| Live Chat & Podcast at 1:00PM Eastern on Sunday! |
Advertisement
Advertisement
 Search | |
| |
22-Jul-2012, 05:33 AM
#181 | |||||||
| Quote:
I ran that one above 4 times & each time it said it was already scanned & it called it a different #... This file has been scanned before. The results for this previous scan are listed below. Filename: jna1189247634826652252.dll Status: Scan finished. 0 out of 20 scanners reported malware. Scan taken on: Sat 21 Jul 2012 17:17:00 (CET) Permalink |
22-Jul-2012, 05:40 AM
#183 | |||||||
| Quote:
You has said it was an ASUS EAX300 Series, the download we got was from here: http://support.asus.com/download/dow...AX300%20Series Last edited by Cookiegal; 22-Jul-2012 at 12:23 PM.. Reason: To fix quote tags |
22-Jul-2012, 05:42 AM
#184 | |||||||
| Quote:
|
22-Jul-2012, 05:44 AM
#185 | |||||||
| Quote:
Everyone uses VLC  Sorry. |
22-Jul-2012, 06:50 AM
#186 | |||||||
| Here it is. Thanks Michelle -------------------- OTL logfile created on: 7/22/2012 4:53:37 AM - Run 7 OTL by OldTimer - Version 3.2.53.1 Folder = D:\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.25 Gb Total Physical Memory | 2.38 Gb Available Physical Memory | 73.41% Memory free 6.09 Gb Paging File | 5.00 Gb Available in Paging File | 82.10% Paging File free Paging file location(s): C:\pagefile.sys 3072 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 147.72 Gb Total Space | 119.46 Gb Free Space | 80.87% Space Free | Partition Type: NTFS Drive D: | 142.83 Gb Total Space | 127.79 Gb Free Space | 89.47% Space Free | Partition Type: NTFS Drive E: | 175.22 Gb Total Space | 148.18 Gb Free Space | 84.57% Space Free | Partition Type: NTFS Drive G: | 3.65 Gb Total Space | 0.10 Gb Free Space | 2.74% Space Free | Partition Type: FAT32 Computer Name: EXOTIC-3C629299 | User Name: Michelle | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/07/13 07:06:00 | 000,161,776 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012/07/10 23:58:03 | 000,210,920 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Online Armor\oacat.exe PRC - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012/07/04 20:36:35 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/05/24 12:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Michelle\Application Data\Dropbox\bin\Dropbox.exe PRC - [2011/12/15 13:24:24 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe PRC - [2011/10/19 15:56:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011/10/19 15:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/10/19 15:56:24 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011/10/19 15:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011/06/29 03:22:06 | 000,152,576 | ---- | M] (CrashPlan) -- C:\Program Files\CrashPlan\CrashPlanService.exe PRC - [2011/03/21 10:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE PRC - [2011/03/07 10:21:00 | 000,107,008 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe PRC - [2011/02/23 15:11:22 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe PRC - [2011/02/02 17:37:22 | 000,500,992 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe PRC - [2011/02/02 17:37:18 | 000,038,144 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe PRC - [2010/05/31 09:31:10 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LogMeInSystray.exe PRC - [2010/02/09 15:43:16 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe PRC - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe PRC - [2009/08/18 17:27:06 | 005,137,648 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/04/10 20:08:44 | 000,212,992 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\system32\stacsv.exe PRC - [2008/01/31 12:01:38 | 000,159,744 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe PRC - [2007/08/09 01:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2004/07/20 12:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe PRC - [2003/03/05 12:02:31 | 000,456,704 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\assistant.exe ========== Modules (No Company Name) ========== MOD - [2012/07/18 11:23:00 | 000,013,312 | ---- | M] () -- C:\Program Files\CrashPlan\md5.dll MOD - [2012/07/18 11:22:59 | 000,166,400 | ---- | M] () -- C:\Program Files\CrashPlan\cpnative.dll MOD - [2012/06/14 23:08:56 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3 e26ef3ca1d54f9a\System.Web.ni.dll MOD - [2012/06/14 21:03:01 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbad afaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MOD - [2012/06/14 21:02:50 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4 cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MOD - [2012/06/14 21:00:41 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e 089\System.Runtime.Remoting.dll MOD - [2012/05/12 18:25:12 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b736 8bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll MOD - [2012/05/12 18:25:04 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3 d11c776f2fbc7a4594\Accessibility.ni.dll MOD - [2012/05/12 18:11:53 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be2 38b011cc7a0575e\System.Xml.ni.dll MOD - [2012/05/12 18:10:16 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f93 22f9f2e1bfe\System.ni.dll MOD - [2012/05/12 18:10:03 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d72 37aa70e935900\mscorlib.ni.dll MOD - [2012/02/14 21:45:52 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011/11/03 09:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll MOD - [2011/10/19 15:56:38 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll MOD - [2011/04/13 23:19:48 | 002,236,416 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll MOD - [2011/04/13 23:19:48 | 001,396,736 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll MOD - [2011/04/13 23:19:48 | 000,868,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll MOD - [2011/04/13 23:19:48 | 000,847,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll MOD - [2011/04/13 23:19:48 | 000,782,336 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll MOD - [2011/04/13 23:19:48 | 000,688,128 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll MOD - [2011/04/13 23:19:48 | 000,528,384 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll MOD - [2011/04/13 23:19:48 | 000,462,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll MOD - [2011/04/13 23:19:48 | 000,237,568 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll MOD - [2011/04/13 23:19:48 | 000,155,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll MOD - [2011/04/13 23:19:48 | 000,143,360 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll MOD - [2011/04/13 23:19:47 | 000,090,112 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll MOD - [2011/04/13 23:19:47 | 000,044,544 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll MOD - [2011/04/13 23:19:47 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll MOD - [2011/04/13 23:19:46 | 000,471,040 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll MOD - [2011/04/13 23:19:46 | 000,406,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll MOD - [2011/04/13 23:19:46 | 000,129,536 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll MOD - [2011/04/13 23:19:46 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll MOD - [2011/04/13 23:19:46 | 000,062,464 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll MOD - [2011/04/13 23:19:46 | 000,052,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll MOD - [2011/04/13 23:19:45 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll MOD - [2011/04/13 23:19:45 | 000,356,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll MOD - [2011/04/13 23:19:45 | 000,315,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx MOD - [2011/04/13 23:19:45 | 000,264,192 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll MOD - [2011/04/13 23:19:45 | 000,234,496 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx MOD - [2011/04/13 23:19:44 | 000,339,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx MOD - [2011/04/13 23:19:44 | 000,171,520 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx MOD - [2011/04/13 23:19:44 | 000,152,576 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx MOD - [2011/04/13 23:19:44 | 000,098,304 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx MOD - [2011/04/13 23:19:44 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx MOD - [2011/04/13 23:19:43 | 011,503,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx MOD - [2011/04/13 23:19:42 | 000,761,856 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx MOD - [2011/04/13 23:19:42 | 000,684,032 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx MOD - [2011/04/13 23:19:41 | 000,078,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx MOD - [2011/02/02 17:38:46 | 001,049,856 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCTH.dll MOD - [2011/02/02 17:38:28 | 000,369,920 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCABEx.dll MOD - [2011/02/02 17:31:32 | 001,548,288 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\Characters\RCSPSkSPVista.dll MOD - [2010/05/05 10:21:58 | 000,126,976 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\NetFixDll.dll MOD - [2010/03/16 11:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll MOD - [2009/08/18 17:27:04 | 000,925,696 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2006/02/28 06:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll MOD - [2003/03/05 12:02:31 | 000,456,704 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\assistant.exe MOD - [2003/02/16 11:06:44 | 000,122,880 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\tcdbtext.dll ========== Win32 Services (SafeList) ========== SRV - [2012/07/19 22:00:09 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/07/13 07:06:00 | 000,161,776 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012/07/10 23:59:45 | 004,382,968 | ---- | M] (Emsi Software GmbH) [Auto | Stopped] -- C:\Program Files\Online Armor\OAsrv.exe -- (SvcOnlineArmor) SRV - [2012/07/10 23:58:03 | 000,210,920 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Online Armor\oacat.exe -- (OAcat) SRV - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011/12/15 13:24:36 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- D:\Notes\LogMeIn\x86\ramaint.exe -- (LMIMaint) SRV - [2011/12/15 13:24:24 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2011/10/19 15:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/10/19 15:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/06/29 03:22:06 | 000,152,576 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService) SRV - [2011/03/21 10:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc) SRV - [2010/11/08 11:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- D:\Notes\LogMeIn\x86\LogMeIn.exe -- (LogMeIn) SRV - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc) SRV - [2009/08/26 12:40:16 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist) SRV - [2008/04/10 20:08:44 | 000,212,992 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV) SRV - [2007/08/09 01:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2004/07/20 12:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RT2860.sys -- (RT80x86) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | Auto | Stopped] -- C:\Folder\MapleStory\npkcrypt.sys -- (npkcrypt) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Michelle\LOCALS~1\Temp\cpuz_x32.sys -- (cpuz129) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Michelle\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - [2012/07/11 00:01:14 | 000,031,912 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet) DRV - [2012/07/10 23:58:52 | 000,027,632 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon) DRV - [2012/07/10 23:58:38 | 000,044,592 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\oahlp32.sys -- (oahlpXX) DRV - [2012/07/10 23:58:04 | 000,208,312 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice) DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012/02/14 21:44:58 | 007,585,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2012/01/14 15:02:26 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight) DRV - [2011/12/20 01:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService) DRV - [2011/12/15 13:24:26 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2011/12/09 04:58:16 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2011/10/19 15:56:50 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/10/19 15:56:50 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011/10/07 16:21:06 | 000,066,048 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl) DRV - [2011/06/02 10:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv) DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/05/31 09:31:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- D:\Notes\LogMeIn\x86\rainfo.sys -- (LMIInfo) DRV - [2010/05/31 09:31:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2009/12/30 10:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt) DRV - [2009/11/02 21:06:12 | 000,011,520 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbSib.sys -- (BrUsbSIb) Brother Serial USB Driver(WDM) DRV - [2009/11/02 21:06:11 | 000,071,424 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerIb.sys -- (BrSerIb) Brother Serial Interface Driver(WDM) DRV - [2008/07/24 00:55:23 | 000,007,296 | --S- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.SYS -- (EIO) DRV - [2008/04/10 20:10:10 | 001,271,032 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2008/02/27 11:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt) DRV - [2008/01/23 15:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn) DRV - [2007/11/09 02:14:09 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp) DRV - [2007/03/02 02:36:10 | 000,044,416 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R) DRV - [2006/11/15 22:34:40 | 004,225,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006/04/24 15:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata) DRV - [2006/02/17 09:28:32 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006/02/17 09:28:30 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2005/11/24 17:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73) DRV - [2004/07/20 12:19:16 | 000,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2004/07/06 17:56:26 | 000,044,544 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Video3D.sys -- (Video3D) DRV - [2003/09/25 20:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C 95 A5 63 2D 6B CB 01 [binary data] IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.exoticpublishing.com/adminDB/freelancers_maintenance.php|http://exoticpublishing.hyperoffice.com/|https://www.mcssl.com/Netcart/login/login.asp?pr=6|https://www.secure-ebook.com/login.jsp?myAction=login|http://www.mimeo.com/|http://www.fiverr.com/|http://www.odesk.com|http://66.7.214.224/cpanel/" FF - prefs.js..extensions.enabledItems: areadecoder@kevski:1.0.3 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.72.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "http://srp.freecause.com/?ourmark=3&sid=100311&q=" FF - prefs.js..network.proxy.autoconfig_url: "http://proxy.uconn.edu:3000/proxy.pac" FF - prefs.js..network.proxy.http: "http://proxy.uconn.edu:3000/proxy.pac" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/19 22:00:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/06 23:44:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/06/17 17:07:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/03/07 07:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Extensions [2010/03/07 07:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012/07/21 04:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions [2012/07/10 22:31:14 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2012/06/04 01:56:09 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2012/07/11 02:41:58 | 000,000,000 | ---D | M] (Roomy Bookmarks Toolbar) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\ALone-live@ya.ru [2012/07/21 04:09:27 | 000,000,000 | ---D | M] (FreePriceAlerts.com) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\extension@freepricealerts.com [2012/06/04 01:56:08 | 000,000,000 | ---D | M] ("StretchClock") -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\info@stretchclock.com [2012/06/26 23:26:05 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\support@lastpass.com [2012/07/21 04:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\extension@freepricealerts.com\chrome [2012/07/21 04:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\extension@freepricealerts.com\defaults [2012/06/27 00:29:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions [2012/05/23 03:55:55 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2010/04/27 15:01:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012/05/28 23:28:09 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2012/01/18 02:55:25 | 000,000,000 | ---D | M] (FEBE) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2010/05/28 14:52:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}-trash [2009/12/17 16:02:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}-trash [2010/08/29 12:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}-trash [2012/05/31 06:47:34 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2012/05/08 23:46:56 | 000,000,000 | ---D | M] (Page Speed) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97} [2011/04/20 12:37:07 | 000,000,000 | ---D | M] (Multirow Bookmarks Toolbar) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033} [2012/05/11 19:50:29 | 000,000,000 | ---D | M] (FreePriceAlerts.com) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\extension@freepri cealerts.com [2012/02/19 19:11:13 | 000,000,000 | ---D | M] ("StretchClock") -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\info@stretchclock .com [2012/06/26 23:26:07 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\support@lastpass. com [2012/04/20 14:14:39 | 000,000,000 | ---D | M] (WASP) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\wasp@immeria.net [2010/05/28 14:52:59 | 000,000,000 | ---D | M] (Xsticky-Tool) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\Xsticky-StickyNotes@xsticky.com [2012/05/11 19:50:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\extension@freepri cealerts.com\chrome [2012/05/11 19:50:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\extension@freepri cealerts.com\defaults [2012/03/08 23:41:17 | 000,001,339 | ---- | M] () -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\searchplugins\search-the-web.xml [2012/07/13 06:45:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/07/20 20:39:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012/05/26 02:14:50 | 000,336,363 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI [2011/06/24 19:22:44 | 000,025,217 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{B442F4C0-C292-4998-AABE-48608A73BA75}.XPI [2012/01/21 02:46:48 | 000,138,614 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI [2012/05/25 00:28:56 | 000,012,835 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\AREADECODER@KEVSK I.XPI [2012/02/23 23:54:43 | 000,164,722 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\COMPATIBILITY@ADD ONS.MOZILLA.ORG.XPI [2011/11/17 22:45:04 | 000,058,906 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\IZER@CAMELCAMELCA MEL.COM.XPI [2012/07/19 22:00:10 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/03/10 19:56:39 | 000,583,528 | ---- | M] (iLinc Communications, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPCltInst11.dll [2012/06/16 23:28:55 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/06/16 23:28:55 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google  rigi nalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie= {inputEncoding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chro me&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: NPLastPass (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.7_0\nplastpas s.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSky peChromePlugin.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: iLinc Communications Netscape/Mozilla Install Plugin v 11.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPCltInst11.dll CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - Extension: LastPass = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.7_0\ CHR - Extension: LastPass = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.9_0\ CHR - Extension: Skype Click to Call = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\ O1 HOSTS File: ([2012/02/19 23:54:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.) O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Online Armor\OAui.exe (Emsi Software GmbH) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [KodakShareButtonApp] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company) O4 - HKLM..\Run: [LogMeIn GUI] D:\Notes\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe File not found O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare) O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [Personal Assistant] C:\Program Files\Shelltoys\Personal Assistant\assistant.exe () O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [RCHotKey] C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe (RingCentral, Inc.) O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [RCUI] C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe (RingCentral, Inc.) O4 - Startup: C:\Documents and Settings\Administrator.EXOTIC-3C629299\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (LastPass) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company) O4 - Startup: C:\Documents and Settings\Michelle\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Michelle\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Documents and Settings\Michelle\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to &Evernote - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.) O15 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\..Trusted Domains: exoticpublishing.com ([]https in Trusted sites) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab (HP Download Manager) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} http://service.ringcentral.com/Activ...age_Player.cab (RingCentral Message Player Control) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://linksyssupport.webex.com/cli...rt/ieatgpc.cab (GpcContainer Class) O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll (PCPitstop Exam) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.15.12.5 8.5.244.6 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14C63AB7-91F2-4939-82A0-88C6628A5C31}: DhcpNameServer = 8.15.12.5 8.5.244.6 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23E4F7C4-7DC6-489A-9574-0FF705F312F3}: DhcpNameServer = 8.15.12.5 8.5.244.6 O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\intu-res {9CE7D474-16F9-4889-9BB9-53E2008EAE8A} - C:\Program Files\Common Files\Intuit\intu-res.dll () O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Online Armor\oaevent.dll (Emsi Software GmbH) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/07/23 20:31:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010/04/14 22:54:30 | 000,000,166 | ---- | M] () - G:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/07/15 21:20:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Web Dimensions [2012/07/15 16:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle\Local Settings\Application Data\Sun [2012/07/13 07:06:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012/07/05 02:12:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN [2012/07/04 16:36:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/07/04 16:35:38 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012/07/04 16:35:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/06/26 23:26:10 | 010,974,280 | ---- | C] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe [2012/06/26 23:25:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle\Start Menu\Programs\LastPass [2012/06/26 23:25:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LastPass [2012/06/26 23:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\LastPass [2012/06/23 14:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee ========== Files - Modified Within 30 Days ========== [2012/07/22 05:12:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job [2012/07/22 05:06:00 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/07/22 04:37:01 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003UA.job [2012/07/22 04:12:03 | 000,101,376 | ---- | M] () -- C:\Documents and Settings\Michelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/07/21 20:57:48 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/07/21 10:06:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/07/21 05:37:02 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003Core.job [2012/07/18 07:32:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012/07/15 21:20:23 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ICCPro.lnk [2012/07/15 20:37:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/07/15 20:36:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/07/15 02:57:05 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2012/07/13 06:56:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2012/07/13 06:56:57 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/07/12 06:08:55 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2012/07/12 00:37:47 | 000,768,488 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/07/11 22:20:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012/07/11 00:01:14 | 000,031,912 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAnet.sys [2012/07/10 23:58:52 | 000,027,632 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAmon.sys [2012/07/10 23:58:38 | 000,044,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\oahlp32.sys [2012/07/10 23:58:04 | 000,208,312 | ---- | M] () -- C:\WINDOWS\System32\drivers\OADriver.sys [2012/07/05 02:12:31 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk [2012/07/04 22:39:41 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\calibre - E-book management.lnk [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012/06/26 23:26:11 | 010,974,280 | ---- | M] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe [2012/06/26 23:26:10 | 000,001,128 | ---- | M] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk [2012/06/26 23:25:59 | 000,001,128 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\My LastPass Vault.lnk ========== Files Created - No Company Name ========== [2012/07/15 21:20:23 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ICCPro.lnk [2012/07/05 02:12:31 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk [2012/07/04 16:36:37 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2012/07/04 16:36:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/06/26 23:26:10 | 000,001,128 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk [2012/06/26 23:25:59 | 000,001,128 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\My LastPass Vault.lnk [2012/05/29 03:44:37 | 000,069,037 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\Doxillion.dmp [2012/04/08 18:44:58 | 000,123,072 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2012/04/08 00:50:56 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Michelle\PUTTY.RND [2012/02/14 14:32:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/01/20 00:04:37 | 000,208,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\OADriver.sys [2012/01/20 00:04:37 | 000,044,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\oahlp32.sys [2012/01/08 01:59:31 | 000,111,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys [2011/12/22 15:26:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011/09/10 16:24:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\pathping [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Trace [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Source [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Hop [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\eonda.net [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Computing [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\8 [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\7 [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\6 [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\[192.168.1.101] [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\.26.49] [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\over [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\5 [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\4 [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\3 [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\2 [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\1 [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\0 [2011/05/06 12:19:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys [2011/02/22 18:18:25 | 000,000,242 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini [2011/02/22 18:18:25 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini [2011/02/22 18:17:18 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF10B.DAT [2011/02/22 18:16:51 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini [2011/02/22 18:16:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat [2011/01/03 13:49:39 | 000,166,704 | ---- | C] () -- C:\WINDOWS\System32\R0tiff.dll [2010/11/18 23:40:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\defogger_reenable [2010/08/02 10:12:21 | 000,000,435 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2010/08/02 09:52:52 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\bd7030.dat [2010/08/02 09:52:31 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI [2009/06/08 21:32:27 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\$_hpcst$.hpc [2009/02/16 05:59:24 | 000,000,458 | ---- | C] () -- C:\Documents and Settings\Michelle\clipdat2.rdf [2008/08/03 22:38:23 | 000,101,376 | ---- | C] () -- C:\Documents and Settings\Michelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== LOP Check ========== [2010/02/03 18:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications [2012/01/06 05:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chit Chat For Facebook [2011/12/05 17:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems [2009/08/26 12:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix [2011/10/04 14:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CrashPlan [2008/09/26 22:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.4 Output [2010/10/05 11:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure [2012/06/21 03:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileOpen [2008/07/28 21:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FlashFXP [2009/08/12 12:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN [2012/01/22 01:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn [2011/07/30 13:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maestro [2011/11/16 23:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack [2012/01/07 14:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound [2011/09/06 16:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF [2012/06/01 01:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor [2009/02/21 12:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop [2008/08/02 01:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI [2012/04/16 11:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RingCentral [2009/06/14 16:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit [2008/07/24 01:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2009/07/08 21:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2011/04/13 22:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{A2A58654-12AA-408A-B411-58A76959BE7F} [2010/04/22 01:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland [2010/08/20 08:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\acccore [2010/08/29 12:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Auslogics [2012/06/16 00:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\calibre [2009/11/24 18:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\CBS Interactive [2008/07/24 02:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012/04/08 17:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.infomastery.linkbounder-rmv [2012/06/17 22:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.webdimensions.instant-content-curator-pro [2011/10/04 14:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\CrashPlan [2012/02/27 00:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Domain Name Analyzer v4.1 [2012/06/21 03:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Downloaded Installations [2012/07/19 14:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Dropbox [2009/07/17 19:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eBookPro6 [2008/09/26 22:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eFax Messenger [2008/12/24 14:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eMusic [2012/06/21 03:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\FileOpen [2010/04/29 19:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\GARMIN [2008/09/27 18:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\ICQ [2009/11/11 18:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Image Zone Express [2011/01/03 17:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\ImgBurn [2008/09/26 22:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\j2 Global [2011/11/29 15:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\mjusbsp [2012/01/07 14:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\NCH Swift Sound [2008/08/07 16:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Nexon [2012/06/21 03:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Nitro PDF [2012/01/20 00:05:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OnlineArmor [2010/10/06 12:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OpenCandy [2012/02/28 14:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OpenOffice.org [2010/09/01 16:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Password Manager [2010/07/28 12:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Recordpad [2011/04/28 01:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Skinux [2010/04/27 14:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\SmartDraw [2012/02/27 00:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Softnik Technologies [2012/03/21 02:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\SystemRequirementsLab [2011/12/08 20:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\TeamViewer [2010/03/07 07:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Thunderbird [2011/10/07 23:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1 [2012/06/01 03:53:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\DoxillionReminder.job [2012/07/22 05:12:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job ========== Purity Check ========== < End of report > |
22-Jul-2012, 06:53 AM
#187 | |||||||
| Here it is. Thanks Michelle -------------------- OTL logfile created on: 7/22/2012 4:53:37 AM - Run 7 OTL by OldTimer - Version 3.2.53.1 Folder = D:\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.25 Gb Total Physical Memory | 2.38 Gb Available Physical Memory | 73.41% Memory free 6.09 Gb Paging File | 5.00 Gb Available in Paging File | 82.10% Paging File free Paging file location(s): C:\pagefile.sys 3072 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 147.72 Gb Total Space | 119.46 Gb Free Space | 80.87% Space Free | Partition Type: NTFS Drive D: | 142.83 Gb Total Space | 127.79 Gb Free Space | 89.47% Space Free | Partition Type: NTFS Drive E: | 175.22 Gb Total Space | 148.18 Gb Free Space | 84.57% Space Free | Partition Type: NTFS Drive G: | 3.65 Gb Total Space | 0.10 Gb Free Space | 2.74% Space Free | Partition Type: FAT32 Computer Name: EXOTIC-3C629299 | User Name: Michelle | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/07/13 07:06:00 | 000,161,776 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012/07/10 23:58:03 | 000,210,920 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Online Armor\oacat.exe PRC - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012/07/04 20:36:35 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/05/24 12:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Michelle\Application Data\Dropbox\bin\Dropbox.exe PRC - [2011/12/15 13:24:24 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe PRC - [2011/10/19 15:56:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011/10/19 15:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/10/19 15:56:24 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011/10/19 15:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011/06/29 03:22:06 | 000,152,576 | ---- | M] (CrashPlan) -- C:\Program Files\CrashPlan\CrashPlanService.exe PRC - [2011/03/21 10:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE PRC - [2011/03/07 10:21:00 | 000,107,008 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe PRC - [2011/02/23 15:11:22 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe PRC - [2011/02/02 17:37:22 | 000,500,992 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe PRC - [2011/02/02 17:37:18 | 000,038,144 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe PRC - [2010/05/31 09:31:10 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LogMeInSystray.exe PRC - [2010/02/09 15:43:16 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe PRC - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe PRC - [2009/08/18 17:27:06 | 005,137,648 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/04/10 20:08:44 | 000,212,992 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\system32\stacsv.exe PRC - [2008/01/31 12:01:38 | 000,159,744 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe PRC - [2007/08/09 01:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2004/07/20 12:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe PRC - [2003/03/05 12:02:31 | 000,456,704 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\assistant.exe ========== Modules (No Company Name) ========== MOD - [2012/07/18 11:23:00 | 000,013,312 | ---- | M] () -- C:\Program Files\CrashPlan\md5.dll MOD - [2012/07/18 11:22:59 | 000,166,400 | ---- | M] () -- C:\Program Files\CrashPlan\cpnative.dll MOD - [2012/06/14 23:08:56 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3 e26ef3ca1d54f9a\System.Web.ni.dll MOD - [2012/06/14 21:03:01 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbad afaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MOD - [2012/06/14 21:02:50 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4 cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MOD - [2012/06/14 21:00:41 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e 089\System.Runtime.Remoting.dll MOD - [2012/05/12 18:25:12 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b736 8bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll MOD - [2012/05/12 18:25:04 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3 d11c776f2fbc7a4594\Accessibility.ni.dll MOD - [2012/05/12 18:11:53 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be2 38b011cc7a0575e\System.Xml.ni.dll MOD - [2012/05/12 18:10:16 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f93 22f9f2e1bfe\System.ni.dll MOD - [2012/05/12 18:10:03 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d72 37aa70e935900\mscorlib.ni.dll MOD - [2012/02/14 21:45:52 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011/11/03 09:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll MOD - [2011/10/19 15:56:38 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll MOD - [2011/04/13 23:19:48 | 002,236,416 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll MOD - [2011/04/13 23:19:48 | 001,396,736 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll MOD - [2011/04/13 23:19:48 | 000,868,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll MOD - [2011/04/13 23:19:48 | 000,847,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll MOD - [2011/04/13 23:19:48 | 000,782,336 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll MOD - [2011/04/13 23:19:48 | 000,688,128 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll MOD - [2011/04/13 23:19:48 | 000,528,384 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll MOD - [2011/04/13 23:19:48 | 000,462,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll MOD - [2011/04/13 23:19:48 | 000,237,568 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll MOD - [2011/04/13 23:19:48 | 000,155,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll MOD - [2011/04/13 23:19:48 | 000,143,360 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll MOD - [2011/04/13 23:19:47 | 000,090,112 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll MOD - [2011/04/13 23:19:47 | 000,044,544 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll MOD - [2011/04/13 23:19:47 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll MOD - [2011/04/13 23:19:46 | 000,471,040 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll MOD - [2011/04/13 23:19:46 | 000,406,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll MOD - [2011/04/13 23:19:46 | 000,129,536 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll MOD - [2011/04/13 23:19:46 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll MOD - [2011/04/13 23:19:46 | 000,062,464 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll MOD - [2011/04/13 23:19:46 | 000,052,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll MOD - [2011/04/13 23:19:45 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll MOD - [2011/04/13 23:19:45 | 000,356,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll MOD - [2011/04/13 23:19:45 | 000,315,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx MOD - [2011/04/13 23:19:45 | 000,264,192 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll MOD - [2011/04/13 23:19:45 | 000,234,496 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx MOD - [2011/04/13 23:19:44 | 000,339,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx MOD - [2011/04/13 23:19:44 | 000,171,520 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx MOD - [2011/04/13 23:19:44 | 000,152,576 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx MOD - [2011/04/13 23:19:44 | 000,098,304 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx MOD - [2011/04/13 23:19:44 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx MOD - [2011/04/13 23:19:43 | 011,503,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx MOD - [2011/04/13 23:19:42 | 000,761,856 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx MOD - [2011/04/13 23:19:42 | 000,684,032 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx MOD - [2011/04/13 23:19:41 | 000,078,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx MOD - [2011/02/02 17:38:46 | 001,049,856 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCTH.dll MOD - [2011/02/02 17:38:28 | 000,369,920 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCABEx.dll MOD - [2011/02/02 17:31:32 | 001,548,288 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\Characters\RCSPSkSPVista.dll MOD - [2010/05/05 10:21:58 | 000,126,976 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\NetFixDll.dll MOD - [2010/03/16 11:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll MOD - [2009/08/18 17:27:04 | 000,925,696 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2006/02/28 06:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll MOD - [2003/03/05 12:02:31 | 000,456,704 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\assistant.exe MOD - [2003/02/16 11:06:44 | 000,122,880 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\tcdbtext.dll ========== Win32 Services (SafeList) ========== SRV - [2012/07/19 22:00:09 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/07/13 07:06:00 | 000,161,776 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012/07/10 23:59:45 | 004,382,968 | ---- | M] (Emsi Software GmbH) [Auto | Stopped] -- C:\Program Files\Online Armor\OAsrv.exe -- (SvcOnlineArmor) SRV - [2012/07/10 23:58:03 | 000,210,920 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Online Armor\oacat.exe -- (OAcat) SRV - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011/12/15 13:24:36 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- D:\Notes\LogMeIn\x86\ramaint.exe -- (LMIMaint) SRV - [2011/12/15 13:24:24 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2011/10/19 15:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/10/19 15:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/06/29 03:22:06 | 000,152,576 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService) SRV - [2011/03/21 10:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc) SRV - [2010/11/08 11:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- D:\Notes\LogMeIn\x86\LogMeIn.exe -- (LogMeIn) SRV - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc) SRV - [2009/08/26 12:40:16 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist) SRV - [2008/04/10 20:08:44 | 000,212,992 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV) SRV - [2007/08/09 01:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2004/07/20 12:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RT2860.sys -- (RT80x86) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | Auto | Stopped] -- C:\Folder\MapleStory\npkcrypt.sys -- (npkcrypt) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Michelle\LOCALS~1\Temp\cpuz_x32.sys -- (cpuz129) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Michelle\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - [2012/07/11 00:01:14 | 000,031,912 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet) DRV - [2012/07/10 23:58:52 | 000,027,632 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon) DRV - [2012/07/10 23:58:38 | 000,044,592 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\oahlp32.sys -- (oahlpXX) DRV - [2012/07/10 23:58:04 | 000,208,312 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice) DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012/02/14 21:44:58 | 007,585,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2012/01/14 15:02:26 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight) DRV - [2011/12/20 01:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService) DRV - [2011/12/15 13:24:26 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2011/12/09 04:58:16 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2011/10/19 15:56:50 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/10/19 15:56:50 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011/10/07 16:21:06 | 000,066,048 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl) DRV - [2011/06/02 10:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv) DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/05/31 09:31:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- D:\Notes\LogMeIn\x86\rainfo.sys -- (LMIInfo) DRV - [2010/05/31 09:31:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2009/12/30 10:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt) DRV - [2009/11/02 21:06:12 | 000,011,520 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbSib.sys -- (BrUsbSIb) Brother Serial USB Driver(WDM) DRV - [2009/11/02 21:06:11 | 000,071,424 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerIb.sys -- (BrSerIb) Brother Serial Interface Driver(WDM) DRV - [2008/07/24 00:55:23 | 000,007,296 | --S- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.SYS -- (EIO) DRV - [2008/04/10 20:10:10 | 001,271,032 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2008/02/27 11:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt) DRV - [2008/01/23 15:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn) DRV - [2007/11/09 02:14:09 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp) DRV - [2007/03/02 02:36:10 | 000,044,416 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R) DRV - [2006/11/15 22:34:40 | 004,225,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006/04/24 15:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata) DRV - [2006/02/17 09:28:32 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006/02/17 09:28:30 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2005/11/24 17:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73) DRV - [2004/07/20 12:19:16 | 000,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2004/07/06 17:56:26 | 000,044,544 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Video3D.sys -- (Video3D) DRV - [2003/09/25 20:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C 95 A5 63 2D 6B CB 01 [binary data] IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-725345543-1844237615-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.exoticpublishing.com/adminDB/freelancers_maintenance.php|http://exoticpublishing.hyperoffice.com/|https://www.mcssl.com/Netcart/login/login.asp?pr=6|https://www.secure-ebook.com/login.jsp?myAction=login|http://www.mimeo.com/|http://www.fiverr.com/|http://www.odesk.com|http://66.7.214.224/cpanel/" FF - prefs.js..extensions.enabledItems: areadecoder@kevski:1.0.3 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.72.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "http://srp.freecause.com/?ourmark=3&sid=100311&q=" FF - prefs.js..network.proxy.autoconfig_url: "http://proxy.uconn.edu:3000/proxy.pac" FF - prefs.js..network.proxy.http: "http://proxy.uconn.edu:3000/proxy.pac" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/19 22:00:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/06 23:44:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/06/17 17:07:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/03/07 07:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Extensions [2010/03/07 07:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012/07/21 04:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions [2012/07/10 22:31:14 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2012/06/04 01:56:09 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2012/07/11 02:41:58 | 000,000,000 | ---D | M] (Roomy Bookmarks Toolbar) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\ALone-live@ya.ru [2012/07/21 04:09:27 | 000,000,000 | ---D | M] (FreePriceAlerts.com) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\extension@freepricealerts.com [2012/06/04 01:56:08 | 000,000,000 | ---D | M] ("StretchClock") -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\info@stretchclock.com [2012/06/26 23:26:05 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\support@lastpass.com [2012/07/21 04:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\extension@freepricealerts.com\chrome [2012/07/21 04:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\ivkv5lzn.New-Profile-05-28-12\extensions\extension@freepricealerts.com\defaults [2012/06/27 00:29:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions [2012/05/23 03:55:55 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2010/04/27 15:01:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012/05/28 23:28:09 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2012/01/18 02:55:25 | 000,000,000 | ---D | M] (FEBE) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2010/05/28 14:52:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}-trash [2009/12/17 16:02:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}-trash [2010/08/29 12:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}-trash [2012/05/31 06:47:34 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2012/05/08 23:46:56 | 000,000,000 | ---D | M] (Page Speed) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97} [2011/04/20 12:37:07 | 000,000,000 | ---D | M] (Multirow Bookmarks Toolbar) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033} [2012/05/11 19:50:29 | 000,000,000 | ---D | M] (FreePriceAlerts.com) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\extension@freepri cealerts.com [2012/02/19 19:11:13 | 000,000,000 | ---D | M] ("StretchClock") -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\info@stretchclock .com [2012/06/26 23:26:07 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\support@lastpass. com [2012/04/20 14:14:39 | 000,000,000 | ---D | M] (WASP) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\wasp@immeria.net [2010/05/28 14:52:59 | 000,000,000 | ---D | M] (Xsticky-Tool) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\Xsticky-StickyNotes@xsticky.com [2012/05/11 19:50:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\extension@freepri cealerts.com\chrome [2012/05/11 19:50:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\extension@freepri cealerts.com\defaults [2012/03/08 23:41:17 | 000,001,339 | ---- | M] () -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\searchplugins\search-the-web.xml [2012/07/13 06:45:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/07/20 20:39:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012/05/26 02:14:50 | 000,336,363 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI [2011/06/24 19:22:44 | 000,025,217 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{B442F4C0-C292-4998-AABE-48608A73BA75}.XPI [2012/01/21 02:46:48 | 000,138,614 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI [2012/05/25 00:28:56 | 000,012,835 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\AREADECODER@KEVSK I.XPI [2012/02/23 23:54:43 | 000,164,722 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\COMPATIBILITY@ADD ONS.MOZILLA.ORG.XPI [2011/11/17 22:45:04 | 000,058,906 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\IZER@CAMELCAMELCA MEL.COM.XPI [2012/07/19 22:00:10 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/03/10 19:56:39 | 000,583,528 | ---- | M] (iLinc Communications, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPCltInst11.dll [2012/06/16 23:28:55 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/06/16 23:28:55 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google rigi nalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie= {inputEncoding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chro me&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: NPLastPass (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.7_0\nplastpas s.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSky peChromePlugin.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: iLinc Communications Netscape/Mozilla Install Plugin v 11.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPCltInst11.dll CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - Extension: LastPass = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.7_0\ CHR - Extension: LastPass = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.9_0\ CHR - Extension: Skype Click to Call = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\ O1 HOSTS File: ([2012/02/19 23:54:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.) O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Online Armor\OAui.exe (Emsi Software GmbH) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [KodakShareButtonApp] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company) O4 - HKLM..\Run: [LogMeIn GUI] D:\Notes\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe File not found O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare) O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [Personal Assistant] C:\Program Files\Shelltoys\Personal Assistant\assistant.exe () O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [RCHotKey] C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe (RingCentral, Inc.) O4 - HKU\S-1-5-21-725345543-1844237615-839522115-1003..\Run: [RCUI] C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe (RingCentral, Inc.) O4 - Startup: C:\Documents and Settings\Administrator.EXOTIC-3C629299\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe (LastPass) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company) O4 - Startup: C:\Documents and Settings\Michelle\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Michelle\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Documents and Settings\Michelle\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to &Evernote - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.) O15 - HKU\S-1-5-21-725345543-1844237615-839522115-1003\..Trusted Domains: exoticpublishing.com ([]https in Trusted sites) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab (HP Download Manager) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} http://service.ringcentral.com/Activ...age_Player.cab (RingCentral Message Player Control) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://linksyssupport.webex.com/cli...rt/ieatgpc.cab (GpcContainer Class) O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll (PCPitstop Exam) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.15.12.5 8.5.244.6 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14C63AB7-91F2-4939-82A0-88C6628A5C31}: DhcpNameServer = 8.15.12.5 8.5.244.6 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23E4F7C4-7DC6-489A-9574-0FF705F312F3}: DhcpNameServer = 8.15.12.5 8.5.244.6 O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\intu-res {9CE7D474-16F9-4889-9BB9-53E2008EAE8A} - C:\Program Files\Common Files\Intuit\intu-res.dll () O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Online Armor\oaevent.dll (Emsi Software GmbH) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/07/23 20:31:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010/04/14 22:54:30 | 000,000,166 | ---- | M] () - G:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/07/15 21:20:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Web Dimensions [2012/07/15 16:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle\Local Settings\Application Data\Sun [2012/07/13 07:06:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012/07/05 02:12:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN [2012/07/04 16:36:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/07/04 16:35:38 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012/07/04 16:35:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/06/26 23:26:10 | 010,974,280 | ---- | C] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe [2012/06/26 23:25:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle\Start Menu\Programs\LastPass [2012/06/26 23:25:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LastPass [2012/06/26 23:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\LastPass [2012/06/23 14:58:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee ========== Files - Modified Within 30 Days ========== [2012/07/22 05:12:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job [2012/07/22 05:06:00 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/07/22 04:37:01 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003UA.job [2012/07/22 04:12:03 | 000,101,376 | ---- | M] () -- C:\Documents and Settings\Michelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/07/21 20:57:48 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/07/21 10:06:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/07/21 05:37:02 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003Core.job [2012/07/18 07:32:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012/07/15 21:20:23 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ICCPro.lnk [2012/07/15 20:37:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/07/15 20:36:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/07/15 02:57:05 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2012/07/13 06:56:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2012/07/13 06:56:57 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/07/12 06:08:55 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2012/07/12 00:37:47 | 000,768,488 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/07/11 22:20:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012/07/11 00:01:14 | 000,031,912 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAnet.sys [2012/07/10 23:58:52 | 000,027,632 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAmon.sys [2012/07/10 23:58:38 | 000,044,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\oahlp32.sys [2012/07/10 23:58:04 | 000,208,312 | ---- | M] () -- C:\WINDOWS\System32\drivers\OADriver.sys [2012/07/05 02:12:31 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk [2012/07/04 22:39:41 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\calibre - E-book management.lnk [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012/06/26 23:26:11 | 010,974,280 | ---- | M] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe [2012/06/26 23:26:10 | 000,001,128 | ---- | M] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk [2012/06/26 23:25:59 | 000,001,128 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\My LastPass Vault.lnk ========== Files Created - No Company Name ========== [2012/07/15 21:20:23 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ICCPro.lnk [2012/07/05 02:12:31 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk [2012/07/04 16:36:37 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2012/07/04 16:36:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/06/26 23:26:10 | 000,001,128 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk [2012/06/26 23:25:59 | 000,001,128 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\My LastPass Vault.lnk [2012/05/29 03:44:37 | 000,069,037 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\Doxillion.dmp [2012/04/08 18:44:58 | 000,123,072 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2012/04/08 00:50:56 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Michelle\PUTTY.RND [2012/02/14 14:32:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/01/20 00:04:37 | 000,208,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\OADriver.sys [2012/01/20 00:04:37 | 000,044,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\oahlp32.sys [2012/01/08 01:59:31 | 000,111,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys [2011/12/22 15:26:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011/09/10 16:24:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\pathping [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Trace [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Source [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Hop [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\eonda.net [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\Computing [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\8 [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\7 [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\6 [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\[192.168.1.101] [2011/09/10 16:10:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\.26.49] [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\over [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\5 [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\4 [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\3 [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\2 [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\1 [2011/09/10 16:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\0 [2011/05/06 12:19:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys [2011/02/22 18:18:25 | 000,000,242 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini [2011/02/22 18:18:25 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini [2011/02/22 18:17:18 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF10B.DAT [2011/02/22 18:16:51 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini [2011/02/22 18:16:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat [2011/01/03 13:49:39 | 000,166,704 | ---- | C] () -- C:\WINDOWS\System32\R0tiff.dll [2010/11/18 23:40:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michelle\defogger_reenable [2010/08/02 10:12:21 | 000,000,435 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2010/08/02 09:52:52 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\bd7030.dat [2010/08/02 09:52:31 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI [2009/06/08 21:32:27 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\$_hpcst$.hpc [2009/02/16 05:59:24 | 000,000,458 | ---- | C] () -- C:\Documents and Settings\Michelle\clipdat2.rdf [2008/08/03 22:38:23 | 000,101,376 | ---- | C] () -- C:\Documents and Settings\Michelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== LOP Check ========== [2010/02/03 18:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications [2012/01/06 05:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chit Chat For Facebook [2011/12/05 17:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems [2009/08/26 12:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix [2011/10/04 14:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CrashPlan [2008/09/26 22:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.4 Output [2010/10/05 11:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure [2012/06/21 03:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileOpen [2008/07/28 21:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FlashFXP [2009/08/12 12:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN [2012/01/22 01:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn [2011/07/30 13:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maestro [2011/11/16 23:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack [2012/01/07 14:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound [2011/09/06 16:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF [2012/06/01 01:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor [2009/02/21 12:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop [2008/08/02 01:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI [2012/04/16 11:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RingCentral [2009/06/14 16:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit [2008/07/24 01:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2009/07/08 21:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2011/04/13 22:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{A2A58654-12AA-408A-B411-58A76959BE7F} [2010/04/22 01:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland [2010/08/20 08:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\acccore [2010/08/29 12:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Auslogics [2012/06/16 00:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\calibre [2009/11/24 18:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\CBS Interactive [2008/07/24 02:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012/04/08 17:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.infomastery.linkbounder-rmv [2012/06/17 22:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.webdimensions.instant-content-curator-pro [2011/10/04 14:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\CrashPlan [2012/02/27 00:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Domain Name Analyzer v4.1 [2012/06/21 03:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Downloaded Installations [2012/07/19 14:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Dropbox [2009/07/17 19:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eBookPro6 [2008/09/26 22:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eFax Messenger [2008/12/24 14:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eMusic [2012/06/21 03:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\FileOpen [2010/04/29 19:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\GARMIN [2008/09/27 18:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\ICQ [2009/11/11 18:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Image Zone Express [2011/01/03 17:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\ImgBurn [2008/09/26 22:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\j2 Global [2011/11/29 15:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\mjusbsp [2012/01/07 14:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\NCH Swift Sound [2008/08/07 16:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Nexon [2012/06/21 03:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Nitro PDF [2012/01/20 00:05:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OnlineArmor [2010/10/06 12:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OpenCandy [2012/02/28 14:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OpenOffice.org [2010/09/01 16:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Password Manager [2010/07/28 12:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Recordpad [2011/04/28 01:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Skinux [2010/04/27 14:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\SmartDraw [2012/02/27 00:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Softnik Technologies [2012/03/21 02:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\SystemRequirementsLab [2011/12/08 20:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\TeamViewer [2010/03/07 07:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Thunderbird [2011/10/07 23:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1 [2012/06/01 03:53:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\DoxillionReminder.job [2012/07/22 05:12:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job ========== Purity Check ========== < End of report > |
22-Jul-2012, 03:58 PM
#188 | |||||||
| Okay, they're still there, so looks like we'll have to do this via another route. Thanks for the scans at Jotti, looks like they're Java files, so that's good So, lets try and remove the entries I've been trying to remove for some time. There are actually two tools I want to use, but we'll try the first one, as its easier Please download Runscanner to your desktop and run it.
__________________ Just go with the flow, like a twig on the shoulders of a mighty stream MVP in Consumer Security |
26-Jul-2012, 04:28 PM
#193 | |||||||
| That's okay Now, we can finally remove some of the things I wanted to remove a while back, but not all. We'll deal with them after. So, can you do the following for me: Download the attachment at the end of this post. This will be your RSReport file, with the fixes I need you to do.
--------------- Then, can you re-run it as you originally did, and upload the file again
__________________ Just go with the flow, like a twig on the shoulders of a mighty stream MVP in Consumer Security |
29-Jul-2012, 03:28 PM
#194 | |||||||
| Looks like we may be able to solve the Firefox proxy that just won't go, and check a few other things. If you can still do the above with Runscanner, and post the new log that would be great ---- Then, can you try this: Please download MiniToolBox, save it to your desktop and run it. Checkmark the following checkboxes:
eddie
__________________ Just go with the flow, like a twig on the shoulders of a mighty stream MVP in Consumer Security |
Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.
If you're not already familiar with forums, watch our Welcome Guide to get started.
| |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| |
)