
   HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib
   HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib#Version
   HKLM\Software\FocusInteractive
   HKLM\Software\FocusInteractive\bar
   HKLM\Software\FocusInteractive\bar\Switches
   HKLM\Software\FocusInteractive\bar\Switches#incmail.exe
   HKLM\Software\FocusInteractive\bar\Switches#msimn.exe
   HKLM\Software\FocusInteractive\bar\Switches#msn.exe
   HKLM\Software\FocusInteractive\bar\Switches#outlook.exe
   HKLM\Software\FocusInteractive\bar\Switches#waol.exe
   HKLM\Software\FocusInteractive\bar\Switches#aim.exe
   HKLM\Software\FocusInteractive\bar\Switches#icq.exe
   HKLM\Software\FocusInteractive\bar\Switches#icqlite.exe
   HKLM\Software\FocusInteractive\bar\Switches#msmsgs.exe
   HKLM\Software\FocusInteractive\bar\Switches#msnmsgr.exe
   HKLM\Software\FocusInteractive\bar\Switches#ypager.exe
   HKLM\Software\FocusInteractive\bar\Switches#au
   HKLM\Software\FocusInteractive\bar\Switches#mwsSrcAs.dll
   HKLM\Software\FocusInteractive\bar\Switches#ok
   HKLM\Software\FocusInteractive\bar\Switches#od
   HKLM\Software\FocusInteractive\bar\Switches#nk
   HKLM\Software\FocusInteractive\bar\Switches#nd
   HKLM\Software\FocusInteractive\bar\Switches#ps
   HKLM\Software\FocusInteractive\bar\Switches#b2.exe
   HKLM\Software\FocusInteractive\bar\Switches#aolsoftware.exe
   HKLM\Software\FocusInteractive\bar\Switches#googletalk.exe
   HKLM\Software\FocusInteractive\bar\Switches#ypagerj.exe
   HKLM\Software\FocusInteractive\bar\Switches#yahoomessenger.exe
   HKLM\Software\FocusInteractive\bar\Switches#winmail.exe.mui
   HKLM\Software\FocusInteractive\bar\Switches#winmail.exe
   HKLM\Software\FocusInteractive\Email-IM
   HKLM\Software\FocusInteractive\Email-IM\0
   HKLM\Software\FocusInteractive\Email-IM\0#Toolbar
   HKLM\Software\FocusInteractive\Email-IM\0#AppName
   HKLM\Software\FocusInteractive\Email-IM\0#Path
   HKLM\Software\FocusInteractive\Outlook
   HKLM\Software\FocusInteractive\Outlook#MyWebSearch.OutlookAddin
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#DisplayName
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#HelpLink
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#Publisher
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#UninstallString
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#UrlInfoAbout
   C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR
   C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
   C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR
   C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
   C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
   C:\Program Files\MyWebSearch\bar\1.bin
   C:\Program Files\MyWebSearch\bar\2.bin\F3BKGERR.JPG
   C:\Program Files\MyWebSearch\bar\2.bin\F3CJPEG.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\F3HISTSW.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\F3HTTPCT.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\F3POPSWT.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\F3PSSAVR.SCR
   C:\Program Files\MyWebSearch\bar\2.bin\F3REGHK.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\F3REPROX.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\F3RESTUB.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\F3SCHMON.EXE
   C:\Program Files\MyWebSearch\bar\2.bin\F3SCRCTR.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\F3SPACER.WMV
   C:\Program Files\MyWebSearch\bar\2.bin\F3WALLPP.DAT
   C:\Program Files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\FWPBUDDY.PNG
   C:\Program Files\MyWebSearch\bar\2.bin\M3AUXSTB.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\M3DLGHK.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\M3HIGHIN.EXE
   C:\Program Files\MyWebSearch\bar\2.bin\M3HTML.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\M3IDLE.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE
   C:\Program Files\MyWebSearch\bar\2.bin\M3MEDINT.EXE
   C:\Program Files\MyWebSearch\bar\2.bin\M3MSG.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\M3OUTLCN.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\M3SKIN.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE
   C:\Program Files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE
   C:\Program Files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL
   C:\Program Files\MyWebSearch\bar\2.bin\MWSSVC.EXE
   C:\Program Files\MyWebSearch\bar\2.bin
   C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S
   C:\Program Files\MyWebSearch\bar\Avatar
   C:\Program Files\MyWebSearch\bar\Cache\00F55120
   C:\Program Files\MyWebSearch\bar\Cache\00F58347
   C:\Program Files\MyWebSearch\bar\Cache\00F596D7.bin
   C:\Program Files\MyWebSearch\bar\Cache\00F5ADD0.bin
   C:\Program Files\MyWebSearch\bar\Cache\00F5B34C.bin
   C:\Program Files\MyWebSearch\bar\Cache\00F5BA00.bin
   C:\Program Files\MyWebSearch\bar\Cache\00F5E62E.bin
   C:\Program Files\MyWebSearch\bar\Cache\files.ini
   C:\Program Files\MyWebSearch\bar\Cache
   C:\Program Files\MyWebSearch\bar\firefox\chrome\M3FFXTBR.JAR
   C:\Program Files\MyWebSearch\bar\firefox\chrome
   C:\Program Files\MyWebSearch\bar\firefox\CHROME.MANIFEST
   C:\Program Files\MyWebSearch\bar\firefox\INSTALL.RDF
   C:\Program Files\MyWebSearch\bar\firefox\NPMYWEBS.DLL
   C:\Program Files\MyWebSearch\bar\firefox
   C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
   C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
   C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
   C:\Program Files\MyWebSearch\bar\Game
   C:\Program Files\MyWebSearch\bar\History\search3
   C:\Program Files\MyWebSearch\bar\History
   C:\Program Files\MyWebSearch\bar\icons\CM.ICO
   C:\Program Files\MyWebSearch\bar\icons\MFC.ICO
   C:\Program Files\MyWebSearch\bar\icons\PSS.ICO
   C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO
   C:\Program Files\MyWebSearch\bar\icons\WB.ICO
   C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO
   C:\Program Files\MyWebSearch\bar\icons
   C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S
   C:\Program Files\MyWebSearch\bar\Message
   C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S
   C:\Program Files\MyWebSearch\bar\Notifier
   C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm
   C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
   C:\Program Files\MyWebSearch\bar\Settings
   C:\Program Files\MyWebSearch\bar
   C:\Program Files\MyWebSearch
   C:\Program Files\FunWebProducts\ScreenSaver\Images
   C:\Program Files\FunWebProducts\ScreenSaver
   C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
   C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
   C:\Program Files\FunWebProducts\Shared\Cache
   C:\Program Files\FunWebProducts\Shared
   C:\Program Files\FunWebProducts
   C:\Windows\SYSTEM32\F3PSSAVR.SCR

Adware.Zango Toolbar/Hb
   HKLM\Software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
   HKCR\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
   HKCR\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
   HKCR\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\InprocServer32
   HKCR\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\InprocServer32#ThreadingModel
   HKCR\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ProgID
   HKCR\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\Programmable
   HKCR\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\TypeLib
   HKCR\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\VersionIndependentProgID
   HKCR\HostIE.Bho.1
   HKCR\HostIE.Bho.1\CLSID
   HKCR\HostIE.Bho
   HKCR\HostIE.Bho\CLSID
   HKCR\HostIE.Bho\CurVer
   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
   HKLM\Software\Microsoft\Internet Explorer\Toolbar#{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
   HKCR\HbCoreSrv.DynamicProp
   HKCR\HbCoreSrv.DynamicProp\CLSID
   HKCR\HbCoreSrv.DynamicProp\CurVer
   HKCR\HbCoreSrv.DynamicProp.1
   HKCR\HbCoreSrv.DynamicProp.1\CLSID
   HKCR\CoreSrv.CoreServices
   HKCR\CoreSrv.CoreServices\CLSID
   HKCR\CoreSrv.CoreServices\CurVer
   HKCR\CoreSrv.CoreServices.1
   HKCR\CoreSrv.CoreServices.1\CLSID
   HKCR\CoreSrv.LfgAx
   HKCR\CoreSrv.LfgAx\CLSID
   HKCR\CoreSrv.LfgAx\CurVer
   HKCR\CoreSrv.LfgAx.1
   HKCR\CoreSrv.LfgAx.1\CLSID
   HKCR\hbr.HbMain
   HKCR\hbr.HbMain\CLSID
   HKCR\hbr.HbMain\CurVer
   HKCR\hbr.HbMain.1
   HKCR\hbr.HbMain.1\CLSID
   HKCR\HostOL.MailAnim
   HKCR\HostOL.MailAnim\CLSID
   HKCR\HostOL.MailAnim\CurVer
   HKCR\HostOL.MailAnim.1
   HKCR\HostOL.MailAnim.1\CLSID
   HKCR\HostOL.WebmailSend
   HKCR\HostOL.WebmailSend\CLSID
   HKCR\HostOL.WebmailSend\CurVer
   HKCR\HostOL.WebmailSend.1
   HKCR\HostOL.WebmailSend.1\CLSID
   HKCR\Srv.CoreServices
   HKCR\Srv.CoreServices\CLSID
   HKCR\Srv.CoreServices\CurVer
   HKCR\Srv.CoreServices.1
   HKCR\Srv.CoreServices.1\CLSID
   HKCR\Toolbar.HtmlMenuUI
   HKCR\Toolbar.HtmlMenuUI\CLSID
   HKCR\Toolbar.HtmlMenuUI\CurVer
   HKCR\Toolbar.HtmlMenuUI.1
   HKCR\Toolbar.HtmlMenuUI.1\CLSID
   HKCR\Toolbar.ToolbarCtl
   HKCR\Toolbar.ToolbarCtl\CLSID
   HKCR\Toolbar.ToolbarCtl\CurVer
   HKCR\Toolbar.ToolbarCtl.1
   HKCR\Toolbar.ToolbarCtl.1\CLSID
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}#AppID
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\Control
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\Implemented Categories
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\InprocServer32
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\InprocServer32#ThreadingModel
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\MiscStatus
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\MiscStatus\1
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\ProgID
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\Programmable
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\ToolboxBitmap32
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\TypeLib
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\Version
   HKCR\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}\VersionIndependentProgID

Adware.HBHelper
   HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
   HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
   HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
   HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32
   HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32#ThreadingModel
   HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ProgID
   HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\TypeLib
   HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\VersionIndependentProgID
   HKCR\URLSearchHook.ToolbarURLSearchHook.1
   HKCR\URLSearchHook.ToolbarURLSearchHook.1\CLSID
   HKCR\URLSearchHook.ToolbarURLSearchHook
   HKCR\URLSearchHook.ToolbarURLSearchHook\CLSID
   HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
   HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0
   HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0
   HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0\win32
   HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\FLAGS
   HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\HELPDIR
   C:\WINDOWS\DOWNLOADED PROGRAM FILES\TBHELPER.DLL
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
   HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks#{CA3EB689-8F09-4026-AA10-B9534C691CE0}
   HKU\S-1-5-21-184600409-1448506259-940340173-1000\Software\Microsoft\Internet Explorer\URLSearchHooks#{CA3EB689-8F09-4026-AA10-B9534C691CE0}
   HKU\S-1-5-21-184600409-1448506259-940340173-1000_Classes\Software\Microsoft\Internet Explorer\URLSearchHooks#{CA3EB689-8F09-4026-AA10-B9534C691CE0}
   HKU\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks#{CA3EB689-8F09-4026-AA10-B9534C691CE0}

Adware.ShopAtHomeSelect
   HKLM\Software\Classes\CLSID\{E8DAAA30-6CAA-4b58-9603-8E54238

[SuperDave]

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

What kind of problems are you having with your computer?

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• Please save the log to a location you will remember.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
**************************************
Please download: HiJackThis to your Desktop.

• Double Click the HijackThis icon, located on your Desktop.
  
• By Default, it will install to: C:\Program Files\Trend Micro\HijackThis
• Accept the license agreement.
• Click the Open the Misc Tools section button.
  
• Place a checkmark beside Calculate MD5 of files if possible. Then, click Back.
  
• Click Do a System Scan and Save a Logfile. Or, if you see a white screen, click Scan.
  
• Please post the log in your next reply.
  

************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Unzip SecurityCheck.zip and a folder named Security Check should appear.
* Open the Security Check folder and double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

[magicmindfreak99]

i am having problems scanning

[SuperDave]

What sort of problems?

[magicmindfreak99]

It keeps on freezing

[SuperDave]

Download OTL to your desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* When the window appears, underneath Output at the top change it to Minimal Output.
* Check the boxes beside LOP Check and Purity Check.
* Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Please copy and pate the contents of these files, one at a time, into your next reply.

Note: You may need two or more posts to fit them all in.

[magicmindfreak99]

OTL logfile created on: 9/22/2010 7:50:13 PM - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\Macey\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.01 Gb Total Space | 87.93 Gb Free Space | 59.01% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MACEY-PC
Current User Name: Macey
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Macey\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\HBLite\bin\11.0.258.0\HBLiteSA.exe (Pinball Corporation.)
PRC - c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\QuizulousBar\toolbar\1.bin\q2barsvc.exe (Quizulous)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\MSC\McUICnt.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MSM\McSmtFwk.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Users\Macey\AppData\Roaming\Jenkat\Jenkat Games Arcade\NotifyApp.exe ( )
PRC - C:\Program Files\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre6\launch4j-tmp\wowd.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\ParetoLogic\FileCure\FileCure.exe (ParetoLogic)
PRC - C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)
PRC - C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
PRC - C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.)
PRC - C:\Program Files\SGPSA\ie3sh.exe ()
PRC - C:\Program Files\Dealio Toolbar\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\AOL 9.1\shellmon.exe (AOL, LLC.)
PRC - C:\Program Files\AOL 9.1\waol.exe (AOL, LLC.)
PRC - C:\Program Files\Microsoft Works\WkCalRem.exe (Microsoft® Corporation)
PRC - C:\Program Files\Common Files\AOL\1255219001\ee\aolsoftware.exe (AOL LLC)
PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
PRC - C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe ()
PRC - C:\Windows\wanmpsvc.exe (America Online, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Macey\Downloads\OTL.exe (OldTimer Tools)
MOD - c:\Program Files\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (QuizulousBarService) -- C:\Program Files\QuizulousBar\toolbar\1.bin\q2barsvc.exe (Quizulous)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MOBKbackup) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
SRV - (WANMiniportService) WAN Miniport (ATW) -- C:\Windows\wanmpsvc.exe (America Online, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (XDva344) -- C:\Windows\System32\XDva344.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (mfehidk) -- C:\Windows\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (MOBKFilter) -- C:\Windows\System32\drivers\MOBK.sys (Mozy, Inc.)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (nnfwdk) -- C:\Program Files\NetRatingsNetSight\NetSight\meter2\nnfwdk.sys (The Nielsen Company)
DRV - (sscemdm) -- C:\Windows\System32\drivers\sscemdm.sys (MCCI Corporation)
DRV - (sscebus) SAMSUNG USB Composite Device V2 driver (WDM) -- C:\Windows\System32\drivers\sscebus.sys (MCCI Corporation)
DRV - (sscemdfl) -- C:\Windows\System32\drivers\sscemdfl.sys (MCCI Corporation)
DRV - (X4HS32Ex) -- C:\Program Files\Free Ride Games\X4HS32Ex.sys (Exent Technologies Ltd.)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (OA009Vid) -- C:\Windows\System32\drivers\OA009Vid.sys (Creative Technology Ltd.)
DRV - (OA009Ufd) -- C:\Windows\System32\drivers\OA009Ufd.sys (Creative Technology Ltd.)
DRV - (CtClsFlt) -- C:\Windows\System32\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (wanatw) WAN Miniport (ATW) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {9dbb9aeb-5a16-4989-a66f-c0f1c909d647} - C:\Program Files\Free_Radio_TV\tbFre1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2354614
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {5E72625C-99E3-4644-BFF0-315AA91294FA} - C:\Program Files\QuizulousBar\toolbar\1.bin\q2SrcAs.dll (Quizulous)
IE - HKCU\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {9dbb9aeb-5a16-4989-a66f-c0f1c909d647} - C:\Program Files\Free_Radio_TV\tbFre1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll (W3i, LLC)
IE - HKCU\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/07/12 15:08:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\firefox\
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Hotbar\bin\11.0.117.0\firefox\extensions [2010/02/28 21:32:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HBLite\bin\11.0.258.0\firefox\extensions [2010/08/06 14:33:53 | 000,000,000 | ---D | M]
 
[2009/10/12 21:45:02 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\Mozilla\Extensions
[2009/10/12 21:45:02 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\Mozilla\Extensions\[email protected]
[2009/10/10 16:40:16 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\Mozilla\Firefox\extensions
[2009/10/10 16:40:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Macey\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
 
O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Shop to Win 2) - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files\Shop to Win 2\ShoppingBHO.dll (Freecause Inc.)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Search Assistant BHO) - {5E72625B-99E3-4644-BFF0-315AA91294FA} - C:\Program Files\QuizulousBar\toolbar\1.bin\q2SrcAs.dll (Quizulous)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.8.1\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.)
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100517223812.dll (McAfee, Inc.)
O2 - BHO: (Wowd Page Grabber) - {99756919-C498-4D97-9E20-2076DE0E42B9} - C:\Program Files\Wowd\ext\eiexxpw.dll (Edgios Company)
O2 - BHO: (Free Radio TV Toolbar) - {9dbb9aeb-5a16-4989-a66f-c0f1c909d647} - C:\Program Files\Free_Radio_TV\tbFre1.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Toolbar BHO) - {BBD14491-A5A0-4809-9C5A-C9FC6DF0ACB0} - C:\Program Files\QuizulousBar\toolbar\1.bin\q2bar.dll (Quizulous)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.)
O2 - BHO: (NetAssistantBHO Class) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll (W3i, LLC)
O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll (MTWB)
O2 - BHO: (XBTBPos00 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Windows\Downloaded Program Files\tbcore3.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) -  - No CLSID value found.
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (FaceFun) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Windows\Downloaded Program Files\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ShopAtHome Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Free Radio TV Toolbar) - {9dbb9aeb-5a16-4989-a66f-c0f1c909d647} - C:\Program Files\Free_Radio_TV\tbFre1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Quizulous Toolbar) - {BBD14499-A5A0-4809-9C5A-C9FC6DF0ACB0} - C:\Program Files\QuizulousBar\toolbar\1.bin\q2bar.dll (Quizulous)
O3 - HKLM\..\Toolbar: (My.Freeze.com Toolbar) - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - C:\Program Files\My.Freeze.com Toolbar\freeze_ie_na_us.dll ()
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.8.1\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (FaceFun) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Windows\Downloaded Program Files\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O3 - HKCU\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Free Radio TV Toolbar) - {9DBB9AEB-5A16-4989-A66F-C0F1C909D647} - C:\Program Files\Free_Radio_TV\tbFre1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Quizulous Toolbar) - {BBD14499-A5A0-4809-9C5A-C9FC6DF0ACB0} - C:\Program Files\QuizulousBar\toolbar\1.bin\q2bar.dll (Quizulous)
O3 - HKCU\..\Toolbar\WebBrowser: (My.Freeze.com Toolbar) - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - C:\Program Files\My.Freeze.com Toolbar\freeze_ie_na_us.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [AOL Spyware Protection] C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe ()
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.8.1\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe ()
O4 - HKLM..\Run: [HBLiteSA] C:\Program Files\HBLite\bin\11.0.258.0\HBLiteSA.exe (Pinball Corporation.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1255219001\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)
O4 - HKLM..\Run: [Quizulous Plugin] C:\Program Files\QuizulousBar\toolbar\1.bin\q2Plugin.dll (Viveli, Inc)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Dealio Toolbar\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL 9.1\AOL.EXE (AOL, LLC.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKCU..\Run: [fajkmgwe] C:\Users\Macey\AppData\Local\pdjgryxrc\eswpalotssd.exe File not found
O4 - HKCU..\Run: [Jenkat Arcade] C:\Users\Macey\AppData\Roaming\Jenkat\Jenkat Games Arcade\NotifyApp.exe ( )
O4 - HKCU..\Run: [M5T8QL3YW3] C:\Users\Macey\AppData\Local\Temp\Zlk.exe File not found
O4 - HKCU..\Run: [QZAIB7KITK] C:\Users\Macey\AppData\Local\Temp\Zlj.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe File not found
O4 - HKCU..\Run: [WowdStartup] C:\Program Files\Wowd\wowd.exe (Wowd, Inc.)
O4 - HKCU..\Run: [xvysnstx] C:\Users\Macey\AppData\Local\msxpxxyml\vhmovrntssd.exe File not found
O4 - Startup: C:\Users\Macey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wkcalrem.LNK = C:\Program Files\Microsoft Works\WkCalRem.exe (Microsoft® Corporation)
O8 - Extra context menu item: &AOL Toolbar search - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (IE Toolbar)
O9 - Extra 'Tools' menuitem : AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O16 - DPF: {0CE0F418-1010-442D-871C-3454827DD539} http://www.facefun.com/FaceFun_webinstall/FaceFun_product.cab (Reg Error: Key error.)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/common/groove/gx/GrooveAX27.cab (Groove Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Macey\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Macey\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/09/15 15:57:34 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010/09/12 12:16:09 | 000,000,000 | ---D | C] -- C:\Users\Macey\AppData\Roaming\Malwarebytes
[2010/09/12 12:14:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/09/12 12:14:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/09/12 12:14:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/12 12:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/09/10 19:27:45 | 000,000,000 | ---D | C] -- C:\Users\Macey\AppData\Roaming\SUPERAntiSpyware.com
[2010/09/10 19:27:45 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/09/10 19:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/09/03 19:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/03 19:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/09/03 19:30:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/08/12 16:23:28 | 002,734,688 | ---- | C] (Conduit Ltd.) -- C:\Program Files\tbZyng.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010/09/22 19:56:12 | 002,097,152 | -HS- | M] () -- C:\Users\Macey\NTUSER.DAT
[2010/09/22 19:55:44 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{62EFA7FC-2581-4EF3-B59E-12B89B4AFB45}.job
[2010/09/22 19:52:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-184600409-1448506259-940340173-1000UA.job
[2010/09/22 19:07:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/22 18:52:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-184600409-1448506259-940340173-1000Core.job
[2010/09/22 18:37:25 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/22 18:37:25 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\PCConfidential.job
[2010/09/22 18:37:25 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\FileCure Startup.job
[2010/09/22 18:36:39 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2010/09/22 18:34:14 | 000,524,288 | -HS- | M] () -- C:\Users\Macey\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/09/22 18:34:14 | 000,065,536 | -HS- | M] () -- C:\Users\Macey\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/09/22 18:33:58 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/22 18:33:58 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/22 18:33:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/22 18:33:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/22 18:33:46 | 3181,760,512 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/21 08:00:06 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\FileCure.job
[2010/09/20 20:54:21 | 000,002,004 | ---- | M] () -- C:\Users\Macey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/09/20 18:25:46 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2010/09/15 19:59:17 | 353,510,923 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/09/15 17:42:23 | 000,002,024 | ---- | M] () -- C:\Windows\MOBK.blk
[2010/09/15 17:42:23 | 000,001,602 | ---- | M] () -- C:\Windows\MOBK.flt
[2010/09/12 12:14:45 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/11 08:01:50 | 002,422,087 | -H-- | M] () -- C:\Users\Macey\AppData\Local\IconCache.db
[2010/09/11 02:18:52 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2010/09/10 19:26:37 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/09/09 18:53:18 | 000,013,312 | ---- | M] () -- C:\Users\Macey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/03 19:48:28 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/03 19:39:34 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/09/02 14:03:25 | 000,002,292 | ---- | M] () -- C:\Users\Macey\AppData\Roaming\wklnhst.dat
 
========== Files Created - No Company Name ==========
 
[2010/09/20 19:37:23 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2010/09/15 15:46:44 | 353,510,923 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/09/12 12:14:45 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/10 19:26:37 | 000,001,800 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/09/03 19:48:28 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/09/03 19:39:34 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/08/12 16:23:30 | 000,008,101 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2010/08/12 16:23:28 | 000,153,088 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010/07/26 21:17:13 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
[2010/07/26 21:17:13 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll
[2010/01/02 17:04:20 | 000,000,336 | ---- | C] () -- C:\Users\Macey\AppData\Roaming\settings.dat
[2009/12/11 18:57:00 | 000,013,312 | ---- | C] () -- C:\Users\Macey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/11 16:15:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/09/23 16:07:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/22 10:09:53 | 000,002,292 | ---- | C] () -- C:\Users\Macey\AppData\Roaming\wklnhst.dat
[2009/09/22 09:25:07 | 000,055,808 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2009/09/22 09:13:10 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1576.dll
[2009/09/21 21:04:27 | 000,001,356 | ---- | C] () -- C:\Users\Macey\AppData\Local\d3d9caps.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
========== LOP Check ==========
 
[2009/09/22 20:04:24 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\Aim
[2009/10/15 21:05:09 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\Exent Technologies
[2010/08/12 16:23:38 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\FCSB000062035
[2009/11/23 13:23:35 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\gamehouse
[2010/08/06 14:33:53 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\HBLite
[2010/02/28 21:32:13 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\Hotbar
[2009/12/24 15:10:12 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\IMVU
[2009/11/20 08:46:35 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\IMVUClient
[2009/12/07 15:38:48 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\iWin
[2009/10/10 14:30:25 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\Jenkat
[2010/01/19 18:48:50 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\PIM
[2010/03/03 18:13:53 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\PlayFirst
[2010/07/12 17:04:54 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\SecondLife
[2009/10/02 16:31:06 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\Template
[2009/10/10 14:25:33 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\WeatherBug
[2010/09/22 18:48:15 | 000,000,000 | ---D | M] -- C:\Users\Macey\AppData\Roaming\Wowd
[2010/09/22 18:37:25 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\FileCure Startup.job
[2010/09/21 08:00:06 | 000,000,364 | ---- | M] () -- C:\Windows\Tasks\FileCure.job
[2010/09/20 18:25:46 | 000,000,444 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2010/09/11 02:18:52 | 000,000,418 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job
[2010/09/22 18:37:25 | 000,000,416 | ---- | M] () -- C:\Windows\Tasks\PCConfidential.job
[2010/09/16 03:33:01 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/09/22 19:55:44 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{62EFA7FC-2581-4EF3-B59E-12B89B4AFB45}.job
 
========== Purity Check ==========
 
 
< End of report >

[magicmindfreak99]

OTL Extras logfile created on: 9/22/2010 7:50:13 PM - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\Macey\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.01 Gb Total Space | 87.93 Gb Free Space | 59.01% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MACEY-PC
Current User Name: Macey
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Macey\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\ParetoLogic\FileCure\FileCure_noapp.exe %1 (ParetoLogic)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042339BD-5855-48D8-BB77-E3BBCABBDBE2}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{0D95468C-9A45-4FB9-A57D-89F4592F1F0E}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{17B99F76-5F08-48D1-AFE2-965FFDCBDE6D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\aol spyware protection\aolsp scheduler.exe |
"{1CF740BE-9DA9-43DE-AC7E-3548ACBDD1EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1DE668D6-9B76-4598-B7CA-9632B497A16D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{200E8858-7784-44B0-8C92-05D06CB63C5B}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{207442B2-10A7-476E-8266-4963AFB0CBAD}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{2A6FFD5E-C265-4648-B177-9C3F017E230F}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{2ECCC1D0-FF43-45C7-B806-24AC1F35274E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{30F10862-7AD4-4BE8-A2AE-D722E632C03C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{3BB4C85C-542F-4D96-A9B0-512BB439B2E1}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{434B27CC-299D-4F46-85E2-0D396936074E}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{446B142B-31D8-46DB-A83A-994E9AE181E6}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{446DF45C-386D-4045-8154-6DD0810AC2BA}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{453C7030-D3E4-4B6B-B1C0-E47BFADF4849}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4826D997-0D75-4015-82DB-81A1E4CFAA01}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{4B960B19-1DB8-4BED-850D-86468B4B986B}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{4E1226EC-6E0C-4798-A423-E067640AB6A0}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1255219001\ee\aolsoftware.exe |
"{5D8CCAE8-BC14-47E1-BDC3-1C99E44B8E7F}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{637AB648-BE20-4FCD-B871-BC38B7ADE27F}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{6B607F12-17EC-4BCC-953D-4288C66E4EE6}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{72B5F96C-9155-4CCC-A4E4-A93117968D94}" = protocol=17 | dir=in | app=c:\program files\common files\aol\aol spyware protection\asp.exe |
"{7BE8BB0E-C237-418F-AA9D-2D163FB207E6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8C2CCCDA-8207-494A-BF41-15A7296D0933}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{960B92CC-996B-4736-8DDD-542C1038036E}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A7CFC7EB-B7D9-4598-9113-B6060FEA76AD}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{BD920D68-E9B0-4AF7-8F3B-95A45B712567}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{C29AF222-8AE4-4809-92CA-87A879888659}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CB1D197D-5F22-4AF3-A85F-3F360CF41966}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{CD5AA5A1-3764-4703-86BA-B2709A265728}" = protocol=6 | dir=in | app=c:\program files\common files\aol\aol spyware protection\asp.exe |
"{D1395E17-255C-4FA2-8B27-F7014F45EE92}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{D55D3B80-1EB2-486F-A4EF-50188A23CE66}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{D5CBBD88-DABB-4B1A-B75D-35666B9D63F1}" = protocol=17 | dir=in | app=c:\program files\common files\aol\aol spyware protection\aolsp scheduler.exe |
"{D6667496-55E1-4009-B398-C6CDBFD69248}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{DD3D43AB-A633-48CF-8F16-3D8974967069}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{F572CC48-E457-4F9E-90CB-BA4DB0A0FF1C}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F90B76E5-85E7-41F4-94AB-2278F62C096B}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1255219001\ee\aolsoftware.exe |
"TCP Query User{298D3C45-E05D-4A36-A224-534B2443EE80}C:\program files\secondlifeviewer2\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlifeviewer2\slvoice.exe |
"TCP Query User{3E9D2640-9A4F-4FF3-AC64-D3EA1CEED627}C:\program files\java\jre6\launch4j-tmp\wowd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\wowd.exe |
"TCP Query User{EFC09EDA-39A9-4C00-8E3C-A49A1DF2E231}C:\program files\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"UDP Query User{D3E284C2-5B9E-42DC-B721-5ECA6DCDCE13}C:\program files\secondlifeviewer2\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlifeviewer2\slvoice.exe |
"UDP Query User{D7B2919E-EB86-4852-AB5D-96DF6AA175A5}C:\program files\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"UDP Query User{DDD991CB-3931-4E10-932D-3FD01FAD398A}C:\program files\java\jre6\launch4j-tmp\wowd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\wowd.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1081024D-45A4-4C23-9CE2-B7E1A13EF85F}" = Joydesk Games Setup - Arcade
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A4E71A5-643D-4536-B624-995F7E212272}" = WonderKing
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{51E4FE53-D6B0-43A0-B98C-7DE233D53EAB}" = Farming Extreme Manager
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}" = Dealio Toolbar v4.0.1
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C1C441C4-57FA-4950-BDBA-BABFBAA2AA39}" = ParetoLogic FileCure
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E127B28D-1A2A-45C4-A74E-C817E0A74E3E}" = Fiesta
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F226C1DA-66D7-4ABC-86B5-3F978A660EBF}" = AOL Mail and AIM Gadget
"{FBA1239D-189F-4855-88B6-4DBE606D30A5}" = Fiesta
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"300B27DF-97E5-4219-AB2B-03AA67D5D557" = Wowd
"8aac10c4a0261fb7459e9ea05ba9edfe" = Paradise Beach
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AOL Communicator" = AOL Communicator (remove only)
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Spyware Protection" = AOL Spyware Protection
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AOL YGP Screensaver" = AOL You've Got Pictures Screensaver
"AOLCoach" = AOL Coach Version 1.0(Build:20040229.1 en)
"Ask Toolbar_is1" = Ask Toolbar
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"CCleaner" = CCleaner
"Creative OA009" = Integrated Webcam Driver (1.02.01.0320) 
"Dell Webcam Central" = Dell Webcam Central
"e9cf750b4c09f6d0f569578192ee0511" = Kelly Green - Garden Queen
"facemoods" = facemoods
"Free_Radio_TV Toolbar" = Free_Radio_TV Toolbar
"HBLiteSA" = Hotbar
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HotbarSA" = Hotbar
"Jenkat Games Arcade" = Jenkat Games Arcade
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MSC" = McAfee Total Protection
"My.Freeze.com Toolbar" = My.Freeze.com Toolbar
"MysticEmporium" = Mystic Emporium (remove only)
"NetSight" = Nielsen
"Port Magic" = Pure Networks Port Magic
"QuizulousBartoolbar Uninstall" = Quizulous Toolbar
"RealPlayer 6.0" = RealPlayer Basic
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Search Guard Plus" = Search Guard Plus (My Web Tattoo)
"Search Guard Plus Updater" = Search Guard Plus Updater (My Web Tattoo)
"SecondLifeViewer2" = SecondLifeViewer2 (remove only)
"SelectRebatesUninstall" = ShopAtHome SelectRebates
"Shop to Win 2" = Shop to Win 2
"Smilies" = Smilies
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"StreetPlugin" = Learn2 Player (Uninstall Only)
"TBSB00001.TBSB00001Toolbar" = FaceFun
"TBSB07183.TBSB07183Toolbar" = Fast Browser Search (My Web Tattoo)
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"UnityWebPlayer" = Unity Web Player
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Zynga Toolbar" = Zynga Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"SOE-Free Realms" = Free Realms
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

[SuperDave]

Dealio Toolbar is malware. Please uninstall it. Also, SGPSA should be removed for the same reasons.

I strongly recommend that you remove Ask from your computer because it;

•Promotes its toolbars on sites targeted to kids.

•Promotes its toolbars through ads that appear to be part of other companies' sites.

•Promotes its toolbars through other companies' spyware.

•Installs without any disclosure whatsoever and without any consent whatsoever.

•Solicits installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.

•Makes confusing changes to users' browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit.

See Here for more info.

If you choose to follow my recommendation then please go to Start > Control Panel > Add/Remove Programs and remove the following programs if present.

•AskBarDis or anything related to Ask

Then please find and delete this folder in bold (if present):
C:\Program Files\AskBarDis. or anything related to Ask.
*************************************
My.Freeze.com Toolbar: a Softomate Toolbar variant - Softomate customizes toolbars to customers needs. The dll files for their toolbars contain some spyware/adware functionality, although not all of the toolbars use this. Some of the toolbars are fine to have, so every case is different. Your choice to keep it or not.
Also, MyWebSearch:  A Conduit "Community Toolbar" - modifies the default IE URL search hook. Conduit toolbars are reputed to have a certain trackware functionality.
And Zynga: A Conduit "Community Toolbar" - modifies the default IE URL search hook. Conduit toolbars are reputed to have a certain trackware functionality.
And Free_Radio_TV for the same reasons as above.
And Downloaded Program Files: Pugi/Softomate toolbar variant. Occasionally a Softomate toolbar will be installed by a legitimate application, but most often they're installed by various non-legitimate means and in such a case they're obviously parasites. If in any doubt, remove!
**********************************************
You have Viewpoint installed.

Viewpoint Media Player/Manager/Toolbar is considered as Foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad".

More information:

* ViewMgr.exe - Useless
* Viewpoint to Plunge Into Adware

It is suggested to remove the program now. Go to Start > Control Panel > Add/Remove Programs - (Vista & Win7 is Programs and Features) and remove the following programs if present.

* Viewpoint
* Viewpoint Manager
* Viewpoint Media Player
* Viewpoint Toolbar
* Viewpoint Experience Technology
**************************************

* Open OTL
* Copy and Paste the following text in the codebox into the Custom Scans/Fixes window.

Code: [Select]

:OTL
IE - HKCU\..\URLSearchHook: {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.)
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\firefox\
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) -  - No CLSID value found.
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (ShopAtHome Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O4 - HKLM..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Dealio Toolbar\SearchSettings.exe (Spigot, Inc.)
O4 - HKCU..\Run: [fajkmgwe] C:\Users\Macey\AppData\Local\pdjgryxrc\eswpalotssd.exe File not found
O4 - HKCU..\Run: [M5T8QL3YW3] C:\Users\Macey\AppData\Local\Temp\Zlk.exe File not found
O4 - HKCU..\Run: [QZAIB7KITK] C:\Users\Macey\AppData\Local\Temp\Zlj.exe File not found
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe File not found
O4 - HKCU..\Run: [xvysnstx] C:\Users\Macey\AppData\Local\msxpxxyml\vhmovrntssd.exe File not found
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)

:Files
C:\Windows\MEMORY.DMP

:COMMANDS
[resethosts]
[purity]
[clearrestorepoints]
[emptytemp]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.
******************************************
Download WhoCrashed from here
This program checks for any drivers which may have been causing your computer to crash....

Click on the file you just downloaded and run it.
Put a tick in Accept then click on Next
Put a tick in the Don't create a start menu folder then click Next
Put a tick in Create a Desktop Icon then click on Install and make sure there is a tick in Launch Whocrashed before clicking Finish
Click Analyze
It will want to download the Debugger and install it  say Yes

WhoCrashed will create report but you have to scroll down to see it
Copy and paste it into your next reply