LandzDown Forum

I ran Super AntiSpyware and it found 11 of these and removed 10 - but one cannot be removed.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_31
Run by Rita at 13:51:37 on 2012-07-11
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3070.1769 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Windows\system32\F5InstallerService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\ProgramData\IBUpdaterService\ibsvc.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\svchost.exe -k secsvcs
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\Rita\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe
C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files\HP\Button Manager\BM.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\Southwest Airlines\Ding\Ding.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://yahoo.com/
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
uWindow Title = Windows Internet Explorer provided by Yahoo!
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn3\YTNavAssist.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: Savings Sidekick: {11111111-1111-1111-1111-110011501160} - c:\program files\savings sidekick\Savings Sidekick.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: KeyScramblerBHO Class: {2b9f5787-88a5-4945-90e7-c4b18563bc5e} - c:\program files\keyscrambler\KeyScramblerIE.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SpecialSavings: {74f475fa-6c75-43bd-aab9-ecda6184f600} - c:\program files\specialsavings\SpecialSavingsSinged.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn3\YTSingleInstance.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - No File
TB: {D0523BB4-21E7-11DD-9AB7-415B56D89593} - No File
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [YSearchProtection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [ALconnect] c:\users\rita\appdata\roaming\directlife\alconnect\ALconnect.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [basicsmssmenu] "c:\program files\seagate\basics\basics status\MaxMenuMgrBasics.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Google Updater] "c:\program files\google\google updater\GoogleUpdater.exe" -check_deprecation
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\rita\appdata\roaming\micros~1\windows\startm~1\programs\startup\ding!.lnk - c:\program files\southwest airlines\ding\Ding.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\audibl~1.lnk - c:\program files\audible\bin\AudibleDownloadHelper.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpbutt~1.lnk - c:\program files\hp\button manager\BM.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v2\WG111v2.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\ymetray.lnk - c:\program files\yahoo!\yahoo! music jukebox\ymetray.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - c:\program files\keyscrambler\KeyScramblerIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\specialsavings\SpecialSavingsSinged.dll
Trusted Zone: intuit.com\ttlc
Trusted Zone: weightwatchers.com
DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} - file://C:/Program Files/F5 VPN/F5_TMP/f5certchk.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} - file://C:/Program Files/F5 VPN/F5_TMP/cachecleaner.cab
DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} - file://C:/Program Files/F5 VPN/F5_TMP/urxvpn.cab
DPF: {2D36AF92-04D3-11D8-B719-0000865F231B} - hxxps://my.sabre.com/jars/TMinReqX.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - file://C:/Program Files/F5 VPN/F5_TMP/f5tunsrv.cab
DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} - hxxp://apps.corel.com/nos_dl_manager_dev/plugin/IEGetPlugin.ocx
DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - file://C:/Program Files/F5 VPN/F5_TMP/InstallerControl.cab
DPF: {49EC7987-E331-44E3-B170-748B58A268B9} - file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} - file://C:/Program Files/F5 VPN/F5_TMP/f5InspectionHost.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {7584c670-2274-4efb-b00b-d6aaba6d3850} - file://C:/Program Files/F5 VPN/F5_TMP/msrdp.cab
DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} - file://C:/Program Files/F5 VPN/F5_TMP/vdeskctrl.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8C2D1BF0-5364-403C-9968-E6E348C6B4FB} - hxxp://www.iradiopop.com/IRD/pages/VBIRDPlayer.CAB
DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} - file://C:/Program Files/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - file://C:/Program Files/F5 VPN/F5_TMP/urxshost.cab
DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - file://C:/Program Files/F5 VPN/F5_TMP/urxhost.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} - file://C:/Program Files/F5 VPN/F5_TMP/f5syschk.cab
DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{ECD34062-D513-43E4-B42E-6FF9EE437801} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
AppInit_DLLs: protector.dll c:\progra~1\google\google~1\go36f4~1.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\rita\appdata\roaming\mozilla\firefox\profiles\6skr432c.default\
FF - prefs.js: browser.search.selectedengine - search the web (babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?af=114024&babsrc=hp_ss&mntrid=1a4c7ba500000000000000223f5c840e
FF - prefs.js: keyword.url - hxxp://search.babylon.com/?af=114024&babsrc=adbartrp&mntrid=1a4c7ba500000000000000223f5c840e&q=
FF - component: c:\users\rita\appdata\roaming\mozilla\firefox\profiles\6skr432c.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppdf32.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin4.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin5.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin6.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin7.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\rita\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\users\rita\appdata\roaming\mozilla\firefox\profiles\6skr432c.default\extensions\{dbbb3167-6e81-400f-bbfd-bd8921726f52}\plugins\NPuroamHost.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\drivers\SCMNdisP.sys [2009-8-5 21728]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2006-10-29 208896]
R2 F5 Networks Component Installer;F5 Networks Component Installer;c:\windows\system32\F5InstallerService.exe [2010-8-19 246400]
R2 IBUpdaterService;Updater Service;c:\programdata\ibupdaterservice\ibsvc.exe [2012-7-7 570272]
R2 nmsgopro;GoProto Protocol Driver for NMS;c:\windows\system32\drivers\nmsgopro.sys [2006-9-27 28672]
R2 nmsunidr;UniDriver for NMS;c:\windows\system32\drivers\nmsunidr.sys [2006-10-19 7424]
R2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-i visual effects 2\uCamMonitor.exe [2010-1-21 104960]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2010-1-21 17920]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2009-6-21 114672]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v2.sys [2007-12-26 288768]
R3 urvpndrv;F5 Networks VPN Adapter;c:\windows\system32\drivers\covpnwlh.sys [2010-1-25 34944]
R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1ca1b5d2d110ea5;Google Update Service (gupdate1ca1b5d2d110ea5);c:\program files\google\update\GoogleUpdate.exe [2009-8-12 133104]
S2 SCM_Service;SCM_Service;c:\windows\system32\WinService.exe [2009-8-5 180224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-15 250056]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 f5ipfw;F5 Networks StoneWall Filter;c:\windows\system32\drivers\urfltwlh.sys [2010-9-21 13952]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-11 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-3-9 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-8-12 133104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MCLServiceATL;Intel(R) Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2006-11-18 174552]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-3-24 7808]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-6 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-19 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== File Associations ===============
.
.reg=Regedit.Document
.
=============== Created Last 30 ================
.
2012-07-11 15:34:38   2345984   ----a-w-   c:\windows\system32\win32k.sys
2012-07-11 03:45:37   6762896   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{b9460f67-f7e5-459b-87d9-d9e45a420102}\mpengine.dll
2012-07-08 01:33:31   --------   d-----w-   c:\users\rita\.jsapi
2012-07-08 01:32:38   --------   d-----w-   c:\users\rita\Sabre Red Workspace
2012-07-08 01:28:31   --------   d-----w-   c:\users\rita\appdata\local\Sabre Red Workspace
2012-07-08 00:45:53   --------   d-----w-   c:\windows\Pronto
2012-07-08 00:34:32   --------   d-----w-   C:\SABRE
2012-06-29 04:28:18   --------   dc-h--w-   c:\users\rita\appdata\local\{E8D024FE-9C03-4ECF-B3CA-FB58783D91C2}
2012-06-29 04:14:00   --------   d-----w-   c:\users\rita\appdata\roaming\DirectLife
2012-06-29 04:13:54   --------   d-----w-   c:\users\rita\appdata\local\PackageAware
2012-06-26 15:30:53   --------   d-----w-   c:\users\rita\appdata\local\Macromedia
2012-06-26 02:39:38   --------   d-----w-   c:\programdata\SUPERSetup
2012-06-26 02:38:44   --------   d-----w-   c:\program files\SUPERAntiSpyware
2012-06-19 14:42:31   2422272   ----a-w-   c:\windows\system32\wucltux.dll
2012-06-19 14:41:54   88576   ----a-w-   c:\windows\system32\wudriver.dll
2012-06-19 14:41:29   33792   ----a-w-   c:\windows\system32\wuapp.exe
2012-06-19 14:41:29   171904   ----a-w-   c:\windows\system32\wuwebv.dll
2012-06-12 23:39:46   183808   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2012-06-12 23:39:44   2342400   ----a-w-   c:\windows\system32\msi.dll
2012-06-12 23:39:39   8192   ----a-w-   c:\windows\system32\rdrmemptylst.exe
2012-06-12 23:39:39   58880   ----a-w-   c:\windows\system32\rdpwsx.dll
2012-06-12 23:39:39   129536   ----a-w-   c:\windows\system32\rdpcorekmts.dll
2012-06-12 23:39:38   164352   ----a-w-   c:\windows\system32\profsvc.dll
2012-06-12 23:39:35   140288   ----a-w-   c:\windows\system32\cryptsvc.dll
2012-06-12 23:39:35   1158656   ----a-w-   c:\windows\system32\crypt32.dll
2012-06-12 23:39:35   103936   ----a-w-   c:\windows\system32\cryptnet.dll
.
==================== Find3M  ====================
.
2012-07-08 01:03:45   790520   ----a-w-   c:\windows\system32\protector.dll
2012-06-23 03:04:15   70344   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-23 03:04:15   426184   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-06-06 05:05:52   1390080   ----a-w-   c:\windows\system32\msxml6.dll
2012-06-06 05:05:52   1236992   ----a-w-   c:\windows\system32\msxml3.dll
2012-06-06 05:03:06   805376   ----a-w-   c:\windows\system32\cdosys.dll
2012-06-02 08:33:25   1800192   ----a-w-   c:\windows\system32\jscript9.dll
2012-06-02 08:25:08   1129472   ----a-w-   c:\windows\system32\wininet.dll
2012-06-02 08:25:03   1427968   ----a-w-   c:\windows\system32\inetcpl.cpl
2012-06-02 08:20:33   142848   ----a-w-   c:\windows\system32\ieUnatt.exe
2012-06-02 08:16:52   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2012-06-02 04:45:04   67440   ----a-w-   c:\windows\system32\drivers\ksecdd.sys
2012-06-02 04:45:03   134000   ----a-w-   c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 04:40:59   369336   ----a-w-   c:\windows\system32\drivers\cng.sys
2012-06-02 04:40:39   225280   ----a-w-   c:\windows\system32\schannel.dll
2012-06-02 04:39:10   219136   ----a-w-   c:\windows\system32\ncrypt.dll
.
============= FINISH: 13:52:07.86 ===============

 Results of screen317's Security Check version 0.99.42 
 Windows 7 Service Pack 1 x86 (UAC is enabled) 
 Internet Explorer 9 
``````````````Antivirus/Firewall Check:``````````````[/u]
 Windows Firewall Enabled! 
Microsoft Security Essentials   
  (On Access scanning disabled!)
 Error obtaining update status for antivirus! 
`````````Anti-malware/Other Utilities Check:`````````[/u]
 SUPERAntiSpyware     
 Secunia PSI   
 CCleaner     
 Java(TM) 6 Update 31 
 Java version out of Date!
 Adobe Flash Player    11.3.300.262 
 Adobe Reader X (10.1.3)
 Mozilla Firefox (8.0.1)
 Google Chrome 20.0.1132.47 
````````Process Check: objlist.exe by Laurent````````[/u] 
 Microsoft Security Client Antimalware NisSrv.exe 
`````````````````System Health check`````````````````[/u]
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````[/u]

OK - here it is:  it amazes me that you can make anything out of it!
ComboFix 12-07-13.01 - Rita 07/12/2012  21:16:24.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3070.1777 [GMT -7:00]
Running from: c:\users\Rita\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\bProtector
c:\programdata\bProtector\bProtect.exe
c:\programdata\bProtector\bProtect.settings
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome.manifest
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\background.html
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\browser.xul
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\crossrider.js
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\crossriderapi.js
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\dialog.js
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\lib\faye-browser-min.js
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\manage-apps-style.css
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\manage-apps.html
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\messaging.js
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\options.js
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\options.xul
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\push.html
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\search_dialog.xul
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\chrome\content\update.html
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\defaults\preferences\prefs.js
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\install.rdf
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\locale\en-US\translations.dtd
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\button1.png
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\button2.png
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\button3.png
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\button4.png
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\button5.png
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\crossrider_statusbar.png
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\icon128.png
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\icon16.png
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\icon24.png
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\icon48.png
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\panelarrow-up.png
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\popup.css
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\popup.html
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\popup_binding.xml
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\skin.css
c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\extensions\crossriderapp5060@crossrider.com\skin\update.css
c:\users\Rita\g2ax_customer_downloadhelper_win32_x86.exe
c:\users\Rita\GoToAssistDownloadHelper.exe
c:\windows\security\Database\tmp.edb
c:\windows\UA000079.DLL
.
.
(((((((((((((((((((((((((   Files Created from 2012-06-13 to 2012-07-13  )))))))))))))))))))))))))))))))
.
.
2012-07-13 04:27 . 2012-07-13 04:27   --------   d-----w-   c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-07-13 04:27 . 2012-07-13 04:27   --------   d-----w-   c:\users\IUSR_NMPR\AppData\Local\temp
2012-07-12 13:35 . 2012-05-31 03:41   6762896   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{04A5239F-C72B-45BA-83B9-F1CA5E9398AD}\mpengine.dll
2012-07-11 15:34 . 2012-06-12 02:40   2345984   ----a-w-   c:\windows\system32\win32k.sys
2012-07-08 01:33 . 2012-07-08 01:33   --------   d-----w-   c:\users\Rita\.jsapi
2012-07-08 01:32 . 2012-07-08 01:32   --------   d-----w-   c:\users\Rita\Sabre Red Workspace
2012-07-08 01:28 . 2012-07-08 01:32   --------   d-----w-   c:\users\Rita\AppData\Local\Sabre Red Workspace
2012-07-08 00:45 . 2012-07-08 00:45   --------   d-----w-   c:\windows\Pronto
2012-07-08 00:34 . 2012-07-08 00:34   --------   d-----w-   C:\SABRE
2012-06-29 04:28 . 2012-06-29 04:28   --------   dc-h--w-   c:\users\Rita\AppData\Local\{E8D024FE-9C03-4ECF-B3CA-FB58783D91C2}
2012-06-29 04:14 . 2012-06-29 04:14   --------   d-----w-   c:\users\Rita\AppData\Roaming\DirectLife
2012-06-29 04:13 . 2012-06-29 04:13   --------   d-----w-   c:\users\Rita\AppData\Local\PackageAware
2012-06-26 15:30 . 2012-06-26 15:30   --------   d-----w-   c:\users\Rita\AppData\Local\Macromedia
2012-06-26 02:39 . 2012-06-26 02:40   --------   d-----w-   c:\programdata\SUPERSetup
2012-06-26 02:38 . 2012-06-26 02:38   --------   d-----w-   c:\program files\SUPERAntiSpyware
2012-06-19 14:42 . 2012-06-02 22:19   53784   ----a-w-   c:\windows\system32\wuauclt.exe
2012-06-19 14:42 . 2012-06-02 22:19   45080   ----a-w-   c:\windows\system32\wups2.dll
2012-06-19 14:42 . 2012-06-02 22:19   1933848   ----a-w-   c:\windows\system32\wuaueng.dll
2012-06-19 14:42 . 2012-06-02 22:12   2422272   ----a-w-   c:\windows\system32\wucltux.dll
2012-06-19 14:41 . 2012-06-02 22:19   35864   ----a-w-   c:\windows\system32\wups.dll
2012-06-19 14:41 . 2012-06-02 22:19   577048   ----a-w-   c:\windows\system32\wuapi.dll
2012-06-19 14:41 . 2012-06-02 22:12   88576   ----a-w-   c:\windows\system32\wudriver.dll
2012-06-19 14:41 . 2012-06-02 22:19   171904   ----a-w-   c:\windows\system32\wuwebv.dll
2012-06-19 14:41 . 2012-06-02 22:12   33792   ----a-w-   c:\windows\system32\wuapp.exe
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 22:04 . 2012-04-15 15:45   426184   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-07-11 22:04 . 2011-05-18 14:20   70344   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-01 04:44 . 2012-06-12 23:39   164352   ----a-w-   c:\windows\system32\profsvc.dll
2012-04-28 03:17 . 2012-06-12 23:39   183808   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2012-04-26 04:45 . 2012-06-12 23:39   58880   ----a-w-   c:\windows\system32\rdpwsx.dll
2012-04-26 04:45 . 2012-06-12 23:39   129536   ----a-w-   c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:41 . 2012-06-12 23:39   8192   ----a-w-   c:\windows\system32\rdrmemptylst.exe
2012-04-24 04:36 . 2012-06-12 23:39   140288   ----a-w-   c:\windows\system32\cryptsvc.dll
2012-04-24 04:36 . 2012-06-12 23:39   1158656   ----a-w-   c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-12 23:39   103936   ----a-w-   c:\windows\system32\cryptnet.dll
2011-11-21 04:04 . 2011-12-10 03:10   134104   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-04 1514152]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn3\YTNavAssist.dll" [2011-03-16 214840]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-04 00:31   1514152   ----a-w-   c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-04 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2006-11-12 446976]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2007-03-28 224248]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-11 3905408]
"ALconnect"="c:\users\Rita\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe" [2012-06-18 741504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"basicsmssmenu"="c:\program files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-10 169328]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-11 30192]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-08 421160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-09-30 161336]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-01-04 1391272]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DING!.lnk - c:\program files\Southwest Airlines\Ding\Ding.exe [2006-6-22 462848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Audible Download Manager.lnk - c:\program files\Audible\Bin\AudibleDownloadHelper.exe [2010-10-19 1795488]
Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
HP Button Manager.lnk - c:\program files\HP\Button Manager\BM.exe [2010-1-21 323584]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-10-30 282624]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
NETGEAR WG111v2 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v2\WG111v2.exe [2009-8-5 1261568]
ymetray.lnk - c:\program files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2007-10-3 54512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ      kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
.
[HKLM\~\startupfolder\C:^Users^Rita^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup
path=c:\users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
.
[HKLM\~\startupfolder\C:^Users^Rita^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEMonitor.lnk]
backup=c:\windows\pss\MEMonitor.lnk.Startup
backupExtension=.Startup
path=c:\users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEMonitor.lnk
.
[HKLM\~\startupfolder\C:^Users^Rita^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
path=c:\users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2006-10-17 01:40   1197648   ----a-w-   c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON]
2006-11-18 13:01   182744   ----a-w-   c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 17:55   206064   ----a-w-   c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2010-11-20 12:17   144384   ----a-w-   c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2006-09-29 18:39   151552   ----a-w-   c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2006-10-03 17:35   221184   ----a-w-   c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-10-03 17:37   81920   ----a-w-   c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NMSSupport]
2006-09-26 16:56   423424   ----a-w-   c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 12:17   1174016   ----a-w-   c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
2010-11-20 12:20   859648   ----a-w-   c:\windows\System32\OobeFldr.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2009-07-14 01:14   65024   ----a-w-   c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
2007-03-28 22:10   224248   ----a-w-   c:\program files\Yahoo!\Search Protection\SearchProtection.exe
.
R2 gupdate1ca1b5d2d110ea5;Google Update Service (gupdate1ca1b5d2d110ea5);c:\program files\Google\Update\GoogleUpdate.exe

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

R3 f5ipfw;F5 Networks StoneWall Filter;c:\windows\system32\drivers\urfltwlh.sys

R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys

R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe

S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe

S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

S2 F5 Networks Component Installer;F5 Networks Component Installer;c:\windows\system32\F5InstallerService.exe

S2 IBUpdaterService;Updater Service;c:\programdata\IBUpdaterService\ibsvc.exe

S2 nmsgopro;GoProto Protocol Driver for NMS;c:\windows\system32\DRIVERS\nmsgopro.sys

S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys

S2 SCM_Service;SCM_Service;c:\windows\System32\WinService.exe

S2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys

S3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys

S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe

S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys

S3 urvpndrv;F5 Networks VPN Adapter;c:\windows\system32\DRIVERS\covpnwlh.sys

S3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS

S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS

.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - avgntflt
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-07-14 01:14   126464   ----a-w-   c:\windows\System32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 22:04]
.
2012-07-08 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2010-06-28 20:57]
.
2012-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-12 14:57]
.
2012-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-12 14:57]
.
2012-07-13 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]
.
2012-07-13 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-04-06 21:30]
.
2012-06-30 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]
.
2012-07-13 c:\windows\Tasks\User_Feed_Synchronization-{17ED33CB-05F1-4DA1-9A19-750230D986D6}.job
- c:\windows\system32\msfeedssync.exe [2011-05-13 18:03]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uStart Page = hxxp://yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\SpecialSavings\SpecialSavingsSinged.dll
Trusted Zone: intuit.com\ttlc
Trusted Zone: weightwatchers.com
TCP: DhcpNameServer = 192.168.1.1
DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
DPF: {2D36AF92-04D3-11D8-B719-0000865F231B} - hxxps://my.sabre.com/jars/TMinReqX.dll
DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
DPF: {49EC7987-E331-44E3-B170-748B58A268B9} - file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
DPF: {8C2D1BF0-5364-403C-9968-E6E348C6B4FB} - hxxp://www.iradiopop.com/IRD/pages/VBIRDPlayer.CAB
DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} - file://C:/Program Files/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab
DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
FF - ProfilePath - c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\
FF - prefs.js: browser.search.selectedengine - search the web (babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?af=114024&babsrc=hp_ss&mntrid=1a4c7ba500000000000000223f5c840e
FF - prefs.js: keyword.url - hxxp://search.babylon.com/?af=114024&babsrc=adbartrp&mntrid=1a4c7ba500000000000000223f5c840e&q=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
------- File Associations -------
.
.reg=Regedit.Document
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - (no file)
Notify-GoToAssist - c:\program files\Citrix\GoToAssist\514\G2AWinLogon.dll
MSConfigStartUp-Corel Photo Downloader - c:\program files\Corel\Corel Snapfire Plus\PhotoDownloader.exe
MSConfigStartUp-NvCplDaemon - c:\windows\system32\NvCpl.dll
MSConfigStartUp-NvMediaCenter - c:\windows\system32\NvMcTray.dll
MSConfigStartUp-NvSvc - c:\windows\system32\nvsvc.dll
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
AddRemove-Random House Webster's Unabridged Dictionary - c:\program files\Random House
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3500)
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Seagate\Basics\Service\SyncServicesBasics.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2012-07-12  21:36:19 - machine was rebooted
ComboFix-quarantined-files.txt  2012-07-13 04:36
.
Pre-Run: 94,117,797,888 bytes free
Post-Run: 94,078,337,024 bytes free
.
- - End Of File - - BE052AFE48EEDB1636C22C4F7C962F22

Hi, Rita.

Firefox is way out of date.  It is currently at version 13.0.1 and you have Mozilla Firefox (8.0.1) installed.  Although I am not found of the "rapid-release" schedule Mozilla has been using for Firefox, critical security updates have been included in the updates.

Please uninstall Java(TM) 6 Update 31 and update to the latest version, JRE7u5 from http://www.oracle.com/technetwork/java/javase/downloads/jre7-downloads-1637588.html  (Note:  Watch for pre-checked extras offered with the software.)

Please go here to run an ESET on-line scan.

➡Notes:

✱  It is easiest if you use Internet explorer for this scan. 
✱  If you use an alternate browser, it will be necessary to download the ESET Smart Installer, esetsmartinstaller_enu.exe, when prompted, then double-click to install.  Vista/Windows 7 users, select Run as Administrator.
✱  Temporarily disable your antivirus and anti-malware security applications during the scan.  This can usually be accomplished by a right-click on the icon in the System Tray.  If you are unsure how to disable your security software, see the instructions in this topic at Tech Support Forum:  .

• Select the option YES, I accept the Terms of Use then click:
  
• When prompted allow the Add-On/Active X to install.
  
• Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  
• Now click on Advanced Settings and select the following:
  ➞ Scan for potentially unwanted applications
  ➞ Scan for potentially unsafe applications
  ➞ Enable Anti-Stealth Technology
  
• Click the Start button:
  
• The virus signature database... will begin to download.  Be patient.  This make take some time depending on your Internet connection.
  
• When the signatures have completed downloading, the Online Scan will begin automatically.
  
• Do not touch either the mouse or keyboard during the scan.  Otherwise it may stall.
  
• When the scan is completed, make sure you copy the log file and, if you wish, select Uninstall application on close.
  
• Click the Finish button,
  
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  
• Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your antivirus and anti-malware software after the scan is complete!

this is what it found - i couldn't exactly follow your directions so hope this is what you need:
C:\Qoobox\Quarantine\C\ProgramData\bProtector\bProtect.exe.vir   a variant of Win32/bProtector application
C:\Users\Rita\Downloads\PDFCreatorSetup.exe   a variant of Win32/InstallCore.E application
C:\Windows\System32\protector.dll   a variant of Win32/bProtector application

Hi Corrine,
Thank you so much for being there!

https://www.virustotal.com/file/ca1f3140cbcb826117bdf497d6d27f57ea980145c40450c47404c403bc1d8a3d/analysis/1342750062/

https://www.virustotal.com/file/38af8aab17a553b4560e73cee76fc077739baf77dcc2a25e05528d55c1c9a587/analysis/1342750297/

Here are the results:   Thanks!! 
ComboFix 12-07-20.02 - Rita 07/20/2012   8:18.2.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3070.1936 [GMT -7:00]
Running from: c:\users\Rita\Downloads\ComboFix.exe
Command switches used :: c:\users\Rita\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Rita\Downloads\PDFCreatorSetup.exe"
"c:\windows\system32\protector.dll"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\precache.exe
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Updater\config.xml
c:\program files\Ask.com\Updater\Updater.exe
c:\program files\Ask.com\UpdateTask.exe
.
.
(((((((((((((((((((((((((   Files Created from 2012-06-20 to 2012-07-20  )))))))))))))))))))))))))))))))
.
.
2012-07-20 15:29 . 2012-07-20 15:29   --------   d-----w-   c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-07-20 15:29 . 2012-07-20 15:29   --------   d-----w-   c:\users\IUSR_NMPR\AppData\Local\temp
2012-07-20 15:29 . 2012-07-20 15:29   --------   d-----w-   c:\users\Default\AppData\Local\temp
2012-07-20 14:49 . 2012-06-29 08:44   6891424   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{D624FAA3-E9FF-4B2E-8B57-992B21D68C8E}\mpengine.dll
2012-07-20 05:03 . 2012-07-03 20:46   22344   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-07-19 21:03 . 2012-07-19 21:03   --------   d--h--w-   c:\windows\AxInstSV
2012-07-19 21:02 . 2012-07-19 21:02   --------   d-----w-   c:\program files\Common Files\Java
2012-07-19 21:01 . 2012-07-19 21:01   --------   d-----w-   c:\program files\Oracle
2012-07-19 21:01 . 2012-07-06 05:06   772544   ----a-w-   c:\windows\system32\npDeployJava1.dll
2012-07-11 15:34 . 2012-06-12 02:40   2345984   ----a-w-   c:\windows\system32\win32k.sys
2012-07-08 01:33 . 2012-07-08 01:33   --------   d-----w-   c:\users\Rita\.jsapi
2012-07-08 01:32 . 2012-07-08 01:32   --------   d-----w-   c:\users\Rita\Sabre Red Workspace
2012-07-08 01:28 . 2012-07-08 01:32   --------   d-----w-   c:\users\Rita\AppData\Local\Sabre Red Workspace
2012-07-08 00:45 . 2012-07-08 00:45   --------   d-----w-   c:\windows\Pronto
2012-07-08 00:34 . 2012-07-08 00:34   --------   d-----w-   C:\SABRE
2012-06-29 04:28 . 2012-06-29 04:28   --------   dc-h--w-   c:\users\Rita\AppData\Local\{E8D024FE-9C03-4ECF-B3CA-FB58783D91C2}
2012-06-29 04:14 . 2012-06-29 04:14   --------   d-----w-   c:\users\Rita\AppData\Roaming\DirectLife
2012-06-29 04:13 . 2012-06-29 04:13   --------   d-----w-   c:\users\Rita\AppData\Local\PackageAware
2012-06-26 15:30 . 2012-06-26 15:30   --------   d-----w-   c:\users\Rita\AppData\Local\Macromedia
2012-06-26 02:39 . 2012-06-26 02:40   --------   d-----w-   c:\programdata\SUPERSetup
2012-06-26 02:38 . 2012-06-26 02:38   --------   d-----w-   c:\program files\SUPERAntiSpyware
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 22:04 . 2012-04-15 15:45   426184   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-07-11 22:04 . 2011-05-18 14:20   70344   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 05:06 . 2010-04-20 15:31   687544   ----a-w-   c:\windows\system32\deployJava1.dll
2012-06-02 22:19 . 2012-06-19 14:41   171904   ----a-w-   c:\windows\system32\wuwebv.dll
2012-06-02 22:19 . 2012-06-19 14:42   53784   ----a-w-   c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-19 14:42   45080   ----a-w-   c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-19 14:41   35864   ----a-w-   c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-19 14:41   577048   ----a-w-   c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-19 14:42   1933848   ----a-w-   c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-19 14:42   2422272   ----a-w-   c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-19 14:41   33792   ----a-w-   c:\windows\system32\wuapp.exe
2012-06-02 22:12 . 2012-06-19 14:41   88576   ----a-w-   c:\windows\system32\wudriver.dll
2012-05-31 19:25 . 2009-10-05 18:33   237072   ------w-   c:\windows\system32\MpSigStub.exe
2012-05-01 04:44 . 2012-06-12 23:39   164352   ----a-w-   c:\windows\system32\profsvc.dll
2012-04-28 03:17 . 2012-06-12 23:39   183808   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2012-04-26 04:45 . 2012-06-12 23:39   58880   ----a-w-   c:\windows\system32\rdpwsx.dll
2012-04-26 04:45 . 2012-06-12 23:39   129536   ----a-w-   c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:41 . 2012-06-12 23:39   8192   ----a-w-   c:\windows\system32\rdrmemptylst.exe
2012-04-24 04:36 . 2012-06-12 23:39   140288   ----a-w-   c:\windows\system32\cryptsvc.dll
2012-04-24 04:36 . 2012-06-12 23:39   1158656   ----a-w-   c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-12 23:39   103936   ----a-w-   c:\windows\system32\cryptnet.dll
2011-11-21 04:04 . 2011-12-10 03:10   134104   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn3\YTNavAssist.dll" [2011-03-16 214840]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2006-11-12 446976]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2007-03-28 224248]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-11 3905408]
"ALconnect"="c:\users\Rita\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe" [2012-06-18 741504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"basicsmssmenu"="c:\program files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-10 169328]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-11 30192]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-08 421160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-09-30 161336]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DING!.lnk - c:\program files\Southwest Airlines\Ding\Ding.exe [2006-6-22 462848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Audible Download Manager.lnk - c:\program files\Audible\Bin\AudibleDownloadHelper.exe [2010-10-19 1795488]
Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
HP Button Manager.lnk - c:\program files\HP\Button Manager\BM.exe [2010-1-21 323584]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-10-30 282624]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
NETGEAR WG111v2 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v2\WG111v2.exe [2009-8-5 1261568]
ymetray.lnk - c:\program files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2007-10-3 54512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ      kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
.
[HKLM\~\startupfolder\C:^Users^Rita^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup
path=c:\users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
.
[HKLM\~\startupfolder\C:^Users^Rita^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEMonitor.lnk]
backup=c:\windows\pss\MEMonitor.lnk.Startup
backupExtension=.Startup
path=c:\users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEMonitor.lnk
.
[HKLM\~\startupfolder\C:^Users^Rita^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
path=c:\users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2006-10-17 01:40   1197648   ----a-w-   c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON]
2006-11-18 13:01   182744   ----a-w-   c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 17:55   206064   ----a-w-   c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2010-11-20 12:17   144384   ----a-w-   c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2006-09-29 18:39   151552   ----a-w-   c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2006-10-03 17:35   221184   ----a-w-   c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-10-03 17:37   81920   ----a-w-   c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NMSSupport]
2006-09-26 16:56   423424   ----a-w-   c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 12:17   1174016   ----a-w-   c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
2010-11-20 12:20   859648   ----a-w-   c:\windows\System32\OobeFldr.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2009-07-14 01:14   65024   ----a-w-   c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
2007-03-28 22:10   224248   ----a-w-   c:\program files\Yahoo!\Search Protection\SearchProtection.exe
.
R2 gupdate1ca1b5d2d110ea5;Google Update Service (gupdate1ca1b5d2d110ea5);c:\program files\Google\Update\GoogleUpdate.exe

R2 SCM_Service;SCM_Service;c:\windows\System32\WinService.exe

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

R3 f5ipfw;F5 Networks StoneWall Filter;c:\windows\system32\drivers\urfltwlh.sys

R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe

R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe

S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe

S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

S2 F5 Networks Component Installer;F5 Networks Component Installer;c:\windows\system32\F5InstallerService.exe

S2 IBUpdaterService;Updater Service;c:\programdata\IBUpdaterService\ibsvc.exe

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe

S2 nmsgopro;GoProto Protocol Driver for NMS;c:\windows\system32\DRIVERS\nmsgopro.sys

S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys

S2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys

S3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys

S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe

S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys

S3 urvpndrv;F5 Networks VPN Adapter;c:\windows\system32\DRIVERS\covpnwlh.sys

S3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS

S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS

.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - avgntflt
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-07-14 01:14   126464   ----a-w-   c:\windows\System32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 22:04]
.
2012-07-19 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2010-06-28 20:57]
.
2012-07-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-25 17:57]
.
2012-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-12 14:57]
.
2012-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-12 14:57]
.
2012-07-19 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]
.
2012-07-19 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-04-06 21:30]
.
2012-06-30 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]
.
2012-07-20 c:\windows\Tasks\User_Feed_Synchronization-{17ED33CB-05F1-4DA1-9A19-750230D986D6}.job
- c:\windows\system32\msfeedssync.exe [2011-05-13 18:03]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uStart Page = hxxp://yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\SpecialSavings\SpecialSavingsSinged.dll
Trusted Zone: intuit.com\ttlc
Trusted Zone: weightwatchers.com
TCP: DhcpNameServer = 192.168.1.1
DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
DPF: {2D36AF92-04D3-11D8-B719-0000865F231B} - hxxps://my.sabre.com/jars/TMinReqX.dll
DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
DPF: {49EC7987-E331-44E3-B170-748B58A268B9} - file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
DPF: {8C2D1BF0-5364-403C-9968-E6E348C6B4FB} - hxxp://www.iradiopop.com/IRD/pages/VBIRDPlayer.CAB
DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} - file://C:/Program Files/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab
DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
FF - ProfilePath - c:\users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6skr432c.default\
FF - prefs.js: browser.search.selectedengine - search the web (babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?af=114024&babsrc=hp_ss&mntrid=1a4c7ba500000000000000223f5c840e
FF - prefs.js: keyword.url - hxxp://search.babylon.com/?af=114024&babsrc=adbartrp&mntrid=1a4c7ba500000000000000223f5c840e&q=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files\Ask.com\Updater\Updater.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-07-20  08:32:42
ComboFix-quarantined-files.txt  2012-07-20 15:32
ComboFix2.txt  2012-07-13 04:36
.
Pre-Run: 95,454,724,096 bytes free
Post-Run: 95,565,991,936 bytes free
.
- - End Of File - - 5E7D7AF03DBEFCB7DFB19E1FC66E41CF

Thanks
I have no idea!!!  Can you tell me?  LOL    does this show that those trojans or malware or whatever they were were removed?  I don't know how to tell!!!  How can I check?  Also, I'm afraid that Microsoft Security Essentials is disabled like it was before, and I don't know how to get that back.  Am I supposed to have it along with the AntiMalware and SuperAntiSpyware?   Thanks!
Rita

The Firewall says it is turned on.  I can't find Windows Security Center, but when I followed your instructions it was already set to Automatic - I clicked start, and I got the message that Micosoft Security Essentials is turned off and must be turned on manually - it said click for more info, and whe i did I got this screen:  (I just attached it - hope you can see it )  basically it says the same thing - MSE is turned off, and the turn on button is grayed out.