OTL logfile created on: 1/31/2012 22:32:25 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\DLee\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 16.00 Gb Total Physical Memory | 14.10 Gb Available Physical Memory | 88.12% Memory free 31.99 Gb Paging File | 30.16 Gb Available in Paging File | 94.27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465.65 Gb Total Space | 206.69 Gb Free Space | 44.39% Space Free | Partition Type: NTFS Drive E: | 59.63 Gb Total Space | 18.99 Gb Free Space | 31.85% Space Free | Partition Type: NTFS Drive G: | 465.76 Gb Total Space | 28.42 Gb Free Space | 6.10% Space Free | Partition Type: NTFS Drive X: | 465.86 Gb Total Space | 167.25 Gb Free Space | 35.90% Space Free | Partition Type: NTFS Computer Name: AEGIS | User Name: DLee | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/01/31 22:32:03 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\DLee\Desktop\OTL.exe PRC - [2012/01/13 14:53:16 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe PRC - [2011/09/07 20:56:11 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2009/07/13 17:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe PRC - [2009/07/13 17:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/11/17 20:55:09 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll MOD - [2011/09/07 20:56:11 | 001,000,920 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\js3250.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011/09/08 12:42:32 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:[b]64bit:[/b] - [2011/09/08 09:29:56 | 000,204,288 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2010/11/20 05:25:18 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\snmp.exe -- (SNMP) SRV:[b]64bit:[/b] - [2009/07/17 05:31:34 | 004,948,992 | ---- | M] (Native Instruments GmbH) [Auto | Stopped] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV:[b]64bit:[/b] - [2009/07/13 17:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp) SRV:[b]64bit:[/b] - [2009/07/13 17:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC) SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/06/07 23:44:08 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe -- (avg8wd) SRV - [2011/04/27 09:42:06 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010/11/20 04:17:42 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP) SRV - [2010/07/01 03:45:02 | 000,136,616 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService) SRV - [2010/06/23 22:19:50 | 000,109,056 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe -- (AsSysCtrlService) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/10/16 09:42:48 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Auto | Stopped] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES) SRV - [2009/07/13 17:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp) SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/05/21 14:09:04 | 000,172,032 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe -- (ASWLCCSvc) SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2007/06/05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2011/09/08 10:27:22 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2011/09/08 08:52:40 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2011/08/01 14:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:[b]64bit:[/b] - [2011/07/28 17:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB) DRV:[b]64bit:[/b] - [2011/07/22 08:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV:[b]64bit:[/b] - [2011/07/12 13:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV:[b]64bit:[/b] - [2011/06/24 05:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV:[b]64bit:[/b] - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011/06/07 23:44:14 | 000,427,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64) DRV:[b]64bit:[/b] - [2011/06/06 22:37:18 | 000,133,640 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA) DRV:[b]64bit:[/b] - [2011/06/06 22:37:18 | 000,033,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64) DRV:[b]64bit:[/b] - [2011/06/06 22:37:18 | 000,014,856 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (AvgRkx64) DRV:[b]64bit:[/b] - [2011/06/06 14:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2011/04/30 03:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2011/04/30 03:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2011/03/28 02:55:50 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2011/03/28 02:53:22 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011/02/23 15:50:14 | 000,018,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver) DRV:[b]64bit:[/b] - [2010/11/20 05:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm) DRV:[b]64bit:[/b] - [2010/11/20 05:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:[b]64bit:[/b] - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 03:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:[b]64bit:[/b] - [2010/11/20 03:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr) DRV:[b]64bit:[/b] - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/08/20 09:49:06 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:[b]64bit:[/b] - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:[b]64bit:[/b] - [2010/02/12 16:42:28 | 001,104,672 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux) DRV:[b]64bit:[/b] - [2010/01/27 17:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2010/01/11 03:28:34 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:[b]64bit:[/b] - [2009/12/22 01:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:[b]64bit:[/b] - [2009/10/28 09:59:08 | 000,045,752 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCASp50.sys -- (PCASp50) DRV:[b]64bit:[/b] - [2009/10/26 22:19:48 | 000,176,640 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:[b]64bit:[/b] - [2009/10/26 22:19:46 | 000,075,264 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:[b]64bit:[/b] - [2009/07/15 19:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/07/13 17:18:06 | 000,281,088 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb) Brother MFC Serial Interface Driver(WDM) DRV:[b]64bit:[/b] - [2009/07/09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:[b]64bit:[/b] - [2009/06/10 12:41:10 | 000,015,360 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSIb.sys -- (BrUsbSIb) Brother MFC Serial USB Driver(WDM) DRV:[b]64bit:[/b] - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/05/04 17:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:[b]64bit:[/b] - [2007/04/23 18:12:44 | 000,739,760 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BisonCam.sys -- (Cam5603D) DRV:[b]64bit:[/b] - [2006/09/02 23:53:54 | 000,097,280 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerIf.sys -- (BrSerIf) DRV - [2010/07/09 11:19:04 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys -- (cpuz134) DRV - [2009/10/28 09:59:08 | 000,045,752 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PCASp50.sys -- (PCASp50) DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 38 B8 4B 00 BB F3 CB 01 [binary data] IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:63394 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\DLee\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\DLee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\DLee\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DLee\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DLee\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: X:\Adobe\CS5 Master Suite\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011/03/20 02:02:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG8\Firefox [2011/06/07 23:46:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/07 20:59:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/30 14:33:15 | 000,000,000 | ---D | M] [2011/03/19 23:20:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DLee\AppData\Roaming\Mozilla\Extensions [2011/03/19 16:33:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DLee\AppData\Roaming\Mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a} [2012/01/31 19:44:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions [2011/09/07 20:54:57 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} [2011/03/19 23:21:07 | 000,000,000 | ---D | M] (Define Word) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{1395baf2-3aa6-4d0f-83d6-1d9b66a9420d} [2011/09/08 20:16:15 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2011/03/19 23:21:07 | 000,000,000 | ---D | M] (Print/Print Preview) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{19EB90DC-A456-458b-8AAC-616D91AAFCE1} [2011/03/19 23:21:07 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2011/09/07 20:54:53 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9} [2011/09/07 20:54:52 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2011/03/19 23:23:49 | 000,000,000 | ---D | M] (oldbar) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb} [2011/03/19 23:25:27 | 000,000,000 | ---D | M] (FavLoc) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{472f4ef0-a825-11da-a746-0800200c9a66} [2011/03/19 23:21:04 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2011/09/10 13:39:06 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{582195F5-92E7-40a0-A127-DB71295901D7} [2011/03/19 23:21:04 | 000,000,000 | ---D | M] ("ProCon Latte") -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{9D6218B8-03C7-4b91-AA43-680B305DD35C} [2011/03/19 23:21:04 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492} [2011/09/07 20:54:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011/03/27 04:06:30 | 000,000,000 | ---D | M] (Vuze Remote) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2011/09/07 20:54:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/03/19 23:21:02 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2011/05/16 21:59:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{dc572301-7619-498c-a57d-39143191b318} [2011/03/19 23:21:01 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2011/09/07 20:54:51 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2011/03/19 23:21:00 | 000,000,000 | ---D | M] (QuickRestart) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{F645A8C9-E969-42D9-B3F3-F325537222FD} [2011/10/27 17:11:56 | 000,000,000 | ---D | M] (Craigslist Image Prefetcher) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\CLIP@chris.synan [2011/03/19 23:21:11 | 000,000,000 | ---D | M] (Element Hiding Helper for Adblock Plus) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\elemhidehelper@adblockplus.org [2011/03/19 23:21:10 | 000,000,000 | ---D | M] ("KGen") -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\kgen@elitwork.com [2011/04/24 17:01:18 | 000,000,000 | ---D | M] (Show Picture) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\LDshowpicture_plashcor@gmail.com [2011/08/24 21:33:18 | 000,000,000 | ---D | M] (Save Images) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\LDSI_plashcor@gmail.com [2011/04/18 02:00:33 | 000,000,000 | ---D | M] (Multi Links) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\multilinks@plugin [2011/05/16 21:59:57 | 000,000,000 | ---D | M] ("SEO For Firefox") -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\seo4firefox@seobook.com [2011/03/19 23:21:09 | 000,000,000 | ---D | M] (SeoQuake Plugin - Del.icio.us) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\seoquake-plugin-delicious@seoquake.com [2011/03/19 23:21:09 | 000,000,000 | ---D | M] (SeoQuake Plugin - Seolinx) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\seoquake-plugin-seolinx@seoquake.com [2011/09/07 20:54:54 | 000,000,000 | ---D | M] (Simple Timer) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\simpletimer@grbradt.org [2011/03/19 23:21:09 | 000,000,000 | ---D | M] ("Status-bar Scientific Calculator") -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\ststusscicalc@sunny [2011/05/16 21:59:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\b0pajpvg.Daniel\extensions\{dc572301-7619-498c-a57d-39143191b318}\modules\extensions [2011/03/27 04:06:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions [2011/03/19 23:20:26 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} [2011/03/19 23:20:26 | 000,000,000 | ---D | M] (Define Word) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{1395baf2-3aa6-4d0f-83d6-1d9b66a9420d} [2011/03/19 23:20:26 | 000,000,000 | ---D | M] (Print/Print Preview) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{19EB90DC-A456-458b-8AAC-616D91AAFCE1} [2011/03/19 23:20:26 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2011/03/19 16:31:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/03/19 23:20:26 | 000,000,000 | ---D | M] ("Delicious Bookmarks") -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9} [2011/03/19 23:20:25 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2011/03/19 23:20:22 | 000,000,000 | ---D | M] (Data Analytics) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{377364a4-d91a-47ea-87de-c3d7eaf221cd} [2011/03/19 23:20:22 | 000,000,000 | ---D | M] (oldbar) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb} [2011/03/19 23:20:22 | 000,000,000 | ---D | M] (FavLoc) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{472f4ef0-a825-11da-a746-0800200c9a66} [2011/03/19 23:20:21 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2011/03/19 23:20:21 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{582195F5-92E7-40a0-A127-DB71295901D7} [2011/03/19 23:20:19 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2011/03/19 23:20:19 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2011/03/19 23:20:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011/03/27 04:06:30 | 000,000,000 | ---D | M] (Vuze Remote) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2011/03/19 23:20:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8} [2011/03/19 23:20:17 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/03/19 23:20:16 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2011/03/19 23:20:14 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{dc572301-7619-498c-a57d-39143191b318} [2011/03/19 23:20:14 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2011/03/19 23:20:14 | 000,000,000 | ---D | M] (QuickRestart) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\{F645A8C9-E969-42D9-B3F3-F325537222FD} [2011/03/19 23:20:30 | 000,000,000 | ---D | M] (Show Picture) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\LDshowpicture_plashcor@gmail.com [2011/03/19 23:20:29 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\piclens@cooliris.com [2011/03/19 23:20:28 | 000,000,000 | ---D | M] ("Highlights") -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\rj@reedmace.net [2011/03/19 23:20:28 | 000,000,000 | ---D | M] ("SEO For Firefox") -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\seo4firefox@seobook.com [2011/03/19 23:20:28 | 000,000,000 | ---D | M] (SeoQuake Plugin - Del.icio.us) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\seoquake-plugin-delicious@seoquake.com [2011/03/19 23:20:28 | 000,000,000 | ---D | M] (SeoQuake Plugin - Seolinx) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\seoquake-plugin-seolinx@seoquake.com [2011/03/19 23:20:28 | 000,000,000 | ---D | M] ("Simple Timer") -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\simpletimer@grbradt.org [2011/03/19 23:20:27 | 000,000,000 | ---D | M] (Site Information Tool) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\siteinfo@wmtips [2011/03/19 23:20:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\staged-xpis [2011/03/19 23:20:26 | 000,000,000 | ---D | M] ("Status-bar Scientific Calculator") -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\bpz41sfe.Work\extensions\ststusscicalc@sunny [2011/03/27 04:06:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\fnhvl5tp.default\extensions [2011/03/27 04:06:30 | 000,000,000 | ---D | M] (Vuze Remote) -- C:\Users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\fnhvl5tp.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2012/01/31 19:44:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011/03/19 23:18:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011/04/12 23:27:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/04/13 12:41:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2007/12/13 09:55:00 | 000,437,760 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npagent.dll [2010/03/27 17:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll [2011/02/02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2005/12/05 21:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npmozax.dll [2008/06/30 21:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npOGAPlugin.dll [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DLee\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\DLee\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DLee\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll CHR - plugin: Driver Agent Plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npagent.dll CHR - plugin: Adobe Contribute CS5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll CHR - plugin: DivX\u00AE Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll CHR - plugin: Office Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npOGAPlugin.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: AOL Media Playback Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npunagi2.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\DLee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\DLee\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\DLee\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Google Update (Enabled) = C:\Users\DLee\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\ CHR - Extension: Google Search = C:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\ CHR - Extension: Gmail = C:\Users\DLee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/01/30 23:00:49 | 000,441,158 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 94.63.147.14 www.google.com O1 - Hosts: 94.63.147.15 www.bing.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 15162 more lines... O2:[b]64bit:[/b] - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItBHO64.dll (TechSmith Corporation) O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - X:\Adobe\CS5 Master Suite\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - X:\Adobe\CS5 Master Suite\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation) O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Control Center] C:\Program Files (x86)\ASUS\WLAN Card Utilities\CenterAgent.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O8:[b]64bit:[/b] - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\WPLauncher.hta File not found O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\WPLauncher.hta File not found O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75EF2997-7330-4525-AF98-B85397041F3F}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\linkscanner - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:[b]64bit:[/b] - AppInit_DLLs: (acaptuser64.dll) - C:\Windows\SysNative\acaptuser64.dll (Adobe Systems, Inc.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKCU Winlogon: Shell - (EXPLORER.EXE) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (SmartDefragBootTime.exe) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/01/31 22:32:01 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\DLee\Desktop\OTL.exe [2012/01/31 22:20:02 | 000,000,000 | ---D | C] -- C:\Users\DLee\AppData\Roaming\Malwarebytes [2012/01/31 22:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/01/31 22:19:55 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/01/31 22:19:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/01/31 22:19:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/01/31 22:13:10 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\DLee\Desktop\mbam-setup-1.60.1.1000.exe [2012/01/31 22:06:48 | 000,000,000 | ---D | C] -- C:\Users\DLee\Desktop\SmitfraudFix [2012/01/31 21:58:49 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\VCCLSID.exe [2012/01/31 21:58:49 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\SrchSTS.exe [2012/01/31 21:58:49 | 000,135,168 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swreg.exe [2012/01/31 21:58:49 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\VACFix.exe [2012/01/31 21:58:49 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.exe [2012/01/31 21:58:49 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.C.exe [2012/01/31 21:58:49 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\404Fix.exe [2012/01/31 21:58:49 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\o4Patch.exe [2012/01/31 21:58:49 | 000,079,360 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swxcacls.exe [2012/01/31 21:58:49 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\Agent.OMZ.Fix.exe [2012/01/31 21:58:49 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\SysWow64\Process.exe [2012/01/30 19:28:31 | 000,108,080 | ---- | C] (Microsoft Corporation) -- C:\Users\DLee\AppData\Roaming\krnlhtml.exe [2012/01/29 22:07:16 | 000,108,080 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\configremote.exe [2012/01/26 21:51:37 | 000,000,000 | ---D | C] -- C:\Users\DLee\AppData\Roaming\Adobe Mini Bridge CS5 [2012/01/26 21:23:40 | 000,000,000 | ---D | C] -- C:\Users\DLee\Jobs 2012 [2012/01/15 23:15:08 | 000,000,000 | ---D | C] -- C:\Users\DLee\Marine Officer Docs [2012/01/12 20:07:19 | 000,000,000 | ---D | C] -- C:\Users\DLee\Desktop\SAW 1-7 (2004 - 2010) DvdRips XviD Xult [2012/01/04 00:50:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Swiff Player [2012/01/04 00:50:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GlobFX [2012/01/04 00:49:55 | 004,494,354 | ---- | C] (GlobFX Technologies ) -- C:\Users\DLee\Desktop\SwiffPlayerSetup172.exe [2012/01/04 00:49:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/01/31 22:32:03 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\DLee\Desktop\OTL.exe [2012/01/31 22:22:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/01/31 22:22:38 | 4293,533,694 | -HS- | M] () -- C:\hiberfil.sys [2012/01/31 22:17:10 | 000,001,552 | ---- | M] () -- C:\Windows\SysWow64\tmp.reg [2012/01/31 22:17:10 | 000,000,691 | ---- | M] () -- C:\Users\DLee\AppData\Roaming\GetValue.vbs [2012/01/31 22:17:10 | 000,000,035 | ---- | M] () -- C:\Users\DLee\AppData\Roaming\SetValue.bat [2012/01/31 22:13:22 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\DLee\Desktop\mbam-setup-1.60.1.1000.exe [2012/01/31 22:12:45 | 001,872,472 | ---- | M] () -- C:\Users\DLee\Desktop\SmitfraudFix.exe [2012/01/31 21:56:55 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/01/31 21:56:55 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/01/31 21:56:55 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx [2012/01/31 21:47:37 | 000,000,364 | ---- | M] () -- C:\Windows\wininit.ini [2012/01/31 21:47:26 | 000,030,208 | ---- | M] () -- C:\Users\DLee\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/01/31 19:54:44 | 000,000,954 | ---- | M] () -- C:\Users\DLee\Desktop\regfix.reg [2012/01/31 19:25:04 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3964745361-1973383320-2877571132-1000UA.job [2012/01/30 23:32:31 | 089,451,570 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm [2012/01/30 23:00:49 | 000,441,158 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/01/30 20:05:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3964745361-1973383320-2877571132-1000UA.job [2012/01/30 18:54:59 | 000,000,882 | RH-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120130-230049.backup [2012/01/29 22:00:37 | 031,153,970 | ---- | M] () -- C:\Users\DLee\Desktop\Harley Davidson Service Manual Sportster 86-03.pdf [2012/01/29 19:11:35 | 159,318,503 | ---- | M] () -- C:\Users\DLee\Desktop\Episode31-TranceIsLifePodcast.mp3 [2012/01/29 18:25:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3964745361-1973383320-2877571132-1000Core.job [2012/01/29 11:05:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3964745361-1973383320-2877571132-1000Core.job [2012/01/28 10:41:56 | 000,007,534 | ---- | M] () -- C:\Users\DLee\420427_317348844974675_131437750232453_900474_797310643_n.jpg [2012/01/27 16:39:59 | 000,002,932 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys [2012/01/27 16:38:14 | 003,105,442 | ---- | M] () -- C:\Users\DLee\Desktop\Oily_Stuff_Under_Carb.flv [2012/01/24 23:25:57 | 000,002,373 | ---- | M] () -- C:\Users\DLee\Desktop\Google Chrome.lnk [2012/01/22 22:00:00 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job [2012/01/18 22:35:23 | 000,190,180 | ---- | M] () -- C:\Users\DLee\Desktop\Dynojet Normal.pdf [2012/01/18 18:47:28 | 000,170,760 | ---- | M] () -- C:\Users\DLee\Desktop\Dynojet 883 Racer.pdf [2012/01/15 12:13:44 | 000,440,213 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120119-175357.backup [2012/01/14 18:54:47 | 000,029,153 | ---- | M] () -- C:\Users\DLee\Desktop\ruler_foot-1.pdf [2012/01/11 22:38:08 | 052,451,901 | ---- | M] () -- C:\Users\DLee\Desktop\Lynyrd_Skynyrd_-_Simple_Man_-_super_easy_beginner_acoustic_g.flv [2012/01/11 19:32:11 | 000,091,336 | ---- | M] () -- C:\Users\DLee\Desktop\SR-i900 Remote Web-500x500.jpg [2012/01/09 22:04:09 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2012/01/09 00:49:17 | 000,440,086 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120115-121344.backup [2012/01/09 00:47:45 | 000,007,634 | ---- | M] () -- C:\Users\DLee\AppData\Local\resmon.resmoncfg [2012/01/09 00:35:35 | 000,440,086 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120109-004917.backup [2012/01/08 10:17:17 | 002,375,667 | ---- | M] () -- C:\Users\DLee\Desktop\Lynyrd_Skynyrd_-_Simple_Man.flv [2012/01/07 18:49:04 | 003,534,906 | ---- | M] () -- C:\Users\DLee\Desktop\wnr834bv2_2_1_13_na_only.chk [2012/01/06 22:46:06 | 000,043,229 | ---- | M] () -- C:\Users\DLee\Desktop\384826_10100443104666527_3625256_55133678_1505682643_n.jpg [2012/01/05 22:49:09 | 005,927,077 | ---- | M] () -- C:\Users\DLee\Desktop\ASVAB for Dummies (2nd Edition).pdf [2012/01/05 17:47:56 | 000,102,999 | ---- | M] () -- C:\Users\DLee\Desktop\Gauge Amazon.pdf [2012/01/05 17:28:45 | 000,013,077 | ---- | M] () -- C:\Users\DLee\Desktop\Balaclava Amazon.pdf [2012/01/04 00:50:35 | 000,001,088 | ---- | M] () -- C:\Users\DLee\Desktop\Swiff Player.lnk [2012/01/04 00:50:00 | 004,494,354 | ---- | M] (GlobFX Technologies ) -- C:\Users\DLee\Desktop\SwiffPlayerSetup172.exe [2012/01/02 21:21:56 | 000,440,086 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120109-003535.backup [2012/01/02 21:13:45 | 000,002,576 | -HS- | M] () -- C:\Users\DLee\AppData\Local\871tu76xx38p34227204lnianx6a578kcu0nk46016o [2012/01/02 21:13:45 | 000,002,576 | -HS- | M] () -- C:\ProgramData\871tu76xx38p34227204lnianx6a578kcu0nk46016o [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/01/31 22:19:56 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/01/31 22:12:26 | 001,872,472 | ---- | C] () -- C:\Users\DLee\Desktop\SmitfraudFix.exe [2012/01/31 21:59:29 | 000,000,691 | ---- | C] () -- C:\Users\DLee\AppData\Roaming\GetValue.vbs [2012/01/31 21:59:29 | 000,000,035 | ---- | C] () -- C:\Users\DLee\AppData\Roaming\SetValue.bat [2012/01/31 21:59:28 | 000,001,552 | ---- | C] () -- C:\Windows\SysWow64\tmp.reg [2012/01/31 21:58:49 | 000,075,776 | ---- | C] () -- C:\Windows\SysWow64\WS2Fix.exe [2012/01/31 21:58:49 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\dumphive.exe [2012/01/31 21:58:49 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\swsc.exe [2012/01/31 19:54:52 | 000,000,954 | ---- | C] () -- C:\Users\DLee\Desktop\regfix.reg [2012/01/30 20:06:51 | 000,000,364 | ---- | C] () -- C:\Windows\wininit.ini [2012/01/29 18:07:26 | 159,318,503 | ---- | C] () -- C:\Users\DLee\Desktop\Episode31-TranceIsLifePodcast.mp3 [2012/01/28 10:41:56 | 000,007,534 | ---- | C] () -- C:\Users\DLee\420427_317348844974675_131437750232453_900474_797310643_n.jpg [2012/01/27 16:38:08 | 003,105,442 | ---- | C] () -- C:\Users\DLee\Desktop\Oily_Stuff_Under_Carb.flv [2012/01/18 22:35:23 | 000,190,180 | ---- | C] () -- C:\Users\DLee\Desktop\Dynojet Normal.pdf [2012/01/18 18:47:28 | 000,170,760 | ---- | C] () -- C:\Users\DLee\Desktop\Dynojet 883 Racer.pdf [2012/01/14 18:54:47 | 000,029,153 | ---- | C] () -- C:\Users\DLee\Desktop\ruler_foot-1.pdf [2012/01/11 22:31:21 | 052,451,901 | ---- | C] () -- C:\Users\DLee\Desktop\Lynyrd_Skynyrd_-_Simple_Man_-_super_easy_beginner_acoustic_g.flv [2012/01/11 19:32:10 | 000,091,336 | ---- | C] () -- C:\Users\DLee\Desktop\SR-i900 Remote Web-500x500.jpg [2012/01/08 10:17:17 | 002,375,667 | ---- | C] () -- C:\Users\DLee\Desktop\Lynyrd_Skynyrd_-_Simple_Man.flv [2012/01/07 18:46:00 | 003,534,906 | ---- | C] () -- C:\Users\DLee\Desktop\wnr834bv2_2_1_13_na_only.chk [2012/01/06 22:44:29 | 000,043,229 | ---- | C] () -- C:\Users\DLee\Desktop\384826_10100443104666527_3625256_55133678_1505682643_n.jpg [2012/01/05 22:48:56 | 005,927,077 | ---- | C] () -- C:\Users\DLee\Desktop\ASVAB for Dummies (2nd Edition).pdf [2012/01/05 17:47:56 | 000,102,999 | ---- | C] () -- C:\Users\DLee\Desktop\Gauge Amazon.pdf [2012/01/05 17:28:45 | 000,013,077 | ---- | C] () -- C:\Users\DLee\Desktop\Balaclava Amazon.pdf [2012/01/04 00:50:35 | 000,001,088 | ---- | C] () -- C:\Users\DLee\Desktop\Swiff Player.lnk [2012/01/02 20:54:56 | 000,002,576 | -HS- | C] () -- C:\Users\DLee\AppData\Local\871tu76xx38p34227204lnianx6a578kcu0nk46016o [2012/01/02 20:54:56 | 000,002,576 | -HS- | C] () -- C:\ProgramData\871tu76xx38p34227204lnianx6a578kcu0nk46016o [2011/12/04 12:03:15 | 000,003,520 | -HS- | C] () -- C:\Users\DLee\AppData\Local\j4nv56c0og6dvr [2011/12/04 12:03:15 | 000,003,520 | -HS- | C] () -- C:\ProgramData\j4nv56c0og6dvr [2011/11/09 18:47:41 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI [2011/09/14 10:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011/09/07 21:32:25 | 000,165,536 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011/08/24 19:19:10 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011/08/20 20:19:16 | 000,000,008 | RHS- | C] () -- C:\Windows\SysWow64\D81DEDD44C.sys [2011/08/20 20:18:02 | 000,000,088 | RHS- | C] () -- C:\Windows\SysWow64\317C373DAA.sys [2011/08/20 20:11:02 | 000,002,932 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys [2011/07/07 20:55:50 | 000,001,456 | ---- | C] () -- C:\Users\DLee\AppData\Local\Adobe Save for Web 12.0 Prefs [2011/06/27 22:23:38 | 000,015,190 | ---- | C] () -- C:\Windows\M2000Twn.ini [2011/06/02 11:34:26 | 000,008,257 | ---- | C] () -- C:\Users\DLee\AppData\Roaming\AC1A.C40 [2011/05/01 12:17:39 | 000,000,007 | ---- | C] () -- C:\Windows\treeskp.sys [2011/05/01 12:17:39 | 000,000,007 | ---- | C] () -- C:\Windows\sbacknt.bin [2011/04/13 12:08:06 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2011/04/13 12:08:06 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2011/04/10 22:57:56 | 000,000,048 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011/04/02 14:52:57 | 000,030,208 | ---- | C] () -- C:\Users\DLee\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/04/02 14:45:31 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011/03/24 23:46:22 | 000,000,255 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2011/03/24 23:46:22 | 000,000,094 | ---- | C] () -- C:\Windows\brpcfx.ini [2011/03/24 23:45:26 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011/03/24 23:45:26 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2011/03/24 23:44:50 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll [2011/03/24 23:44:50 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini [2011/03/24 23:44:50 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2011/03/20 16:40:31 | 000,003,608 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011/03/20 16:40:31 | 000,000,008 | RHS- | C] () -- C:\ProgramData\0571F720CC.sys [2011/03/20 00:48:37 | 000,120,268 | ---- | C] () -- C:\Windows\File Renamer - Basic Uninstaller.exe [2011/03/19 22:41:55 | 000,007,634 | ---- | C] () -- C:\Users\DLee\AppData\Local\resmon.resmoncfg [2011/03/19 22:38:22 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2011/03/19 20:29:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011/03/19 20:23:46 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll [2011/03/19 20:23:46 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2011/03/19 20:18:08 | 000,039,233 | ---- | C] () -- C:\Windows\Ascd_log.ini [2011/03/19 20:16:17 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2011/03/19 20:16:13 | 000,032,217 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2011/03/17 16:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/07/05 18:48:34 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys [2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009/04/02 04:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2009/03/29 22:32:40 | 000,032,768 | R--- | C] () -- C:\Windows\DAODx.exe [2008/12/01 17:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll [2007/11/26 20:56:28 | 000,151,415 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2007/06/05 12:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\SysWow64\PSIService.exe [color=#E56717]========== LOP Check ==========[/color] [2011/12/29 16:22:07 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\04802 [2011/03/21 04:27:59 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\Ableton [2011/03/21 00:58:33 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\acccore [2012/01/29 00:30:41 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\Azureus [2011/04/11 22:10:33 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\Braid [2011/03/31 01:49:31 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\DAEMON Tools Lite [2011/03/25 02:30:31 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\Guitar Pro 6 [2011/03/20 00:01:03 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\IObit [2011/05/31 22:16:42 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\IrfanView [2011/03/22 00:00:50 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\Leadertech [2011/10/22 18:05:57 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\Magic Set Editor [2012/01/15 12:05:17 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\Notepad++ [2011/09/07 21:46:01 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\Opera [2011/11/09 18:47:41 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\PACE Anti-Piracy [2011/05/01 03:00:04 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\SoundSpectrum [2011/04/12 23:43:33 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2011/05/15 04:16:12 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\vghd [2011/09/17 22:03:09 | 000,000,000 | ---D | M] -- C:\Users\DLee\AppData\Roaming\Wizards of the Coast [2012/01/29 11:05:00 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3964745361-1973383320-2877571132-1000Core.job [2012/01/30 20:05:00 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3964745361-1973383320-2877571132-1000UA.job [2012/01/30 23:25:13 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012/01/22 22:00:00 | 000,000,406 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 1284 bytes -> C:\ProgramData\Microsoft:E1HQlF49b7FE0gm1oxnRymW @Alternate Data Stream - 1232 bytes -> C:\ProgramData\Microsoft:WircfwojjIUmYtMlSVdd < End of report >