OTL logfile created on: 7/26/2012 4:49:01 PM - Run 1 OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\lford\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.25 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 60.23% Memory free 6.49 Gb Paging File | 5.11 Gb Available in Paging File | 78.66% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232.06 Gb Total Space | 189.95 Gb Free Space | 81.86% Space Free | Partition Type: NTFS Drive F: | 298.09 Gb Total Space | 266.67 Gb Free Space | 89.46% Space Free | Partition Type: NTFS Drive G: | 1.87 Gb Total Space | 1.86 Gb Free Space | 99.74% Space Free | Partition Type: FAT32 Computer Name: LEN2010 | User Name: lford | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/07/25 13:31:32 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\lford\Desktop\OTL.exe PRC - [2012/07/12 09:33:30 | 000,136,616 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe PRC - [2012/07/12 09:32:55 | 000,374,184 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe PRC - [2012/07/12 04:10:39 | 000,686,280 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe PRC - [2012/05/24 13:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\lford\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012/02/23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe PRC - [2012/02/23 05:40:41 | 002,886,528 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012/02/23 05:40:40 | 007,983,488 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe PRC - [2012/02/23 05:24:59 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe PRC - [2011/06/23 23:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010/11/08 13:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe PRC - [2010/07/21 16:01:38 | 000,147,840 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe PRC - [2010/06/22 11:33:38 | 000,034,232 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe PRC - [2010/03/29 12:45:48 | 001,164,648 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe PRC - [2010/03/29 12:45:46 | 000,132,456 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe PRC - [2010/01/27 12:22:02 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe PRC - [2010/01/14 18:23:11 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe PRC - [2010/01/14 18:23:11 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe PRC - [2010/01/14 18:23:10 | 002,477,304 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe PRC - [2010/01/14 18:23:10 | 001,864,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe PRC - [2010/01/14 18:23:10 | 001,455,432 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe PRC - [2010/01/14 18:23:10 | 000,181,616 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SavUI.exe PRC - [2010/01/14 18:23:09 | 000,159,600 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\DWHWizrd.exe PRC - [2009/11/23 21:13:46 | 000,075,136 | ---- | M] (Seiko Instruments USA Inc.) -- C:\Program Files\Seiko Instruments USA Inc\Smart Label Printer 6.9.2\slpcap.exe PRC - [2009/08/26 12:49:00 | 002,691,072 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe PRC - [2009/06/24 20:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe PRC - [2008/08/20 20:18:00 | 000,443,968 | ---- | M] (Google Inc.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe PRC - [2008/04/23 02:08:13 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe PRC - [2008/04/14 14:03:54 | 001,448,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe PRC - [2008/04/14 14:03:54 | 000,596,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012/06/25 12:37:52 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012/06/25 12:37:45 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012/05/14 11:24:52 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll MOD - [2012/05/14 11:18:50 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012/05/14 11:18:46 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012/05/14 11:18:45 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012/05/14 11:18:27 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010/08/26 14:43:35 | 000,046,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Status Lib\1.6.460.18066__f25c74fcad379103\Status Lib.dll MOD - [2010/08/26 14:43:35 | 000,014,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\StatusInterfaces\1.6.460.18065__4ca2a925deedf37d\StatusInterfaces.dll MOD - [2010/03/02 12:46:38 | 000,010,752 | ---- | M] () -- C:\Windows\System32\Wavx_ESC_Logging.dll MOD - [2010/01/19 12:44:30 | 000,249,856 | ---- | M] () -- C:\Windows\System32\wxvault.dll MOD - [2008/11/12 13:24:40 | 000,004,608 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll MOD - [2008/04/14 13:59:00 | 026,267,648 | ---- | M] () -- C:\Windows\System32\btwicons.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012/07/13 14:43:07 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/07/12 09:33:30 | 000,136,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint) SRV - [2012/07/12 09:32:55 | 000,374,184 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2012/07/12 05:10:42 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/02/23 05:40:41 | 002,886,528 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2010/11/08 13:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn) SRV - [2010/09/04 20:00:54 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/03/29 12:45:48 | 001,164,648 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService) SRV - [2010/02/03 17:24:20 | 001,032,192 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService) SRV - [2010/01/14 18:23:11 | 000,341,320 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC) SRV - [2010/01/14 18:23:11 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (EraserSvc11210) SRV - [2010/01/14 18:23:11 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2010/01/14 18:23:11 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2010/01/14 18:23:10 | 002,477,304 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus) SRV - [2010/01/14 18:23:10 | 001,864,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService) SRV - [2009/07/13 20:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009/07/13 13:06:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate) SRV - [2008/11/12 13:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2012/07/26 16:36:21 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120725.033\NAVEX15.SYS -- (NAVEX15) DRV - [2012/07/26 16:36:21 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120725.033\NAVENG.SYS -- (NAVENG) DRV - [2012/07/12 09:32:56 | 000,083,392 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2012/05/30 23:54:15 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2012/05/30 23:54:15 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2011/05/18 08:09:04 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) DRV - [2010/11/20 07:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010/11/20 07:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010/11/20 07:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/20 04:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010/11/20 04:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010/11/17 14:43:58 | 000,167,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wpshelper.sys -- (WpsHelper) DRV - [2010/11/17 14:40:35 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2010/05/18 16:54:50 | 000,013,408 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\radpms.sys -- (radpms) DRV - [2010/03/18 19:16:08 | 009,515,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010/01/27 12:22:02 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2010/01/27 12:22:02 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo) DRV - [2010/01/19 12:46:44 | 000,229,888 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\WavxDMgr.sys -- (WavxDMgr) DRV - [2010/01/14 18:23:12 | 000,042,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\WPSDRVnt.sys -- (WPS) DRV - [2010/01/14 18:23:11 | 000,320,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL) DRV - [2010/01/14 18:23:11 | 000,281,648 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP) DRV - [2010/01/14 18:23:11 | 000,092,488 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\SysPlant.sys -- (SysPlant) DRV - [2010/01/14 18:23:11 | 000,050,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Teefer2.sys -- (Teefer2) DRV - [2010/01/14 18:23:11 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX) DRV - [2010/01/14 18:23:09 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2010/01/14 18:23:09 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI) DRV - [2010/01/14 18:23:09 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV) DRV - [2009/11/16 18:21:24 | 002,748,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTDVHDA.sys -- (IntcAzAudAddService) DRV - [2009/06/20 07:34:56 | 000,273,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) DRV - [2009/05/11 11:55:12 | 000,084,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\basp.sys -- (Blfp) DRV - [2008/06/04 14:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\PBADRV.sys -- (PBADRV) DRV - [2008/04/15 11:14:02 | 000,990,632 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btkrnl.sys -- (BTKRNL) DRV - [2008/04/15 11:13:58 | 000,534,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btaudio.sys -- (btaudio) DRV - [2008/03/27 17:18:12 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwusb.sys -- (BTWUSB) DRV - [2008/03/10 18:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwhid.sys -- (btwhid) DRV - [2008/02/04 17:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btport.sys -- (BTDriver) DRV - [2007/09/20 11:59:14 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwdndis.sys -- (BTWDNDIS) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{5D476C2F-892A-42E3-8B36-871AF0A7CB9E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F7 46 81 4D 79 4B CB 01 [binary data] IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\..\SearchScopes\{653929B7-9BB4-4732-9DB7-D664213BB628}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=0030A8F0-1C76-4798-9BB7-325C97EE14E9&apn_sauid=9D1E477A-D583-4154-AC65-C3FE1EED9BA3& IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&rlz=1I7ADRA_enUS398 IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1409082233-113007714-839522115-1677\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29 FF - prefs.js..extensions.enabledItems: quickprint@hp.com:1.0 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\quickprint@hp.com: C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/13 14:43:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/13 14:43:07 | 000,000,000 | ---D | M] [2011/03/03 09:55:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lford\AppData\Roaming\mozilla\Extensions [2011/03/17 09:33:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lford\AppData\Roaming\mozilla\Firefox\Profiles\wqtu6x5o.default\extensions [2012/07/19 08:57:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/07/13 14:43:07 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012/07/13 14:43:05 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/07/13 14:43:05 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-1409082233-113007714-839522115-1677\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-1409082233-113007714-839522115-1677\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation) O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.) O4 - HKU\S-1-5-21-1409082233-113007714-839522115-1677..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKU\S-1-5-21-1409082233-113007714-839522115-1677..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.) O4 - HKU\S-1-5-21-1409082233-113007714-839522115-1677..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\lford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\lford\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-1409082233-113007714-839522115-1677\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-1409082233-113007714-839522115-1677\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1409082233-113007714-839522115-1677\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1409082233-113007714-839522115-1677\..Trusted Domains: motorola.com ([businessonline] https in Trusted sites) O16 - DPF: {16F67783-7E72-4C39-99C4-4780A8335484} http://www.syncmyride.com/Own/Modules/UploadDownload/applets/sync.cab (SyncXfer Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/RACtrl.cab (Performance Viewer Activex Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.168.6 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lrccomm.local O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13789203-590B-4093-B01D-8E7623D87D26}: DhcpNameServer = 192.168.168.6 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Authentication Packages - (wvauth) - C:\Windows\System32\wvauth.dll (Wave Systems Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Sharedaccess - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/07/26 16:34:03 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\lford\Desktop\OTL.exe [2012/07/24 15:17:10 | 000,000,000 | ---D | C] -- C:\Users\lford\AppData\Roaming\FixZeroAccess [2012/07/24 15:16:34 | 001,805,736 | ---- | C] (Symantec Corporation) -- C:\Users\lford\Desktop\FixZeroAccess.exe [2012/07/23 13:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2012/07/23 12:58:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012/07/23 12:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2012/07/23 12:33:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012/07/23 12:33:26 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012/07/23 12:22:55 | 000,000,000 | ---D | C] -- C:\Microsoft [2012/07/23 09:24:57 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA% [2012/07/13 14:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012/07/13 14:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012/07/11 20:01:56 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012/07/11 06:22:02 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012/07/11 06:22:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2012/07/11 06:21:59 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll [2010/09/07 11:26:57 | 013,832,552 | ---- | C] (Seiko Instruments USA Inc. ) -- C:\Users\lford\SLP100.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/07/26 16:38:14 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/26 16:38:14 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/26 16:36:47 | 000,626,844 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/07/26 16:36:47 | 000,107,160 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/07/26 16:31:25 | 000,001,928 | ---- | M] () -- C:\Users\lford\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600.lnk [2012/07/26 16:30:27 | 000,000,000 | ---- | M] () -- C:\Users\lford\AppData\Local\WavXMapDrive.bat [2012/07/26 16:30:17 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/07/26 16:29:56 | 000,000,000 | ---- | M] () -- C:\t1bk.2 [2012/07/26 16:29:56 | 000,000,000 | ---- | M] () -- C:\t1bk.1 [2012/07/26 16:29:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/07/26 16:28:54 | 2615,394,304 | -HS- | M] () -- C:\hiberfil.sys [2012/07/25 13:31:32 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\lford\Desktop\OTL.exe [2012/07/25 10:10:53 | 000,001,043 | ---- | M] () -- C:\Users\lford\Desktop\Documents - Shortcut.lnk [2012/07/25 10:10:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/07/25 09:26:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/07/25 07:08:24 | 1057,596,415 | ---- | M] () -- C:\backup.pst [2012/07/24 15:00:34 | 001,805,736 | ---- | M] (Symantec Corporation) -- C:\Users\lford\Desktop\FixZeroAccess.exe [2012/07/23 13:07:49 | 000,002,453 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2012/07/23 12:38:51 | 000,120,198 | ---- | M] () -- \\Lrcmail\Employee Docs\lford\My Documents\cc_20120723_123838.reg [2012/07/23 12:33:27 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/07/23 09:42:45 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/07/23 08:41:31 | 000,242,408 | ---- | M] () -- \\Lrcmail\Employee Docs\lford\My Documents\Jeff Davis-Portable in Medium Building.pdf [2012/07/13 14:43:11 | 000,001,992 | ---- | M] () -- C:\Users\lford\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2012/07/12 09:54:02 | 000,409,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/07/12 09:32:56 | 000,083,392 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIRfsClientNP.dll [2012/07/12 09:32:55 | 000,087,456 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIinit.dll [2012/07/12 09:32:55 | 000,030,624 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIport.dll [2012/07/12 05:10:42 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012/07/12 05:10:42 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012/07/10 09:41:36 | 000,000,784 | ---- | M] () -- C:\Users\lford\Desktop\ECAT - July 2012.lnk [2012/07/10 09:39:47 | 000,000,310 | ---- | M] () -- C:\Users\lford\Desktop\Lake Charles Bids.url [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/07/26 16:29:56 | 000,000,000 | ---- | C] () -- C:\t1bk.2 [2012/07/26 16:29:56 | 000,000,000 | ---- | C] () -- C:\t1bk.1 [2012/07/25 10:10:53 | 000,001,043 | ---- | C] () -- C:\Users\lford\Desktop\Documents - Shortcut.lnk [2012/07/24 17:01:06 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{ec935762-dc6f-3bea-5ce1-06026cff2d9e}\U\00000001.@ [2012/07/23 12:38:43 | 000,120,198 | ---- | C] () -- \\Lrcmail\Employee Docs\lford\My Documents\cc_20120723_123838.reg [2012/07/23 12:33:27 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/07/23 09:42:45 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/07/23 08:41:31 | 000,242,408 | ---- | C] () -- \\Lrcmail\Employee Docs\lford\My Documents\Jeff Davis-Portable in Medium Building.pdf [2012/07/13 14:43:11 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012/07/10 09:41:36 | 000,000,784 | ---- | C] () -- C:\Users\lford\Desktop\ECAT - July 2012.lnk [2012/07/10 09:39:47 | 000,000,310 | ---- | C] () -- C:\Users\lford\Desktop\Lake Charles Bids.url [2012/04/09 08:45:36 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2012/01/10 21:04:51 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{ec935762-dc6f-3bea-5ce1-06026cff2d9e}\@ [2012/01/10 21:04:51 | 000,002,048 | -HS- | C] () -- C:\Users\lford\AppData\Local\{ec935762-dc6f-3bea-5ce1-06026cff2d9e}\@ [2011/06/20 19:28:02 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011/04/26 08:58:22 | 000,060,304 | ---- | C] () -- C:\Users\lford\g2mdlhlpx.exe [2010/09/03 09:46:20 | 000,005,642 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010/09/03 09:30:09 | 000,000,000 | ---- | C] () -- C:\Users\lford\AppData\Local\WavXMapDrive.bat [2010/09/03 09:29:56 | 000,002,824 | RHS- | C] () -- C:\Users\lford\ntuser.pol [2010/08/26 14:37:54 | 000,080,368 | ---- | C] () -- C:\Windows\System32\pbadrvdll.dll [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2010/08/26 17:28:16 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_523cdab8f40fe558\explorer.exe [2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe [2010/08/26 17:28:23 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe [2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [2010/08/26 17:28:19 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2010/08/26 17:28:19 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2010/08/26 17:28:23 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe [2010/08/26 17:28:16 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_51c00e6ddae85c4b\explorer.exe [color=#A23BEC]< MD5 for: SERVICES >[/color] [2009/06/10 16:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services [2009/06/10 16:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services [color=#A23BEC]< MD5 for: SERVICES.EXE >[/color] [2009/07/13 20:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe [2009/07/13 20:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=A302BBFF2A7278C0E239EE5D471D86A9 -- C:\Windows\System32\services.exe [color=#A23BEC]< MD5 for: SERVICES.EXE.MUI >[/color] [2009/07/13 21:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui [2009/07/13 21:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui [color=#A23BEC]< MD5 for: SERVICES.EXE-7FDA2469.PF >[/color] [2012/07/26 16:31:25 | 000,046,614 | ---- | M] () MD5=86102104B82CA60095D15BB76AA82E5C -- C:\Windows\Prefetch\SERVICES.EXE-7FDA2469.pf [color=#A23BEC]< MD5 for: SERVICES.JPEG >[/color] [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.28_APR.2011\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.APR.2011\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.AUG.2011\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.DEC.2010\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.FEB.2011\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.JAN.2011\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.JUL.2011\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.JUL.2012\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.JUN.2011\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.JUNE.2012\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 22:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.MAR.2012\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/21 10:22:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.MAY.2012\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.NOV.2011\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.NOVEMBER.2010\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.OCTOBER.2010\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.SEP.2011\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT.DUP.September1.2010\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Motorola E-CAT\ECAT_AUGUST_2010\DATA\DUP\Images\_vti_cnf\services.jpeg [2002/03/20 23:52:38 | 000,000,303 | ---- | M] () MD5=3F96B1D768AF218953B003847B65FD38 -- C:\Users\lford\Downloads\ECAT.DUP.28_APR.2011\DATA\DUP\Images\_vti_cnf\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.28_APR.2011\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.28_APR.2011\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.APR.2011\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.APR.2011\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 13:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.APR-01.2012\DATA\DUP\Images\services.jpeg [2000/01/06 14:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.APR-01.2012\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.AUG.2011\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.AUG.2011\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.DEC.2010\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.DEC.2010\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.DEC.2011\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.DEC.2011\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.FEB.2011\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.FEB.2011\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.FEB.2012\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.FEB.2012\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.JAN.2011\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.JAN.2011\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.JAN.2012\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.JAN.2012\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.JUL.2011\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.JUL.2011\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.JUL.2012\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.JUL.2012\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.JUN.2011\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.JUN.2011\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.JUNE.2012\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.JUNE.2012\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 11:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.MAR.2012\DATA\DUP\Images\services.jpeg [2000/01/06 12:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.MAR.2012\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 22:32:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.MAY.2012\DATA\DUP\Images\services.jpeg [2000/01/06 23:32:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.MAY.2012\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.NOV.2011\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.NOV.2011\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.NOVEMBER.2010\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.NOVEMBER.2010\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.OCTOBER.2010\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.OCTOBER.2010\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.SEP.2011\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.SEP.2011\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.September1.2010\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT.DUP.September1.2010\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT_AUGUST_2010\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Motorola E-CAT\ECAT_AUGUST_2010\DATA\DUP\jsoimgs\services.jpeg [2000/01/06 12:02:40 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Users\lford\Downloads\ECAT.DUP.28_APR.2011\DATA\DUP\Images\services.jpeg [2000/01/06 13:02:00 | 000,008,122 | ---- | M] () MD5=73B0580DFD2504655C211DD2A6C2368F -- C:\Users\lford\Downloads\ECAT.DUP.28_APR.2011\DATA\DUP\jsoimgs\services.jpeg [color=#A23BEC]< MD5 for: SERVICES.LNK >[/color] [2009/07/13 23:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk [2009/07/13 23:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk [color=#A23BEC]< MD5 for: SERVICES.MOF >[/color] [2009/06/10 16:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof [2009/06/10 16:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof [color=#A23BEC]< MD5 for: SERVICES.MSC >[/color] [2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc [2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc [2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc [2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc [color=#A23BEC]< MD5 for: SERVICES.PTXML >[/color] [2009/07/13 15:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml [2009/07/13 15:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe [2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010/08/26 17:28:23 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2010/08/26 17:28:23 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009/07/13 20:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s >[/color] [HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache\LAN] "AutodiscoveryFlags" = -2147483648 "DetectedInterfaceIpCount" = 2 "LastDetectHighDateTime" = 0 "LastDetectLowDateTime" = 0 "LastDetectTime" = 01/01/1601, 00:00:00 UTC "DetectedInterfaceIps" = fe80::46a:b774:c715:2806%11;192.168.168.129; "LastDetectUrl" = [color=#A23BEC]< >[/color] < End of report >