Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

My computer is slowly dying

(In Progress)
(!)

ep2002's Avatar
ep2002 ep2002 is offline
Computer Specs
Member with 182 posts.
THREAD STARTER
 
Join Date: Oct 2006
Location: Windsor, Ontario (Canada)
Experience: Intermediate
22-Jul-2012, 04:33 AM #181
Quote:
Originally Posted by eddie5659 View Post

[b]c:\windows\temp\jna1300848490281619442.dll
Ok, I'm very confused.

I ran that one above 4 times & each time it said it was already scanned & it called it a different #...

This file has been scanned before. The results for this previous scan are listed below.


Filename: jna1189247634826652252.dll
Status:
Scan finished. 0 out of 20 scanners reported malware.
Scan taken on: Sat 21 Jul 2012 17:17:00 (CET) Permalink
ep2002's Avatar
ep2002 ep2002 is offline
Computer Specs
Member with 182 posts.
THREAD STARTER
 
Join Date: Oct 2006
Location: Windsor, Ontario (Canada)
Experience: Intermediate
22-Jul-2012, 04:35 AM #182
It did it again & that permalink doesn't work hence me having to copy & paste what's there...

This file has been scanned before. The results for this previous scan are listed below.


Filename: jna1189247634826652252.dll
Status:
Scan finished. 0 out of 20 scanners reported malware.
Scan taken on: Sat 21 Jul 2012 17:17:00 (CET) Permalink

Additional info
File size: 349255 bytes
Filetype: PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit
MD5: 28e4d67db8f5a83a47ca92f931d7d5eb
SHA1: 464143281e7cb43270f26249d9f3fa05bba24557




Scanners
[ArcaVir]
2012-07-21 Found nothing
[Frisk F-Prot Antivirus]
2012-07-20 Found nothing
[Avast! antivirus]
2012-07-21 Found nothing
[F-Secure Anti-Virus]
2012-07-21 Found nothing
[Grisoft AVG Anti-Virus]
2012-07-21 Found nothing
[G DATA]
2012-07-21 Found nothing
[Avira AntiVir]
2012-07-21 Found nothing
[Ikarus]
2012-07-21 Found nothing
[Softwin BitDefender]
2012-07-21 Found nothing
[Kaspersky Anti-Virus]
2012-07-21 Found nothing
[ClamAV]
2012-07-21 Found nothing
[Panda Antivirus]
2012-07-21 Found nothing
[CPsecure]
2012-07-21 Found nothing
[Quick Heal]
2012-07-21 Found nothing
[Dr.Web]
2012-07-21 Found nothing
[Sophos]
2012-07-21 Found nothing
[Emsisoft Anti-Malware]
2012-07-21 Found nothing
[VirusBlokAda VBA32]
2012-07-20 Found nothing
[ESET]
2012-07-21 Found nothing
[VirusBuster]
2012-07-20 Found nothing
ep2002's Avatar
ep2002 ep2002 is offline
Computer Specs
Member with 182 posts.
THREAD STARTER
 
Join Date: Oct 2006
Location: Windsor, Ontario (Canada)
Experience: Intermediate
22-Jul-2012, 04:40 AM #183
Quote:
Originally Posted by eddie5659 View Post

Graphics:

This was your old one: 128MB ASUS Extreme AX300 Series

Which I think was this one:

http://reviews.cnet.com/graphics-car...-31302971.html

Can you remember if it was an ATI or Nvidia card?
No sorry I don't. I checked the word doc I have, but I think I already removed it, but I found this, so maybe this is it?

You has said it was an ASUS EAX300 Series, the download we got was from here:

http://support.asus.com/download/dow...AX300%20Series

Last edited by Cookiegal; 22-Jul-2012 at 11:23 AM.. Reason: To fix quote tags
ep2002's Avatar
ep2002 ep2002 is offline
Computer Specs
Member with 182 posts.
THREAD STARTER
 
Join Date: Oct 2006
Location: Windsor, Ontario (Canada)
Experience: Intermediate
22-Jul-2012, 04:42 AM #184
Quote:
Originally Posted by eddie5659 View Post

Can you tell me which driver version you have? To find out, do this:

Control Panel | System | Device Manager.
Under Display Adapter will be the full name of the card.
Right-click and select Properties, then Driver tab.
It's 8.950.0.0
ep2002's Avatar
ep2002 ep2002 is offline
Computer Specs
Member with 182 posts.
THREAD STARTER
 
Join Date: Oct 2006
Location: Windsor, Ontario (Canada)
Experience: Intermediate
22-Jul-2012, 04:44 AM #185
Quote:
Originally Posted by eddie5659 View Post

For the VideoLanClient program, this is the main site:

http://www.videolan.org/index.html

Can you remember getting something from here?
Oh LOL, yes of course I know that software. Had you said VLC I would have known. I don't know it by it's full name.

Everyone uses VLC

Sorry.
ep2002's Avatar
ep2002 ep2002 is offline
Computer Specs
Member with 182 posts.
THREAD STARTER
 
Join Date: Oct 2006
Location: Windsor, Ontario (Canada)
Experience: Intermediate
22-Jul-2012, 05:50 AM #186
Here it is.

Thanks


Michelle

--------------------
OTL logfile created on: 7/22/2012 4:53:37 AM - Run 7
OTL by OldTimer - Version 3.2.53.1 Folder = D:\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.38 Gb Available Physical Memory | 73.41% Memory free
6.09 Gb Paging File | 5.00 Gb Available in Paging File | 82.10% Paging File free
Paging file location(s): C:\pagefile.sys 3072 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 147.72 Gb Total Space | 119.46 Gb Free Space | 80.87% Space Free | Partition Type: NTFS
Drive D: | 142.83 Gb Total Space | 127.79 Gb Free Space | 89.47% Space Free | Partition Type: NTFS
Drive E: | 175.22 Gb Total Space | 148.18 Gb Free Space | 84.57% Space Free | Partition Type: NTFS
Drive G: | 3.65 Gb Total Space | 0.10 Gb Free Space | 2.74% Space Free | Partition Type: FAT32

Computer Name: EXOTIC-3C629299 | User Name: Michelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/13 07:06:00 | 000,161,776 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/07/10 23:58:03 | 000,210,920 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Online Armor\oacat.exe
PRC - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/04 20:36:35 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/05/24 12:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Michelle\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/12/15 13:24:24 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011/10/19 15:56:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/10/19 15:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/10/19 15:56:24 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/10/19 15:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/29 03:22:06 | 000,152,576 | ---- | M] (CrashPlan) -- C:\Program Files\CrashPlan\CrashPlanService.exe
PRC - [2011/03/21 10:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
PRC - [2011/03/07 10:21:00 | 000,107,008 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
PRC - [2011/02/23 15:11:22 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2011/02/02 17:37:22 | 000,500,992 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe
PRC - [2011/02/02 17:37:18 | 000,038,144 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe
PRC - [2010/05/31 09:31:10 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LogMeInSystray.exe
PRC - [2010/02/09 15:43:16 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe
PRC - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe
PRC - [2009/08/18 17:27:06 | 005,137,648 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/10 20:08:44 | 000,212,992 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\system32\stacsv.exe
PRC - [2008/01/31 12:01:38 | 000,159,744 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2007/08/09 01:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004/07/20 12:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2003/03/05 12:02:31 | 000,456,704 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\assistant.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/18 11:23:00 | 000,013,312 | ---- | M] () -- C:\Program Files\CrashPlan\md5.dll
MOD - [2012/07/18 11:22:59 | 000,166,400 | ---- | M] () -- C:\Program Files\CrashPlan\cpnative.dll
MOD - [2012/06/14 23:08:56 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3 e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012/06/14 21:03:01 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbad afaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012/06/14 21:02:50 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4 cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012/06/14 21:00:41 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e 089\System.Runtime.Remoting.dll
MOD - [2012/05/12 18:25:12 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b736 8bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/12 18:25:04 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3 d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012/05/12 18:11:53 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be2 38b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/12 18:10:16 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f93 22f9f2e1bfe\System.ni.dll
MOD - [2012/05/12 18:10:03 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d72 37aa70e935900\mscorlib.ni.dll
MOD - [2012/02/14 21:45:52 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011/11/03 09:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/10/19 15:56:38 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011/04/13 23:19:48 | 002,236,416 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
MOD - [2011/04/13 23:19:48 | 001,396,736 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
MOD - [2011/04/13 23:19:48 | 000,868,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
MOD - [2011/04/13 23:19:48 | 000,847,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
MOD - [2011/04/13 23:19:48 | 000,782,336 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
MOD - [2011/04/13 23:19:48 | 000,688,128 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2011/04/13 23:19:48 | 000,528,384 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
MOD - [2011/04/13 23:19:48 | 000,462,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
MOD - [2011/04/13 23:19:48 | 000,237,568 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2011/04/13 23:19:48 | 000,155,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
MOD - [2011/04/13 23:19:48 | 000,143,360 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2011/04/13 23:19:47 | 000,090,112 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2011/04/13 23:19:47 | 000,044,544 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2011/04/13 23:19:47 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2011/04/13 23:19:46 | 000,471,040 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2011/04/13 23:19:46 | 000,406,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2011/04/13 23:19:46 | 000,129,536 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2011/04/13 23:19:46 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2011/04/13 23:19:46 | 000,062,464 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2011/04/13 23:19:46 | 000,052,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2011/04/13 23:19:45 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
MOD - [2011/04/13 23:19:45 | 000,356,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2011/04/13 23:19:45 | 000,315,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2011/04/13 23:19:45 | 000,264,192 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2011/04/13 23:19:45 | 000,234,496 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2011/04/13 23:19:44 | 000,339,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2011/04/13 23:19:44 | 000,171,520 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2011/04/13 23:19:44 | 000,152,576 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2011/04/13 23:19:44 | 000,098,304 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2011/04/13 23:19:44 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2011/04/13 23:19:43 | 011,503,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2011/04/13 23:19:42 | 000,761,856 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
MOD - [2011/04/13 23:19:42 | 000,684,032 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2011/04/13 23:19:41 | 000,078,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2011/02/02 17:38:46 | 001,049,856 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCTH.dll
MOD - [2011/02/02 17:38:28 | 000,369,920 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCABEx.dll
MOD - [2011/02/02 17:31:32 | 001,548,288 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\Characters\RCSPSkSPVista.dll
MOD - [2010/05/05 10:21:58 | 000,126,976 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\NetFixDll.dll
MOD - [2010/03/16 11:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
MOD - [2009/08/18 17:27:04 | 000,925,696 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/02/28 06:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2003/03/05 12:02:31 | 000,456,704 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\assistant.exe
MOD - [2003/02/16 11:06:44 | 000,122,880 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\tcdbtext.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/07/19 22:00:09 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/13 07:06:00 | 000,161,776 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/10 23:59:45 | 004,382,968 | ---- | M] (Emsi Software GmbH) [Auto | Stopped] -- C:\Program Files\Online Armor\OAsrv.exe -- (SvcOnlineArmor)
SRV - [2012/07/10 23:58:03 | 000,210,920 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Online Armor\oacat.exe -- (OAcat)
SRV - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/12/15 13:24:36 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- D:\Notes\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2011/12/15 13:24:24 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/10/19 15:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/19 15:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/29 03:22:06 | 000,152,576 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)
SRV - [2011/03/21 10:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010/11/08 11:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- D:\Notes\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/08/26 12:40:16 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2008/04/10 20:08:44 | 000,212,992 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2007/08/09 01:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/07/20 12:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RT2860.sys -- (RT80x86)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Folder\MapleStory\npkcrypt.sys -- (npkcrypt)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Michelle\LOCALS~1\Temp\cpuz_x32.sys -- (cpuz129)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Michelle\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/07/11 00:01:14 | 000,031,912 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2012/07/10 23:58:52 | 000,027,632 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2012/07/10 23:58:38 | 000,044,592 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\oahlp32.sys -- (oahlpXX)
DRV - [2012/07/10 23:58:04 | 000,208,312 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/02/14 21:44:58 | 007,585,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2012/01/14 15:02:26 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2011/12/20 01:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011/12/15 13:24:26 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2011/12/09 04:58:16 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/10/19 15:56:50 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/19 15:56:50 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/10/07 16:21:06 | 000,066,048 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2011/06/02 10:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/31 09:31:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- D:\Notes\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/05/31 09:31:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2009/12/30 10:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/11/02 21:06:12 | 000,011,520 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbSib.sys -- (BrUsbSIb) Brother Serial USB Driver(WDM)
DRV - [2009/11/02 21:06:11 | 000,071,424 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerIb.sys -- (BrSerIb) Brother Serial Interface Driver(WDM)
DRV - [2008/07/24 00:55:23 | 000,007,296 | --S- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.SYS -- (EIO)
DRV - [2008/04/10 20:10:10 | 001,271,032 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2008/02/27 11:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2008/01/23 15:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2007/11/09 02:14:09 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2007/03/02 02:36:10 | 000,044,416 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2006/11/15 22:34:40 | 004,225,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/04/24 15:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2006/02/17 09:28:32 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/02/17 09:28:30 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/11/24 17:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2004/07/20 12:19:16 | 000,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2004/07/06 17:56:26 | 000,044,544 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Video3D.sys -- (Video3D)
DRV - [2003/09/25 20:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C 95 A5 63 2D 6B CB 01 [binary data]
IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.exoticpublishing.com/adminDB/freelancers_maintenance.php|http://exoticpublishing.hyperoffice.com/|https://www.mcssl.com/Netcart/login/login.asp?pr=6|https://www.secure-ebook.com/login.jsp?myAction=login|http://www.mimeo.com/|http://www.fiverr.com/|http://www.odesk.com|http://66.7.214.224/cpanel/"
FF - prefs.js..extensions.enabledItems: areadecoder@kevski:1.0.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.72.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://srp.freecause.com/?ourmark=3&sid=100311&q="
FF - prefs.js..network.proxy.autoconfig_url: "http://proxy.uconn.edu:3000/proxy.pac"
FF - prefs.js..network.proxy.http: "http://proxy.uconn.edu:3000/proxy.pac"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/19 22:00:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/06 23:44:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/06/17 17:07:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2010/03/07 07:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Extensions
[2010/03/07 07:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/07/21 04:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions
[2012/07/10 22:31:14 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012/06/04 01:56:09 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2012/07/11 02:41:58 | 000,000,000 | ---D | M] (Roomy Bookmarks Toolbar) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\ALone-live@ya.ru
[2012/07/21 04:09:27 | 000,000,000 | ---D | M] (FreePriceAlerts.com) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\extension@freepricealerts.com
[2012/06/04 01:56:08 | 000,000,000 | ---D | M] ("StretchClock") -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\info@stretchclock.com
[2012/06/26 23:26:05 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\support@lastpass.com
[2012/07/21 04:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\extension@freepricealerts.com\chrome
[2012/07/21 04:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\extension@freepricealerts.com\defaults
[2012/06/27 00:29:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions
[2012/05/23 03:55:55 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/04/27 15:01:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/05/28 23:28:09 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2012/01/18 02:55:25 | 000,000,000 | ---D | M] (FEBE) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2010/05/28 14:52:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}-trash
[2009/12/17 16:02:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}-trash
[2010/08/29 12:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}-trash
[2012/05/31 06:47:34 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2012/05/08 23:46:56 | 000,000,000 | ---D | M] (Page Speed) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2011/04/20 12:37:07 | 000,000,000 | ---D | M] (Multirow Bookmarks Toolbar) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2012/05/11 19:50:29 | 000,000,000 | ---D | M] (FreePriceAlerts.com) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\extension@freepri cealerts.com
[2012/02/19 19:11:13 | 000,000,000 | ---D | M] ("StretchClock") -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\info@stretchclock .com
[2012/06/26 23:26:07 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\support@lastpass. com
[2012/04/20 14:14:39 | 000,000,000 | ---D | M] (WASP) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\wasp@immeria.net
[2010/05/28 14:52:59 | 000,000,000 | ---D | M] (Xsticky-Tool) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\Xsticky-StickyNotes@xsticky.com
[2012/05/11 19:50:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\extension@freepri cealerts.com\chrome
[2012/05/11 19:50:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\extension@freepri cealerts.com\defaults
[2012/03/08 23:41:17 | 000,001,339 | ---- | M] () -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\searchplugins\search-the-web.xml
[2012/07/13 06:45:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/20 20:39:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/05/26 02:14:50 | 000,336,363 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2011/06/24 19:22:44 | 000,025,217 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{B442F4C0-C292-4998-AABE-48608A73BA75}.XPI
[2012/01/21 02:46:48 | 000,138,614 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2012/05/25 00:28:56 | 000,012,835 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\AREADECODER@KEVSK I.XPI
[2012/02/23 23:54:43 | 000,164,722 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\COMPATIBILITY@ADD ONS.MOZILLA.ORG.XPI
[2011/11/17 22:45:04 | 000,058,906 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\IZER@CAMELCAMELCA MEL.COM.XPI
[2012/07/19 22:00:10 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/10 19:56:39 | 000,583,528 | ---- | M] (iLinc Communications, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPCltInst11.dll
[2012/06/16 23:28:55 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/16 23:28:55 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googlerigi nalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie= {inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chro me&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: NPLastPass (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.7_0\nplastpas s.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSky peChromePlugin.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: iLinc Communications Netscape/Mozilla Install Plugin v 11.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPCltInst11.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - Extension: LastPass = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.7_0\
CHR - Extension: LastPass = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.9_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\

O1 HOSTS File: ([2012/02/19 23:54:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Online Armor\OAui.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [KodakShareButtonApp] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [LogMeIn GUI] D:\Notes\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe File not found
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [Personal Assistant] C:\Program Files\Shelltoys\Personal Assistant\assistant.exe ()
O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [RCHotKey] C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe (RingCentral, Inc.)
O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [RCUI] C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe (RingCentral, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator.EXOTIC-3C629299\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (LastPass)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\Michelle\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Michelle\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\Michelle\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to &Evernote - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O15 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\..Trusted Domains: exoticpublishing.com ([]https in Trusted sites)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} http://service.ringcentral.com/Activ...age_Player.cab (RingCentral Message Player Control)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://linksyssupport.webex.com/cli...rt/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.15.12.5 8.5.244.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14C63AB7-91F2-4939-82A0-88C6628A5C31}: DhcpNameServer = 8.15.12.5 8.5.244.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23E4F7C4-7DC6-489A-9574-0FF705F312F3}: DhcpNameServer = 8.15.12.5 8.5.244.6
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\intu-res {9CE7D474-16F9-4889-9BB9-53E2008EAE8A} - C:\Program Files\Common Files\Intuit\intu-res.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Online Armor\oaevent.dll (Emsi Software GmbH)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/23 20:31:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/04/14 22:54:30 | 000,000,166 | ---- | M] () - G:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/15 21:20:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Web Dimensions
[2012/07/15 16:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle\Local Settings\Application Data\Sun
[2012/07/13 07:06:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/07/05 02:12:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2012/07/04 16:36:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/04 16:35:38 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/07/04 16:35:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/26 23:26:10 | 010,974,280 | ---- | C] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe
[2012/06/26 23:25:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle\Start Menu\Programs\LastPass
[2012/06/26 23:25:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LastPass
[2012/06/26 23:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\LastPass
[2012/06/23 14:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee

========== Files - Modified Within 30 Days ==========

[2012/07/22 05:12:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job
[2012/07/22 05:06:00 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/22 04:37:01 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003UA.job
[2012/07/22 04:12:03 | 000,101,376 | ---- | M] () -- C:\Documents and Settings\Michelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/21 20:57:48 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/07/21 10:06:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/21 05:37:02 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003Core.job
[2012/07/18 07:32:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/07/15 21:20:23 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ICCPro.lnk
[2012/07/15 20:37:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/15 20:36:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/15 02:57:05 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/07/13 06:56:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/07/13 06:56:57 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/12 06:08:55 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/07/12 00:37:47 | 000,768,488 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/11 22:20:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/07/11 00:01:14 | 000,031,912 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2012/07/10 23:58:52 | 000,027,632 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2012/07/10 23:58:38 | 000,044,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\oahlp32.sys
[2012/07/10 23:58:04 | 000,208,312 | ---- | M] () -- C:\WINDOWS\System32\drivers\OADriver.sys
[2012/07/05 02:12:31 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/07/04 22:39:41 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\calibre - E-book management.lnk
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/26 23:26:11 | 010,974,280 | ---- | M] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe
[2012/06/26 23:26:10 | 000,001,128 | ---- | M] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk
[2012/06/26 23:25:59 | 000,001,128 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\My LastPass Vault.lnk

========== Files Created - No Company Name ==========

[2012/07/15 21:20:23 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ICCPro.lnk
[2012/07/05 02:12:31 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/07/04 16:36:37 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/07/04 16:36:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/26 23:26:10 | 000,001,128 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk
[2012/06/26 23:25:59 | 000,001,128 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\My LastPass Vault.lnk
[2012/05/29 03:44:37 | 000,069,037 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\Doxillion.dmp
[2012/04/08 18:44:58 | 000,123,072 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/04/08 00:50:56 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Michelle\PUTTY.RND
[2012/02/14 14:32:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/20 00:04:37 | 000,208,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\OADriver.sys
[2012/01/20 00:04:37 | 000,044,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\oahlp32.sys
[2012/01/08 01:59:31 | 000,111,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2011/12/22 15:26:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/09/10 16:24:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\pathping
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Trace
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Source
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Hop
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\eonda.net
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Computing
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\8
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\7
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\6
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\[192.168.1.101]
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\.26.49]
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\over
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\5
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\4
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\3
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\2
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\1
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\0
[2011/05/06 12:19:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys
[2011/02/22 18:18:25 | 000,000,242 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2011/02/22 18:18:25 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2011/02/22 18:17:18 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF10B.DAT
[2011/02/22 18:16:51 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2011/02/22 18:16:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2011/01/03 13:49:39 | 000,166,704 | ---- | C] () -- C:\WINDOWS\System32\R0tiff.dll
[2010/11/18 23:40:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\defogger_reenable
[2010/08/02 10:12:21 | 000,000,435 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/08/02 09:52:52 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\bd7030.dat
[2010/08/02 09:52:31 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2009/06/08 21:32:27 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\$_hpcst$.hpc
[2009/02/16 05:59:24 | 000,000,458 | ---- | C] () -- C:\Documents and Settings\Michelle\clipdat2.rdf
[2008/08/03 22:38:23 | 000,101,376 | ---- | C] () -- C:\Documents and Settings\Michelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2010/02/03 18:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2012/01/06 05:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chit Chat For Facebook
[2011/12/05 17:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2009/08/26 12:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/10/04 14:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CrashPlan
[2008/09/26 22:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.4 Output
[2010/10/05 11:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2012/06/21 03:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileOpen
[2008/07/28 21:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FlashFXP
[2009/08/12 12:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2012/01/22 01:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/07/30 13:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maestro
[2011/11/16 23:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack
[2012/01/07 14:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/09/06 16:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2012/06/01 01:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2009/02/21 12:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2008/08/02 01:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2012/04/16 11:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RingCentral
[2009/06/14 16:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2008/07/24 01:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/07/08 21:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/04/13 22:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{A2A58654-12AA-408A-B411-58A76959BE7F}
[2010/04/22 01:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland
[2010/08/20 08:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\acccore
[2010/08/29 12:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Auslogics
[2012/06/16 00:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\calibre
[2009/11/24 18:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\CBS Interactive
[2008/07/24 02:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/04/08 17:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.infomastery.linkbounder-rmv
[2012/06/17 22:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.webdimensions.instant-content-curator-pro
[2011/10/04 14:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\CrashPlan
[2012/02/27 00:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Domain Name Analyzer v4.1
[2012/06/21 03:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Downloaded Installations
[2012/07/19 14:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Dropbox
[2009/07/17 19:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eBookPro6
[2008/09/26 22:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eFax Messenger
[2008/12/24 14:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eMusic
[2012/06/21 03:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\FileOpen
[2010/04/29 19:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\GARMIN
[2008/09/27 18:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\ICQ
[2009/11/11 18:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Image Zone Express
[2011/01/03 17:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\ImgBurn
[2008/09/26 22:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\j2 Global
[2011/11/29 15:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\mjusbsp
[2012/01/07 14:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\NCH Swift Sound
[2008/08/07 16:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Nexon
[2012/06/21 03:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Nitro PDF
[2012/01/20 00:05:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OnlineArmor
[2010/10/06 12:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OpenCandy
[2012/02/28 14:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OpenOffice.org
[2010/09/01 16:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Password Manager
[2010/07/28 12:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Recordpad
[2011/04/28 01:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Skinux
[2010/04/27 14:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\SmartDraw
[2012/02/27 00:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Softnik Technologies
[2012/03/21 02:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\SystemRequirementsLab
[2011/12/08 20:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\TeamViewer
[2010/03/07 07:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Thunderbird
[2011/10/07 23:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2012/06/01 03:53:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\DoxillionReminder.job
[2012/07/22 05:12:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job

========== Purity Check ==========



< End of report >
ep2002's Avatar
ep2002 ep2002 is offline
Computer Specs
Member with 182 posts.
THREAD STARTER
 
Join Date: Oct 2006
Location: Windsor, Ontario (Canada)
Experience: Intermediate
22-Jul-2012, 05:53 AM #187
Here it is.

Thanks


Michelle

--------------------
OTL logfile created on: 7/22/2012 4:53:37 AM - Run 7
OTL by OldTimer - Version 3.2.53.1 Folder = D:\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.38 Gb Available Physical Memory | 73.41% Memory free
6.09 Gb Paging File | 5.00 Gb Available in Paging File | 82.10% Paging File free
Paging file location(s): C:\pagefile.sys 3072 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 147.72 Gb Total Space | 119.46 Gb Free Space | 80.87% Space Free | Partition Type: NTFS
Drive D: | 142.83 Gb Total Space | 127.79 Gb Free Space | 89.47% Space Free | Partition Type: NTFS
Drive E: | 175.22 Gb Total Space | 148.18 Gb Free Space | 84.57% Space Free | Partition Type: NTFS
Drive G: | 3.65 Gb Total Space | 0.10 Gb Free Space | 2.74% Space Free | Partition Type: FAT32

Computer Name: EXOTIC-3C629299 | User Name: Michelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/13 07:06:00 | 000,161,776 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/07/10 23:58:03 | 000,210,920 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Online Armor\oacat.exe
PRC - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/04 20:36:35 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/05/24 12:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Michelle\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/12/15 13:24:24 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011/10/19 15:56:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/10/19 15:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/10/19 15:56:24 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/10/19 15:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/29 03:22:06 | 000,152,576 | ---- | M] (CrashPlan) -- C:\Program Files\CrashPlan\CrashPlanService.exe
PRC - [2011/03/21 10:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
PRC - [2011/03/07 10:21:00 | 000,107,008 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
PRC - [2011/02/23 15:11:22 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2011/02/02 17:37:22 | 000,500,992 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe
PRC - [2011/02/02 17:37:18 | 000,038,144 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe
PRC - [2010/05/31 09:31:10 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LogMeInSystray.exe
PRC - [2010/02/09 15:43:16 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe
PRC - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe
PRC - [2009/08/18 17:27:06 | 005,137,648 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/10 20:08:44 | 000,212,992 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\system32\stacsv.exe
PRC - [2008/01/31 12:01:38 | 000,159,744 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2007/08/09 01:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004/07/20 12:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2003/03/05 12:02:31 | 000,456,704 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\assistant.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/18 11:23:00 | 000,013,312 | ---- | M] () -- C:\Program Files\CrashPlan\md5.dll
MOD - [2012/07/18 11:22:59 | 000,166,400 | ---- | M] () -- C:\Program Files\CrashPlan\cpnative.dll
MOD - [2012/06/14 23:08:56 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3 e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012/06/14 21:03:01 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbad afaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012/06/14 21:02:50 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4 cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012/06/14 21:00:41 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e 089\System.Runtime.Remoting.dll
MOD - [2012/05/12 18:25:12 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b736 8bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/12 18:25:04 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3 d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012/05/12 18:11:53 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be2 38b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/12 18:10:16 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f93 22f9f2e1bfe\System.ni.dll
MOD - [2012/05/12 18:10:03 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d72 37aa70e935900\mscorlib.ni.dll
MOD - [2012/02/14 21:45:52 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011/11/03 09:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/10/19 15:56:38 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011/04/13 23:19:48 | 002,236,416 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
MOD - [2011/04/13 23:19:48 | 001,396,736 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
MOD - [2011/04/13 23:19:48 | 000,868,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
MOD - [2011/04/13 23:19:48 | 000,847,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
MOD - [2011/04/13 23:19:48 | 000,782,336 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
MOD - [2011/04/13 23:19:48 | 000,688,128 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2011/04/13 23:19:48 | 000,528,384 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
MOD - [2011/04/13 23:19:48 | 000,462,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
MOD - [2011/04/13 23:19:48 | 000,237,568 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2011/04/13 23:19:48 | 000,155,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
MOD - [2011/04/13 23:19:48 | 000,143,360 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2011/04/13 23:19:47 | 000,090,112 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2011/04/13 23:19:47 | 000,044,544 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2011/04/13 23:19:47 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2011/04/13 23:19:46 | 000,471,040 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2011/04/13 23:19:46 | 000,406,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2011/04/13 23:19:46 | 000,129,536 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2011/04/13 23:19:46 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2011/04/13 23:19:46 | 000,062,464 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2011/04/13 23:19:46 | 000,052,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2011/04/13 23:19:45 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
MOD - [2011/04/13 23:19:45 | 000,356,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2011/04/13 23:19:45 | 000,315,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2011/04/13 23:19:45 | 000,264,192 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2011/04/13 23:19:45 | 000,234,496 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2011/04/13 23:19:44 | 000,339,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2011/04/13 23:19:44 | 000,171,520 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2011/04/13 23:19:44 | 000,152,576 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2011/04/13 23:19:44 | 000,098,304 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2011/04/13 23:19:44 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2011/04/13 23:19:43 | 011,503,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2011/04/13 23:19:42 | 000,761,856 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
MOD - [2011/04/13 23:19:42 | 000,684,032 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2011/04/13 23:19:41 | 000,078,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2011/02/02 17:38:46 | 001,049,856 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCTH.dll
MOD - [2011/02/02 17:38:28 | 000,369,920 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCABEx.dll
MOD - [2011/02/02 17:31:32 | 001,548,288 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\Characters\RCSPSkSPVista.dll
MOD - [2010/05/05 10:21:58 | 000,126,976 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\NetFixDll.dll
MOD - [2010/03/16 11:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
MOD - [2009/08/18 17:27:04 | 000,925,696 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/02/28 06:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2003/03/05 12:02:31 | 000,456,704 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\assistant.exe
MOD - [2003/02/16 11:06:44 | 000,122,880 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\tcdbtext.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/07/19 22:00:09 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/13 07:06:00 | 000,161,776 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/10 23:59:45 | 004,382,968 | ---- | M] (Emsi Software GmbH) [Auto | Stopped] -- C:\Program Files\Online Armor\OAsrv.exe -- (SvcOnlineArmor)
SRV - [2012/07/10 23:58:03 | 000,210,920 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Online Armor\oacat.exe -- (OAcat)
SRV - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/12/15 13:24:36 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- D:\Notes\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2011/12/15 13:24:24 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/10/19 15:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/19 15:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/29 03:22:06 | 000,152,576 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)
SRV - [2011/03/21 10:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010/11/08 11:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- D:\Notes\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/08/26 12:40:16 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2008/04/10 20:08:44 | 000,212,992 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2007/08/09 01:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/07/20 12:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RT2860.sys -- (RT80x86)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Folder\MapleStory\npkcrypt.sys -- (npkcrypt)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Michelle\LOCALS~1\Temp\cpuz_x32.sys -- (cpuz129)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Michelle\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/07/11 00:01:14 | 000,031,912 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2012/07/10 23:58:52 | 000,027,632 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2012/07/10 23:58:38 | 000,044,592 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\oahlp32.sys -- (oahlpXX)
DRV - [2012/07/10 23:58:04 | 000,208,312 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/02/14 21:44:58 | 007,585,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2012/01/14 15:02:26 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2011/12/20 01:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011/12/15 13:24:26 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2011/12/09 04:58:16 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/10/19 15:56:50 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/19 15:56:50 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/10/07 16:21:06 | 000,066,048 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2011/06/02 10:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/31 09:31:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- D:\Notes\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/05/31 09:31:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2009/12/30 10:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/11/02 21:06:12 | 000,011,520 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbSib.sys -- (BrUsbSIb) Brother Serial USB Driver(WDM)
DRV - [2009/11/02 21:06:11 | 000,071,424 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerIb.sys -- (BrSerIb) Brother Serial Interface Driver(WDM)
DRV - [2008/07/24 00:55:23 | 000,007,296 | --S- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.SYS -- (EIO)
DRV - [2008/04/10 20:10:10 | 001,271,032 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2008/02/27 11:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2008/01/23 15:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2007/11/09 02:14:09 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2007/03/02 02:36:10 | 000,044,416 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2006/11/15 22:34:40 | 004,225,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/04/24 15:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2006/02/17 09:28:32 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/02/17 09:28:30 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/11/24 17:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2004/07/20 12:19:16 | 000,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2004/07/06 17:56:26 | 000,044,544 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Video3D.sys -- (Video3D)
DRV - [2003/09/25 20:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C 95 A5 63 2D 6B CB 01 [binary data]
IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.exoticpublishing.com/adminDB/freelancers_maintenance.php|http://exoticpublishing.hyperoffice.com/|https://www.mcssl.com/Netcart/login/login.asp?pr=6|https://www.secure-ebook.com/login.jsp?myAction=login|http://www.mimeo.com/|http://www.fiverr.com/|http://www.odesk.com|http://66.7.214.224/cpanel/"
FF - prefs.js..extensions.enabledItems: areadecoder@kevski:1.0.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.72.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://srp.freecause.com/?ourmark=3&sid=100311&q="
FF - prefs.js..network.proxy.autoconfig_url: "http://proxy.uconn.edu:3000/proxy.pac"
FF - prefs.js..network.proxy.http: "http://proxy.uconn.edu:3000/proxy.pac"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/19 22:00:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/06 23:44:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/06/17 17:07:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2010/03/07 07:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Extensions
[2010/03/07 07:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/07/21 04:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions
[2012/07/10 22:31:14 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012/06/04 01:56:09 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2012/07/11 02:41:58 | 000,000,000 | ---D | M] (Roomy Bookmarks Toolbar) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\ALone-live@ya.ru
[2012/07/21 04:09:27 | 000,000,000 | ---D | M] (FreePriceAlerts.com) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\extension@freepricealerts.com
[2012/06/04 01:56:08 | 000,000,000 | ---D | M] ("StretchClock") -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\info@stretchclock.com
[2012/06/26 23:26:05 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\support@lastpass.com
[2012/07/21 04:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\extension@freepricealerts.com\chrome
[2012/07/21 04:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\extension@freepricealerts.com\defaults
[2012/06/27 00:29:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions
[2012/05/23 03:55:55 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/04/27 15:01:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/05/28 23:28:09 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2012/01/18 02:55:25 | 000,000,000 | ---D | M] (FEBE) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2010/05/28 14:52:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}-trash
[2009/12/17 16:02:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}-trash
[2010/08/29 12:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}-trash
[2012/05/31 06:47:34 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2012/05/08 23:46:56 | 000,000,000 | ---D | M] (Page Speed) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2011/04/20 12:37:07 | 000,000,000 | ---D | M] (Multirow Bookmarks Toolbar) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2012/05/11 19:50:29 | 000,000,000 | ---D | M] (FreePriceAlerts.com) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\extension@freepri cealerts.com
[2012/02/19 19:11:13 | 000,000,000 | ---D | M] ("StretchClock") -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\info@stretchclock .com
[2012/06/26 23:26:07 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\support@lastpass. com
[2012/04/20 14:14:39 | 000,000,000 | ---D | M] (WASP) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\wasp@immeria.net
[2010/05/28 14:52:59 | 000,000,000 | ---D | M] (Xsticky-Tool) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\Xsticky-StickyNotes@xsticky.com
[2012/05/11 19:50:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\extension@freepri cealerts.com\chrome
[2012/05/11 19:50:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\extension@freepri cealerts.com\defaults
[2012/03/08 23:41:17 | 000,001,339 | ---- | M] () -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\searchplugins\search-the-web.xml
[2012/07/13 06:45:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/20 20:39:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/05/26 02:14:50 | 000,336,363 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2011/06/24 19:22:44 | 000,025,217 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{B442F4C0-C292-4998-AABE-48608A73BA75}.XPI
[2012/01/21 02:46:48 | 000,138,614 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2012/05/25 00:28:56 | 000,012,835 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\AREADECODER@KEVSK I.XPI
[2012/02/23 23:54:43 | 000,164,722 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\COMPATIBILITY@ADD ONS.MOZILLA.ORG.XPI
[2011/11/17 22:45:04 | 000,058,906 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\IZER@CAMELCAMELCA MEL.COM.XPI
[2012/07/19 22:00:10 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/10 19:56:39 | 000,583,528 | ---- | M] (iLinc Communications, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPCltInst11.dll
[2012/06/16 23:28:55 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/16 23:28:55 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googlerigi nalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie= {inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chro me&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: NPLastPass (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.7_0\nplastpas s.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSky peChromePlugin.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: iLinc Communications Netscape/Mozilla Install Plugin v 11.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPCltInst11.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - Extension: LastPass = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.7_0\
CHR - Extension: LastPass = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.9_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\

O1 HOSTS File: ([2012/02/19 23:54:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Online Armor\OAui.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [KodakShareButtonApp] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [LogMeIn GUI] D:\Notes\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe File not found
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [Personal Assistant] C:\Program Files\Shelltoys\Personal Assistant\assistant.exe ()
O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [RCHotKey] C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe (RingCentral, Inc.)
O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [RCUI] C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe (RingCentral, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator.EXOTIC-3C629299\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (LastPass)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\Michelle\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Michelle\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\Michelle\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to &Evernote - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O15 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\..Trusted Domains: exoticpublishing.com ([]https in Trusted sites)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} http://service.ringcentral.com/Activ...age_Player.cab (RingCentral Message Player Control)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://linksyssupport.webex.com/cli...rt/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.15.12.5 8.5.244.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14C63AB7-91F2-4939-82A0-88C6628A5C31}: DhcpNameServer = 8.15.12.5 8.5.244.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23E4F7C4-7DC6-489A-9574-0FF705F312F3}: DhcpNameServer = 8.15.12.5 8.5.244.6
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\intu-res {9CE7D474-16F9-4889-9BB9-53E2008EAE8A} - C:\Program Files\Common Files\Intuit\intu-res.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Online Armor\oaevent.dll (Emsi Software GmbH)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/23 20:31:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/04/14 22:54:30 | 000,000,166 | ---- | M] () - G:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/15 21:20:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Web Dimensions
[2012/07/15 16:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle\Local Settings\Application Data\Sun
[2012/07/13 07:06:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/07/05 02:12:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2012/07/04 16:36:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/04 16:35:38 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/07/04 16:35:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/26 23:26:10 | 010,974,280 | ---- | C] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe
[2012/06/26 23:25:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle\Start Menu\Programs\LastPass
[2012/06/26 23:25:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LastPass
[2012/06/26 23:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\LastPass
[2012/06/23 14:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee

========== Files - Modified Within 30 Days ==========

[2012/07/22 05:12:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job
[2012/07/22 05:06:00 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/22 04:37:01 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003UA.job
[2012/07/22 04:12:03 | 000,101,376 | ---- | M] () -- C:\Documents and Settings\Michelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/21 20:57:48 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/07/21 10:06:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/21 05:37:02 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003Core.job
[2012/07/18 07:32:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/07/15 21:20:23 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ICCPro.lnk
[2012/07/15 20:37:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/15 20:36:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/15 02:57:05 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/07/13 06:56:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/07/13 06:56:57 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/12 06:08:55 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/07/12 00:37:47 | 000,768,488 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/11 22:20:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/07/11 00:01:14 | 000,031,912 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2012/07/10 23:58:52 | 000,027,632 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2012/07/10 23:58:38 | 000,044,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\oahlp32.sys
[2012/07/10 23:58:04 | 000,208,312 | ---- | M] () -- C:\WINDOWS\System32\drivers\OADriver.sys
[2012/07/05 02:12:31 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/07/04 22:39:41 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\calibre - E-book management.lnk
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/26 23:26:11 | 010,974,280 | ---- | M] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe
[2012/06/26 23:26:10 | 000,001,128 | ---- | M] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk
[2012/06/26 23:25:59 | 000,001,128 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\My LastPass Vault.lnk

========== Files Created - No Company Name ==========

[2012/07/15 21:20:23 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ICCPro.lnk
[2012/07/05 02:12:31 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012/07/04 16:36:37 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/07/04 16:36:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/26 23:26:10 | 000,001,128 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk
[2012/06/26 23:25:59 | 000,001,128 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\My LastPass Vault.lnk
[2012/05/29 03:44:37 | 000,069,037 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\Doxillion.dmp
[2012/04/08 18:44:58 | 000,123,072 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/04/08 00:50:56 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Michelle\PUTTY.RND
[2012/02/14 14:32:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/20 00:04:37 | 000,208,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\OADriver.sys
[2012/01/20 00:04:37 | 000,044,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\oahlp32.sys
[2012/01/08 01:59:31 | 000,111,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2011/12/22 15:26:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/09/10 16:24:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\pathping
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Trace
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Source
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Hop
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\eonda.net
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Computing
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\8
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\7
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\6
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\[192.168.1.101]
[2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\.26.49]
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\over
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\5
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\4
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\3
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\2
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\1
[2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\0
[2011/05/06 12:19:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys
[2011/02/22 18:18:25 | 000,000,242 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2011/02/22 18:18:25 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2011/02/22 18:17:18 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF10B.DAT
[2011/02/22 18:16:51 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2011/02/22 18:16:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2011/01/03 13:49:39 | 000,166,704 | ---- | C] () -- C:\WINDOWS\System32\R0tiff.dll
[2010/11/18 23:40:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\defogger_reenable
[2010/08/02 10:12:21 | 000,000,435 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/08/02 09:52:52 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\bd7030.dat
[2010/08/02 09:52:31 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2009/06/08 21:32:27 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\$_hpcst$.hpc
[2009/02/16 05:59:24 | 000,000,458 | ---- | C] () -- C:\Documents and Settings\Michelle\clipdat2.rdf
[2008/08/03 22:38:23 | 000,101,376 | ---- | C] () -- C:\Documents and Settings\Michelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2010/02/03 18:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2012/01/06 05:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chit Chat For Facebook
[2011/12/05 17:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2009/08/26 12:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/10/04 14:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CrashPlan
[2008/09/26 22:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.4 Output
[2010/10/05 11:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2012/06/21 03:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileOpen
[2008/07/28 21:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FlashFXP
[2009/08/12 12:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2012/01/22 01:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/07/30 13:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maestro
[2011/11/16 23:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack
[2012/01/07 14:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/09/06 16:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2012/06/01 01:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2009/02/21 12:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2008/08/02 01:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2012/04/16 11:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RingCentral
[2009/06/14 16:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2008/07/24 01:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/07/08 21:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/04/13 22:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{A2A58654-12AA-408A-B411-58A76959BE7F}
[2010/04/22 01:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland
[2010/08/20 08:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\acccore
[2010/08/29 12:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Auslogics
[2012/06/16 00:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\calibre
[2009/11/24 18:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\CBS Interactive
[2008/07/24 02:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/04/08 17:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.infomastery.linkbounder-rmv
[2012/06/17 22:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.webdimensions.instant-content-curator-pro
[2011/10/04 14:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\CrashPlan
[2012/02/27 00:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Domain Name Analyzer v4.1
[2012/06/21 03:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Downloaded Installations
[2012/07/19 14:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Dropbox
[2009/07/17 19:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eBookPro6
[2008/09/26 22:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eFax Messenger
[2008/12/24 14:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eMusic
[2012/06/21 03:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\FileOpen
[2010/04/29 19:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\GARMIN
[2008/09/27 18:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\ICQ
[2009/11/11 18:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Image Zone Express
[2011/01/03 17:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\ImgBurn
[2008/09/26 22:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\j2 Global
[2011/11/29 15:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\mjusbsp
[2012/01/07 14:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\NCH Swift Sound
[2008/08/07 16:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Nexon
[2012/06/21 03:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Nitro PDF
[2012/01/20 00:05:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OnlineArmor
[2010/10/06 12:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OpenCandy
[2012/02/28 14:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OpenOffice.org
[2010/09/01 16:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Password Manager
[2010/07/28 12:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Recordpad
[2011/04/28 01:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Skinux
[2010/04/27 14:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\SmartDraw
[2012/02/27 00:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Softnik Technologies
[2012/03/21 02:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\SystemRequirementsLab
[2011/12/08 20:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\TeamViewer
[2010/03/07 07:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Thunderbird
[2011/10/07 23:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2012/06/01 03:53:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\DoxillionReminder.job
[2012/07/22 05:12:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job

========== Purity Check ==========



< End of report >
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,414 posts.
 
Join Date: Mar 2001
Location: Bradford, England
22-Jul-2012, 02:58 PM #188
Okay, they're still there, so looks like we'll have to do this via another route. Thanks for the scans at Jotti, looks like they're Java files, so that's good

So, lets try and remove the entries I've been trying to remove for some time. There are actually two tools I want to use, but we'll try the first one, as its easier

Please download Runscanner to your desktop and run it.
  • When the first page comes up select Beginner Mode
  • On the next page select Save a binary .Run file (Recommended) then click Start full scan at the top.
  • At this time Runscanner.exe may request access to the Internet through your firewall please allow it to do so, it will then run for two or three minutes.
  • On completion it will ask for a location to save the file and a name. It will do this for both the .run file and the log file
  • Call the .run file "RSReport" and save it to your desktop. You will see the RSReport.run file on your desktop. Rightclick on it and select Send To then select Compressed (zipped) Folder and upload that zip here. Click on the Go Advanced button for the uploading options at the bottom of this page (in the picture below )


  • In there, at the bottom, click on the button Manage Attachments (in the picture below .
  • A window will appear, and then Browse to RSReport.zip on your Desktop.
  • Click Upload, and when uploaded click Close this Window
  • Then, in the previous window, click on Add Reply

__________________
Just go with the flow, like a twig on the shoulders of a mighty stream

MVP in Consumer Security
ep2002's Avatar
ep2002 ep2002 is offline
Computer Specs
Member with 182 posts.
THREAD STARTER
 
Join Date: Oct 2006
Location: Windsor, Ontario (Canada)
Experience: Intermediate
22-Jul-2012, 03:31 PM #189
I'm still getting the unresponsive script & again things Online Armor is picking up that I don't know.

http://i972.photobucket.com/albums/a...nlineArmor.jpg
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,414 posts.
 
Join Date: Mar 2001
Location: Bradford, England
23-Jul-2012, 01:40 PM #190
Did that happen when trying to run the RunScanner tool?
ep2002's Avatar
ep2002 ep2002 is offline
Computer Specs
Member with 182 posts.
THREAD STARTER
 
Join Date: Oct 2006
Location: Windsor, Ontario (Canada)
Experience: Intermediate
25-Jul-2012, 09:18 PM #191
You didn't ask for the log file, but I pasted it in here anyway.

Runscanner logfile http://www.runscanner.net

* = signed file
- = file not found

General info
------------
Computer name : EXOTIC-3C629299
Creation time : 7/25/2012 9:10:16 PM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 8.0.6001.18702
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 3
RunScanner Version : 2.0.0.60
User Language : English (United States)
User rights : Administrator
Windows folder : C:\WINDOWS

Running processes
-----------------
* C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
* C:\PROGRA~1\MICROS~3\rapimgr.exe (Microsoft Corporation)
* C:\WINDOWS\system32\alg.exe (Microsoft Corporation)
C:\WINDOWS\ATKKBService.exe (ASUSTeK COMPUTER INC.)
* C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
* C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
* C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
* C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
* C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
* C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
* C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe (Brother Industries, Ltd.)
C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
C:\Program Files\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company)
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
* C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
* C:\WINDOWS\system32\dllhost.exe (Microsoft Corporation)
C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe (Brother Industries, Ltd.)
C:\Program Files\CrashPlan\CrashPlanService.exe (CrashPlan)
* C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
* C:\Documents and Settings\Michelle\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
* C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\WINDOWS\system32\stacsv.exe (IDT, Inc.)
* C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
* C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
* D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
* D:\Notes\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
* C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
* C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
* C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
* C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
* C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\msdtc.exe (Microsoft Corporation)
* C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
* C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
* C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
* C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
* C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
* C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
* C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
* C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
* C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
* C:\Program Files\Online Armor\oacat.exe (Emsi Software GmbH)
* C:\Program Files\Online Armor\oaui.exe (Emsi Software GmbH)
* C:\Program Files\Online Armor\OAsrv.exe (Emsi Software GmbH)
* C:\Program Files\Online Armor\oahlp.exe (Emsi Software GmbH)
C:\Program Files\Shelltoys\Personal Assistant\assistant.exe
* C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
* C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
C:\WINDOWS\system32\HPZipm12.exe (HP)
* C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe (RingCentral, Inc.)
* C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe (RingCentral, Inc.)
* C:\WINDOWS\system32\services.exe (Microsoft Corporation)
* C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
* C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
* C:\WINDOWS\system32\NLSSRV32.EXE (Nalpeiron Ltd.)
* C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
C:\Program Files\VideoLAN\VLC\vlc.exe
* C:\WINDOWS\explorer.exe (Microsoft Corporation)
* C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
* C:\WINDOWS\system32\smss.exe (Microsoft Corporation)
C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
* C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
* C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

Unrated items
-------------
002 * C:\Program Files\Online Armor\OAui.exe (Emsi Software GmbH)
002 * C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
002 C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
002 C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
002 C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
002 C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company)
002 * D:\Notes\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
002 * C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
002 C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
002 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
002 * C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
002 C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
003 C:\Program Files\Shelltoys\Personal Assistant\assistant.exe
003 * C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe (RingCentral, Inc.)
003 * C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe (RingCentral, Inc.)
003 * C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
004 C:\PROGRA~1\ERUNT\AUTOBACK.EXE
004 * C:\DOCUME~1\Michelle\APPLIC~1\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
005 C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE (Eastman Kodak Company)
005 C:\PROGRA~1\CRASHP~1\CRASHP~3.EXE (Code 42 Software, Inc.)
010 C:\WINDOWS\ATKKBService.exe (ATK Keyboard Service)
010 * C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Realtime Protection)
010 * C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Scheduler)
010 C:\Program Files\Browny02\BrYNSvc.exe (BrYNSvc)
010 C:\Program Files\CrashPlan\CrashPlanService.exe (CrashPlan Backup Service)
010 * C:\Program Files\Java\jre7\bin\jqs.exe (Java Quick Starter)
010 * C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Anti-Malware)
010 * C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Maintenance Service)
010 * C:\Program Files\Online Armor\oasrv.exe (Online Armor)
010 * C:\Program Files\Online Armor\OAcat.exe (Online Armor Helper Service)
010 C:\WINDOWS\system32\HPZipm12.exe (Pml Driver HPZ12)
010 * C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype C2C Service)
010 * C:\Program Files\Skype\Updater\Updater.exe (Skype Updater)
011 C:\WINDOWS\System32\Drivers\Video3D.sys (ASUS Video3D Service)
011 * C:\WINDOWS\system32\DRIVERS\avgntflt.sys (avgntflt)
011 * C:\WINDOWS\system32\DRIVERS\avipbb.sys (avipbb)
011 * C:\WINDOWS\system32\DRIVERS\avkmgr.sys (avkmgr)
011 c:\windows\System32\Drivers\BANTExt.sys (Belarc SMBios Access)
011 * C:\Program Files\SystemRequirementsLab\cpudrv.sys (cpudrv)
011 C:\WINDOWS\system32\drivers\EIO.sys (EIO)
011 C:\WINDOWS\system32\drivers\atkkbnt.sys (Enhanced Display Driver Helper Service)
011 C:\WINDOWS\system32\GTNDIS5.SYS (GTNDIS5 NDIS Protocol Driver)
011 C:\WINDOWS\system32\DRIVERS\rt73.sys (Linksys Home Wireless-G USB Adapter Driver)
011 * C:\WINDOWS\system32\DRIVERS\lmimirr.sys (lmimirr)
011 * C:\WINDOWS\system32\drivers\mbam.sys (MBAMProtector)
011 * C:\WINDOWS\system32\drivers\OADriver.sys (OADriver)
011 * C:\WINDOWS\system32\drivers\OAmon.sys (OAmon)
011 * C:\WINDOWS\system32\drivers\OAnet.sys (OAnet)
011 * C:\WINDOWS\system32\drivers\oahlp32.sys (Online Armor helper driver)
011 * C:\WINDOWS\system32\DRIVERS\revoflt.sys (Revoflt)
011 C:\WINDOWS\system32\DRIVERS\tapvpn.sys (TAP VPN Adapter)
011 C:\WINDOWS\System32\Drivers\DgiVecp.sys (Team MFP Comm Driver)
011 c:\windows\system32\drivers\TrueSight.sys (TrueSight)
031 C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) {6318E0AB-2E93-11D1-B8ED-00608CC9A71F}
031 C:\Program Files\Common Files\Intuit\intu-res.dll {9CE7D474-16F9-4889-9BB9-53E2008EAE8A}
031 * C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) {91774881-D725-4E58-B298-07617B9B86A8}
047 Zone: exoticpublishing.com : https://exoticpublishing.com
050 * C:\PROGRA~1\ONLINE~2\oaevent.dll (Emsi Software GmbH) {4F07DA45-8170-4859-9B5F-037EF2970034}
052 * C:\PROGRA~1\FlashFXP\IEFlash.dll (IniCom Networks, Inc.) {E5A1691B-D188-4419-AD02-90002030B8EE}
052 * C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
052 * C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) {DBC80044-A445-435b-BC74-9C25C1C588A9}
052 * C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
061 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll (Advanced Micro Devices, Inc.) {5E2121EE-0300-11D4-8D3B-444553540000}
061 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll (Advanced Micro Devices, Inc.) {872A9397-E0D6-4e28-B64D-52B8D0A7EA35}
061 * C:\PROGRA~1\ONLINE~2\oaevent.dll (Emsi Software GmbH) {4F07DA46-8170-4859-9B5F-037EF2970034}
061 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org) {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
061 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org) {087B3AE3-E237-4467-B8DB-5A38AB959AC9}
061 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org) {63542C48-9552-494A-84F7-73AA6A7C99C1}
061 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org) {3B092F0C-7696-40E3-A80F-68D74DA84210}
061 * C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll (VS Revo Group) {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7}
061 * C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira Operations GmbH & Co. KG) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
061 C:\Program Files\SmartDraw 2010\SDThumbnail.dll {66F1DE40-D550-4119-9120-6592E3390623}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
062 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org) {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
069 C:\WINDOWS\system32\fppmon3.dll (FinePrint Software, LLC)
069 C:\WINDOWS\system32\HpTcpMon.dll (Hewlett Packard)
069 C:\WINDOWS\system32\hpzsnt12.dll (HP)
069 * C:\WINDOWS\system32\novamnk6.dll (Softland)
073 DoxillionReminder.job : C:\Program Files\NCH Software\Doxillion\doxillion.exe (NCH Software)
100 ProxyOverride HKCU : local
104 * C:\WINDOWS\system32\RCMedia.dll (RingCentral, Inc.) {CF25C291-E91C-11D3-873F-0000B4A2973D}
105 Add to &Evernote : res://C:\Program Files\Evernote\Evernote3.5\enbar.dll/2000
173 GUID / CLSID not found {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
173 * C:\PROGRA~1\ONLINE~2\oaevent.dll (Emsi Software GmbH) {4F07DA46-8170-4859-9B5F-037EF2970034}
173 * C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira Operations GmbH & Co. KG) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
173 GUID / CLSID not found
173 C:\Program Files\Ultra Tag Editor\TagEditorMenu.dll (Atelio Software, Inc.) {1CAA0E93-2376-43B5-B795-1AA831864E59}
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
173 C:\WINDOWS\system32\shellwp.dll (Corel Corporation Limited)
220 GUID / CLSID not found {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
221 * C:\PROGRA~1\ONLINE~2\oaevent.dll (Emsi Software GmbH) {4F07DA46-8170-4859-9B5F-037EF2970034}
221 * C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira Operations GmbH & Co. KG) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
221 GUID / CLSID not found
221 C:\Program Files\Ultra Tag Editor\TagEditorMenu.dll (Atelio Software, Inc.) {1CAA0E93-2376-43B5-B795-1AA831864E59}
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 C:\WINDOWS\system32\shellwp.dll (Corel Corporation Limited)
223 * C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 GUID / CLSID not found
225 GUID / CLSID not found
225 * C:\PROGRA~1\ONLINE~2\oaevent.dll (Emsi Software GmbH) {4F07DA46-8170-4859-9B5F-037EF2970034}
225 * C:\PROGRA~1\ONLINE~2\oaevent.dll (Emsi Software GmbH) {4F07DA46-8170-4859-9B5F-037EF2970034}
225 C:\Corel\Suite8\Programs\PFSE80.DLL (Novell, Inc.) {C0E10002-0028-0001-C0E1-C0E1C0E1C0E1}
225 C:\Corel\Suite8\Programs\PFSE80.DLL (Novell, Inc.) {C0E10002-0028-0001-C0E1-C0E1C0E1C0E1}
225 * C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll (VS Revo Group) {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7}
225 * C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll (VS Revo Group) {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7}
225 * C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira Operations GmbH & Co. KG) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
225 * C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira Operations GmbH & Co. KG) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
225 C:\Program Files\Ultra Tag Editor\TagEditorMenu.dll (Atelio Software, Inc.) {1CAA0E93-2376-43B5-B795-1AA831864E59}
225 C:\Program Files\Ultra Tag Editor\TagEditorMenu.dll (Atelio Software, Inc.) {1CAA0E93-2376-43B5-B795-1AA831864E59}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
226 GUID / CLSID not found {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
227 GUID / CLSID not found {BED4C38B-F765-45AC-8C56-613F76BBF43E}
227 C:\Corel\Suite8\Programs\PFSE80.DLL (Novell, Inc.) {C0E10002-0028-0001-C0E1-C0E1C0E1C0E1}
227 GUID / CLSID not found
227 C:\Program Files\Ultra Tag Editor\TagEditorMenu.dll (Atelio Software, Inc.) {1CAA0E93-2376-43B5-B795-1AA831864E59}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
228 GUID / CLSID not found {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
229 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll (Advanced Micro Devices, Inc.) {5E2121EE-0300-11D4-8D3B-444553540000}
231 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org) OpenOffice.org Column Handler
241 GUID / CLSID not found {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
241 GUID / CLSID not found {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}
241 GUID / CLSID not found {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}
241 GUID / CLSID not found {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
253 C:\Corel\Suite8\Programs\PFSE80.DLL (Novell, Inc.) {C0E10002-0028-0001-C0E1-C0E1C0E1C0E1}

Missing files
-------------
002 C:\Program Files\IDT\WDM\sttray.exe
011 C:\WINDOWS\system32\drivers\Abiosdsk.sys
011 C:\WINDOWS\system32\drivers\abp480n5.sys
011 C:\WINDOWS\system32\drivers\adpu160m.sys
011 C:\WINDOWS\system32\drivers\Aha154x.sys
011 C:\WINDOWS\system32\drivers\aic78u2.sys
011 C:\WINDOWS\system32\drivers\aic78xx.sys
011 C:\WINDOWS\system32\drivers\AliIde.sys
011 C:\WINDOWS\system32\drivers\amsint.sys
011 System32\Drivers\usbaapl.sys
011 C:\WINDOWS\system32\drivers\asc.sys
011 C:\WINDOWS\system32\drivers\asc3350p.sys
011 C:\WINDOWS\system32\drivers\asc3550.sys
011 C:\WINDOWS\system32\drivers\Atdisk.sys
011 C:\DOCUME~1\Michelle\LOCALS~1\Temp\catchme.sys
011 C:\WINDOWS\system32\drivers\cd20xrnt.sys
011 C:\WINDOWS\system32\drivers\Changer.sys
011 C:\WINDOWS\system32\drivers\CmdIde.sys
011 C:\WINDOWS\system32\drivers\Cpqarray.sys
011 C:\DOCUME~1\Michelle\LOCALS~1\Temp\cpuz_x32.sys
011 C:\WINDOWS\system32\drivers\dac2w2k.sys
011 C:\WINDOWS\system32\drivers\dac960nt.sys
011 C:\WINDOWS\system32\drivers\dpti2o.sys
011 C:\WINDOWS\system32\drivers\hpn.sys
011 C:\WINDOWS\system32\drivers\i2omgmt.sys
011 C:\WINDOWS\system32\drivers\i2omp.sys
011 C:\WINDOWS\system32\drivers\ini910u.sys
011 C:\WINDOWS\system32\drivers\IntelIde.sys
011 C:\WINDOWS\system32\drivers\lbrtfdc.sys
011 C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys
011 C:\WINDOWS\system32\drivers\mraid35x.sys
011 C:\Folder\MapleStory\npkcrypt.sys
011 C:\WINDOWS\system32\drivers\PCIDump.sys
011 C:\WINDOWS\system32\drivers\PDCOMP.sys
011 C:\WINDOWS\system32\drivers\PDFRAME.sys
011 C:\WINDOWS\system32\drivers\PDRELI.sys
011 C:\WINDOWS\system32\drivers\PDRFRAME.sys
011 C:\WINDOWS\system32\drivers\perc2.sys
011 C:\WINDOWS\system32\drivers\perc2hib.sys
011 C:\WINDOWS\system32\drivers\ql1080.sys
011 C:\WINDOWS\system32\drivers\Ql10wnt.sys
011 C:\WINDOWS\system32\drivers\ql12160.sys
011 C:\WINDOWS\system32\drivers\ql1240.sys
011 C:\WINDOWS\system32\drivers\ql1280.sys
011 c:\windows\system32\DRIVERS\RT2860.sys
011 C:\WINDOWS\system32\drivers\Simbad.sys
011 C:\WINDOWS\system32\drivers\Sparrow.sys
011 C:\WINDOWS\system32\Drivers\SSPORT.sys
011 C:\WINDOWS\system32\drivers\sym_hi.sys
011 C:\WINDOWS\system32\drivers\sym_u3.sys
011 C:\WINDOWS\system32\drivers\symc810.sys
011 C:\WINDOWS\system32\drivers\symc8xx.sys
011 C:\WINDOWS\system32\drivers\TosIde.sys
011 C:\WINDOWS\system32\drivers\ultra.sys
011 C:\WINDOWS\system32\drivers\ViaIde.sys
011 C:\WINDOWS\system32\drivers\WDICA.sys
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
ep2002's Avatar
ep2002 ep2002 is offline
Computer Specs
Member with 182 posts.
THREAD STARTER
 
Join Date: Oct 2006
Location: Windsor, Ontario (Canada)
Experience: Intermediate
25-Jul-2012, 09:19 PM #192
And no, the problem with OA happened well before I did this scan. In fact OA didn't even pop up during the scan.

Thanks


Michelle
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,414 posts.
 
Join Date: Mar 2001
Location: Bradford, England
26-Jul-2012, 03:28 PM #193
That's okay

Now, we can finally remove some of the things I wanted to remove a while back, but not all. We'll deal with them after.

So, can you do the following for me:

Download the attachment at the end of this post. This will be your RSReport file, with the fixes I need you to do.
  • Save it to your desktop, then extract the RSReport.run file to your Desktop, overwriting the existing one.
  • Open the runscanner folder and double click on the runscanner.exe file.
  • This time select the Expert Mode
  • Click the button Open Run File
  • Click on the RSReport file, and select Open
  • click the Item Fixer tab
  • Click the button at the top called Fix selected items
  • Accept the warning(s) and repeat until they are all gone.
  • Reboot your PC

---------------

Then, can you re-run it as you originally did, and upload the file again
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,414 posts.
 
Join Date: Mar 2001
Location: Bradford, England
29-Jul-2012, 02:28 PM #194
Looks like we may be able to solve the Firefox proxy that just won't go, and check a few other things.

If you can still do the above with Runscanner, and post the new log that would be great

----

Then, can you try this:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

eddie
ep2002's Avatar
ep2002 ep2002 is offline
Computer Specs
Member with 182 posts.
THREAD STARTER
 
Join Date: Oct 2006
Location: Windsor, Ontario (Canada)
Experience: Intermediate
01-Aug-2012, 01:51 AM #195
Hi,

Sorry for the delay.

Ok, I hope I did the RunScanner properly. I don't use my desktop for any of these things. I have a downloads folder & with the software that you guys get me to use most often I even create their own folders. It did delete all those red entries thought.

The problem is I can't find the log file. I kind of shut down the window right after it finished & I no log file popped up.

Here's the Mini log file though & now I'm going to reboot.

MiniToolBox by Farbar Version: 23-07-2012
Ran by Michelle (administrator) on 01-08-2012 at 01:46:17
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.autoconfig_url", "http://proxy.uconn.edu:3000/proxy.pac"
"network.proxy.http", "http://proxy.uconn.edu:3000/proxy.pac"
"network.proxy.type", 0
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection 2 (Connected)
Intel(R) 82566DC Gigabit Network Connection = Local Area Connection 3 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 3"

set address name="Local Area Connection 3" source=dhcp
set dns name="Local Area Connection 3" source=dhcp register=PRIMARY
set wins name="Local Area Connection 3" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : exotic-3c629299 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : cpe.cableonda.netEthernet adapter Local Area Connection 3: Connection-specific DNS Suffix . : cpe.cableonda.net Description . . . . . . . . . . . : Intel(R) 82566DC Gigabit Network Connection Physical Address. . . . . . . . . : 00-16-76-D8-B7-DF Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.100.1.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.100.1.1 DHCP Server . . . . . . . . . . . : 10.100.1.1 DNS Servers . . . . . . . . . . . : 8.15.12.5 8.5.244.6 Lease Obtained. . . . . . . . . . : Tuesday, July 31, 2012 4:02:46 PM Lease Expires . . . . . . . . . . : Wednesday, August 01, 2012 4:02:46 PMServer: dns01.iad01.acndigital.net
Address: 8.15.12.5

Name: google.com
Addresses: 173.194.43.0, 173.194.43.1, 173.194.43.2, 173.194.43.3
173.194.43.4, 173.194.43.5, 173.194.43.6, 173.194.43.7, 173.194.43.8
173.194.43.9, 173.194.43.14

Pinging google.com [173.194.43.14] with 32 bytes of data:Reply from 173.194.43.14: bytes=32 time=319ms TTL=46Reply from 173.194.43.14: bytes=32 time=308ms TTL=46Ping statistics for 173.194.43.14: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 308ms, Maximum = 319ms, Average = 313msServer: dns01.iad01.acndigital.net
Address: 8.15.12.5

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:Reply from 98.139.183.24: bytes=32 time=168ms TTL=51Reply from 98.139.183.24: bytes=32 time=126ms TTL=51Ping statistics for 98.139.183.24: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 126ms, Maximum = 168ms, Average = 147msServer: dns01.iad01.acndigital.net
Address: 8.15.12.5

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms======================================================================== ===
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 16 76 d8 b7 df ...... Intel(R) 82566DC Gigabit Network Connection
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.100.1.1 10.100.1.2 20
10.100.1.0 255.255.255.0 10.100.1.2 10.100.1.2 20
10.100.1.2 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.100.1.2 10.100.1.2 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 10.100.1.2 10.100.1.2 20
224.0.0.0 240.0.0.0 10.100.1.2 10.100.1.2 20
255.255.255.255 255.255.255.255 10.100.1.2 10.100.1.2 1
Default Gateway: 10.100.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/31/2012 04:01:12 AM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/07/31 04:01:12.500]: [00003268]: Initialize TwdsMain Class failed!

Error: (07/31/2012 04:01:12 AM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/07/31 04:01:12.500]: [00003268]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (07/26/2012 08:49:44 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be flushed during the shadow copy creation period on volume D:\.
The volume index in the shadow copy set is 0. Error details: Flush[0x00000000], Release[0x00000000], OnRun[0x8000ffff].

Error: (07/26/2012 04:23:44 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be flushed during the shadow copy creation period on volume D:\.
The volume index in the shadow copy set is 0. Error details: Flush[0x00000000], Release[0x00000000], OnRun[0x8000ffff].

Error: (07/26/2012 03:35:44 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be flushed during the shadow copy creation period on volume D:\.
The volume index in the shadow copy set is 0. Error details: Flush[0x00000000], Release[0x00000000], OnRun[0x8000ffff].

Error: (07/26/2012 03:14:10 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be flushed during the shadow copy creation period on volume D:\.
The volume index in the shadow copy set is 0. Error details: Flush[0x8000ffff], Release[0x00000000], OnRun[0x00000000].

Error: (07/26/2012 02:39:46 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be flushed during the shadow copy creation period on volume D:\.
The volume index in the shadow copy set is 0. Error details: Flush[0x8000ffff], Release[0x00000000], OnRun[0x00000000].

Error: (07/26/2012 01:40:17 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be flushed during the shadow copy creation period on volume D:\.
The volume index in the shadow copy set is 0. Error details: Flush[0x00000000], Release[0x00000000], OnRun[0x8000ffff].

Error: (07/25/2012 11:36:50 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be flushed during the shadow copy creation period on volume D:\.
The volume index in the shadow copy set is 0. Error details: Flush[0x8000ffff], Release[0x00000000], OnRun[0x00000000].

Error: (07/25/2012 05:09:04 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be flushed during the shadow copy creation period on volume D:\.
The volume index in the shadow copy set is 0. Error details: Flush[0x00000000], Release[0x00000000], OnRun[0x8000ffff].


System errors:
=============
Error: (07/31/2012 09:24:51 PM) (Source: Removable Storage Service) (User: )
Description: RSM could not load media in drive Drive 0 of library Kingston DT 101 G2 USB Device.

Error: (07/31/2012 09:24:50 PM) (Source: Removable Storage Service) (User: )
Description: RSM could not load media in drive Drive 0 of library Kingston DT 101 G2 USB Device.

Error: (07/31/2012 06:48:47 AM) (Source: Removable Storage Service) (User: )
Description: RSM could not load media in drive Drive 0 of library Kingston DT 101 G2 USB Device.

Error: (07/31/2012 06:48:45 AM) (Source: Removable Storage Service) (User: )
Description: RSM could not load media in drive Drive 0 of library Kingston DT 101 G2 USB Device.

Error: (07/31/2012 06:19:17 AM) (Source: Removable Storage Service) (User: )
Description: RSM could not load media in drive Drive 0 of library Kingston DT 101 G2 USB Device.

Error: (07/31/2012 06:19:16 AM) (Source: Removable Storage Service) (User: )
Description: RSM could not load media in drive Drive 0 of library Kingston DT 101 G2 USB Device.

Error: (07/31/2012 05:54:08 AM) (Source: Removable Storage Service) (User: )
Description: RSM could not load media in drive Drive 0 of library Kingston DT 101 G2 USB Device.

Error: (07/31/2012 05:54:04 AM) (Source: Removable Storage Service) (User: )
Description: RSM could not load media in drive Drive 0 of library Kingston DT 101 G2 USB Device.

Error: (07/31/2012 05:51:00 AM) (Source: Removable Storage Service) (User: )
Description: RSM could not load media in drive Drive 0 of library Kingston DT 101 G2 USB Device.

Error: (07/31/2012 05:50:57 AM) (Source: Removable Storage Service) (User: )
Description: RSM could not load media in drive Drive 0 of library Kingston DT 101 G2 USB Device.


Microsoft Office Sessions:
=========================
Error: (07/31/2012 04:01:12 AM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/07/31 04:01:12.500]: [00003268]: Initialize TwdsMain Class failed!

Error: (07/31/2012 04:01:12 AM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/07/31 04:01:12.500]: [00003268]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (07/26/2012 08:49:44 AM) (Source: VSS)(User: )
Description: D:\00x000000000x000000000x8000ffff

Error: (07/26/2012 04:23:44 AM) (Source: VSS)(User: )
Description: D:\00x000000000x000000000x8000ffff

Error: (07/26/2012 03:35:44 AM) (Source: VSS)(User: )
Description: D:\00x000000000x000000000x8000ffff

Error: (07/26/2012 03:14:10 AM) (Source: VSS)(User: )
Description: D:\00x8000ffff0x000000000x00000000

Error: (07/26/2012 02:39:46 AM) (Source: VSS)(User: )
Description: D:\00x8000ffff0x000000000x00000000

Error: (07/26/2012 01:40:17 AM) (Source: VSS)(User: )
Description: D:\00x000000000x000000000x8000ffff

Error: (07/25/2012 11:36:50 PM) (Source: VSS)(User: )
Description: D:\00x8000ffff0x000000000x00000000

Error: (07/25/2012 05:09:04 PM) (Source: VSS)(User: )
Description: D:\00x000000000x000000000x8000ffff


========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 78%
Total physical RAM: 3325.75 MB
Available physical RAM: 724.98 MB
Total Pagefile: 6235.76 MB
Available Pagefile: 2434.42 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.38 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:147.72 GB) (Free:119.86 GB) NTFS
3 Drive d: () (Fixed) (Total:142.83 GB) (Free:127.22 GB) NTFS
4 Drive e: () (Fixed) (Total:175.22 GB) (Free:147.08 GB) NTFS
6 Drive g: (KINGSTON) (Removable) (Total:3.65 GB) (Free:0.17 GB) FAT32

========================= Users: ========================================

User accounts for \\EXOTIC-3C629299

Administrator Guest HelpAssistant
Michelle SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑