OTL logfile created on: 10/8/2013 8:33:33 PM - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ryan LaShomb\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 45.95% Memory free 3.84 Gb Paging File | 2.71 Gb Available in Paging File | 70.60% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.46 Gb Total Space | 27.86 Gb Free Space | 37.41% Space Free | Partition Type: NTFS Computer Name: D7F3JWC1 | User Name: Ryan LaShomb | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/10/08 09:47:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ryan LaShomb\Desktop\OTL.exe PRC - [2013/09/30 20:02:23 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013/09/12 04:31:23 | 005,071,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe PRC - [2013/08/30 03:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013/08/30 03:47:31 | 000,137,960 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe PRC - [2013/08/28 20:23:38 | 001,861,968 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2013/05/17 18:30:02 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe PRC - [2013/01/29 17:00:00 | 000,200,560 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\ZipSendService.exe PRC - [2012/11/26 09:30:00 | 000,687,104 | ---- | M] () -- C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe PRC - [2011/11/11 19:18:24 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe PRC - [2011/11/02 00:25:58 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe PRC - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe PRC - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe PRC - [2011/05/04 17:04:38 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2007/07/20 16:53:52 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe PRC - [2006/09/05 11:09:10 | 000,315,392 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Common\DataServer.exe PRC - [2006/06/12 11:01:14 | 000,180,224 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe PRC - [2003/02/14 01:34:00 | 007,364,768 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Autodesk\Acadm 2004\acad.exe PRC - [2003/02/14 01:33:28 | 000,193,696 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr1.exe PRC - [2002/02/04 01:07:10 | 000,022,016 | ---- | M] (Inprise Corporation) -- C:\Program Files\Borland\Interbase\Bin\ibguard.exe PRC - [2002/02/04 01:06:42 | 001,704,448 | ---- | M] (Inprise Corporation) -- C:\Program Files\Borland\Interbase\Bin\ibserver.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/10/08 07:07:23 | 002,105,344 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13100800\algo.dll MOD - [2013/09/30 20:02:18 | 003,279,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013/09/10 18:59:47 | 016,177,544 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll MOD - [2013/09/05 14:38:11 | 002,359,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\3a7ebfcc69a58a7ee81d5f03fec841db\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.ni.dll MOD - [2013/09/05 08:34:51 | 000,391,168 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Iris.Mapi.MessageSt#\9cd83b59b2d3f045fd77f22e23845ac3\Iris.Mapi.MessageStore.ni.dll MOD - [2013/09/05 08:34:48 | 000,462,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\299fc30f9c325bfe89ab2a0d68d61cc0\Microsoft.BusinessSolutions.eCRM.DataSync.ni.dll MOD - [2013/09/05 08:34:26 | 003,826,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\BusinessLayer\605c1a6f7800e751270b3d57daa8a325\BusinessLayer.ni.dll MOD - [2013/09/05 08:34:15 | 001,039,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\d163c0ce526787a4ce126b965f4bc169\Microsoft.Interop.Mapi.Impl.ni.dll MOD - [2013/09/05 08:34:11 | 001,526,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\BCMRes\d14187c9a2fea4001755045cf572080a\BCMRes.ni.dll MOD - [2013/09/05 08:34:04 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll MOD - [2013/09/05 08:33:25 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\f4ea3ea9bbe98bbc32c6def83bd2962d\System.Runtime.Remoting.ni.dll MOD - [2013/09/05 08:32:56 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\14d1a28674a9f78c5759e7dcf74a13fd\System.Configuration.ni.dll MOD - [2013/09/05 08:27:29 | 000,484,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\BCMCommon\06c125edcae25205f04380f7e4090232\BCMCommon.ni.dll MOD - [2013/08/28 20:25:02 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2013/08/28 20:23:38 | 001,861,968 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe MOD - [2013/08/16 08:04:51 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll MOD - [2013/08/16 08:04:36 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a12a09aaa2c560a808dea7eaba5040c1\System.Windows.Forms.ni.dll MOD - [2013/08/16 08:04:03 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll MOD - [2013/08/16 08:03:11 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5013900c3c0610c88059fcb8f1f4acb4\System.Data.ni.dll MOD - [2013/08/16 07:59:55 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll MOD - [2013/08/16 07:57:01 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2013/07/11 08:07:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Extensibility\4acbd785b23a9df90fd66e04c741b47f\Extensibility.ni.dll MOD - [2013/07/11 08:06:36 | 002,267,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\a73e6c697580057224eca1f717639a15\Microsoft.Office.Interop.Outlook.ni.dll MOD - [2013/07/11 08:06:31 | 000,177,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\16a7a18d33b1122c61c5f01b98781539\Microsoft.Interop.Mapi.PropTags.ni.dll MOD - [2013/07/11 08:06:27 | 000,963,072 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\office\998d991fb646137e9ac6895a3702d45b\office.ni.dll MOD - [2013/07/11 08:06:27 | 000,044,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\stdole\d69ba3df8043fc87bf08af93deb2350e\stdole.ni.dll MOD - [2013/07/11 08:06:24 | 000,152,064 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\6b2eac25543c3bbea6fb340e2407f7cc\Microsoft.Interop.Mapi.Interfaces.ni.dll MOD - [2013/07/11 03:46:27 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll MOD - [2013/07/10 18:07:22 | 000,756,888 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL MOD - [2013/01/29 17:00:00 | 000,499,712 | R--- | M] () -- C:\Program Files\WinZip\adxloader.dll MOD - [2012/11/26 09:30:00 | 000,687,104 | ---- | M] () -- C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/06/22 11:46:12 | 000,434,016 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll MOD - [2011/05/26 20:18:44 | 000,136,536 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\OUTLCTL.DLL MOD - [2009/09/29 15:19:38 | 000,310,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\BCMCommon\3.0.0.0__31bf3856ad364e35\BCMCommon.dll MOD - [2009/02/26 13:46:56 | 000,064,344 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll MOD - [2008/02/14 10:58:37 | 000,591,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\Microsoft.Interop.Mapi.Impl\3.0.0.0__31bf3856ad364e35\Microsoft.Interop.Mapi.Impl.dll MOD - [2008/01/11 18:50:32 | 000,529,512 | ---- | M] () -- C:\Program Files\Microsoft Small Business\Business Contact Manager\en-US\BCMRes.resources.dll MOD - [2007/07/12 22:33:58 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll MOD - [2007/05/10 22:25:20 | 002,469,888 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 8.0\PDFMaker\Common\AdobePDFMakerX.dll MOD - [2006/11/22 18:30:58 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll MOD - [2006/11/17 07:58:24 | 000,012,104 | ---- | M] () -- C:\Program Files\Microsoft Small Business\Business Contact Manager\en-US\Microsoft.Interop.Mapi.Interfaces.resources.dll MOD - [2006/11/17 07:58:10 | 000,064,328 | ---- | M] () -- C:\Program Files\Microsoft Small Business\Business Contact Manager\en-US\BusinessLayer.resources.dll MOD - [2006/09/08 09:32:02 | 000,286,720 | ---- | M] () -- C:\WINDOWS\system32\wxvault.dll MOD - [2006/09/08 09:30:44 | 000,004,096 | ---- | M] () -- C:\WINDOWS\system32\detoured.dll MOD - [2006/06/12 11:01:18 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\TspPopup_ENU.dll MOD - [2006/06/12 11:01:16 | 000,348,160 | ---- | M] () -- C:\WINDOWS\system32\Tsp.dll MOD - [2006/06/12 11:01:14 | 000,180,224 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe MOD - [2003/02/14 01:33:28 | 000,034,464 | ---- | M] () -- C:\Program Files\Autodesk\Acadm 2004\whohas.arx MOD - [2003/02/14 01:32:18 | 002,155,168 | ---- | M] () -- C:\Program Files\Autodesk\Acadm 2004\axdb16.dll MOD - [2003/02/14 01:32:12 | 000,431,264 | ---- | M] () -- C:\Program Files\Autodesk\Acadm 2004\adui16.dll MOD - [2003/02/14 01:31:56 | 000,197,792 | ---- | M] () -- C:\Program Files\Autodesk\Acadm 2004\acui16.dll MOD - [2003/02/14 01:31:02 | 000,657,568 | ---- | M] () -- C:\Program Files\Autodesk\Acadm 2004\AcDim.arx MOD - [2003/02/14 00:17:46 | 000,003,584 | ---- | M] () -- C:\Program Files\Autodesk\Acadm 2004\whohasRes.dll MOD - [2003/02/14 00:09:36 | 000,081,920 | ---- | M] () -- C:\Program Files\Autodesk\Acadm 2004\AcDimRes.dll MOD - [2003/02/14 00:00:08 | 000,026,624 | ---- | M] () -- C:\Program Files\Autodesk\Acadm 2004\colorRes.dll MOD - [2003/02/13 23:53:14 | 000,024,064 | ---- | M] () -- C:\Program Files\Autodesk\Acadm 2004\acui16res.dll MOD - [2003/02/13 23:38:48 | 000,040,960 | ---- | M] () -- C:\Program Files\Autodesk\Acadm 2004\adui16res.dll MOD - [2003/01/24 10:48:40 | 000,030,880 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\ietiffrd80.dll MOD - [2003/01/24 10:48:40 | 000,030,368 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\ietiffwr80.dll MOD - [2003/01/24 10:48:40 | 000,013,472 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\ietgawr80.dll MOD - [2003/01/24 10:48:38 | 000,023,200 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\iespotrd80.dll MOD - [2003/01/24 10:48:38 | 000,023,200 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\ierlcrw80.dll MOD - [2003/01/24 10:48:38 | 000,017,568 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\ietgard80.dll MOD - [2003/01/24 10:48:36 | 000,066,720 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\iepngrd80.dll MOD - [2003/01/24 10:48:36 | 000,054,432 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\iepngwr80.dll MOD - [2003/01/24 10:48:36 | 000,023,712 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\iepictrd80.dll MOD - [2003/01/24 10:48:36 | 000,012,960 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\iepcxwr80.dll MOD - [2003/01/24 10:48:34 | 000,014,496 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\iepcxrd80.dll MOD - [2003/01/24 10:48:34 | 000,011,936 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\ielzwdec80.dll MOD - [2003/01/24 10:48:32 | 000,054,944 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\iejfifwr80.dll MOD - [2003/01/24 10:48:28 | 000,065,184 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\iejfifrd80.dll MOD - [2003/01/24 10:48:28 | 000,019,104 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\ieigsrd80.dll MOD - [2003/01/24 10:48:26 | 000,019,616 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\ieig4rd80.dll MOD - [2003/01/24 10:48:26 | 000,016,544 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\ieflicwr80.dll MOD - [2003/01/24 10:48:26 | 000,014,496 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\iegifrd80.dll MOD - [2003/01/24 10:48:24 | 000,015,520 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\ieflicrd80.dll MOD - [2003/01/24 10:48:24 | 000,013,472 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\iecalsrd80.dll MOD - [2003/01/24 10:48:24 | 000,013,472 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\iebmpwr80.dll MOD - [2003/01/24 10:48:24 | 000,012,960 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\iecalswr80.dll MOD - [2003/01/24 10:48:22 | 000,398,496 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\ie80.dll MOD - [2003/01/24 10:48:22 | 000,015,008 | ---- | M] () -- c:\Program Files\Common Files\Autodesk Shared\iebmprd80.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\WINDOWS\Downlo~1\MyWebEx\319\atnthost.exe -- (atnthost) SRV - [2013/09/30 20:02:19 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/09/12 04:31:23 | 005,071,712 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2013/09/10 19:00:25 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013/08/30 03:47:31 | 000,137,960 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall) SRV - [2013/05/17 18:30:02 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService) SRV - [2012/11/26 09:30:00 | 000,687,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe -- (FastFreeConverterUpdt) SRV - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS) SRV - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService) SRV - [2011/05/04 17:04:38 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/07/23 21:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService) SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2007/07/20 16:53:52 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC) SRV - [2007/06/04 10:02:32 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2006/09/05 11:09:10 | 000,315,392 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Common\DataServer.exe -- (DataSvr2) SRV - [2006/06/12 11:01:14 | 000,180,224 | ---- | M] () [Auto | Running] -- C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe -- (tcsd_win32.exe) SRV - [2002/02/04 01:07:10 | 000,022,016 | ---- | M] (Inprise Corporation) [Auto | Running] -- C:\Program Files\Borland\Interbase\Bin\ibguard.exe -- (InterBaseGuardian) SRV - [2002/02/04 01:06:42 | 001,704,448 | ---- | M] (Inprise Corporation) [On_Demand | Running] -- C:\Program Files\Borland\Interbase\Bin\ibserver.exe -- (InterBaseServer) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013/08/30 03:48:13 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013/08/30 03:48:13 | 000,177,864 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013/08/30 03:48:13 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013/08/30 03:48:12 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013/08/30 03:48:12 | 000,204,784 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2) DRV - [2013/08/30 03:48:12 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2013/08/30 03:48:12 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013/08/30 03:48:11 | 000,104,752 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW) DRV - [2013/08/30 03:48:11 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013/08/30 03:48:11 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2013/08/30 03:48:11 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd) DRV - [2011/05/10 07:40:58 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aswNdis.sys -- (aswNdis) DRV - [2010/04/26 22:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2010/04/26 22:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) DRV - [2010/04/26 22:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2009/02/17 12:19:44 | 000,057,672 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS) DRV - [2009/02/17 12:17:40 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K) DRV - [2007/11/06 13:22:00 | 000,036,224 | ---- | M] (ArcSoft Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD) DRV - [2007/06/25 18:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007/04/25 08:55:02 | 000,134,912 | ---- | M] (ArcSoft Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs) DRV - [2007/04/24 11:33:50 | 000,007,680 | ---- | M] (ArcSoft Inc.) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec) DRV - [2007/01/28 15:23:36 | 000,061,312 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2) DRV - [2006/11/22 18:34:36 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2006/06/13 13:29:28 | 000,047,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte) DRV - [2006/06/13 12:22:58 | 000,111,232 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd) DRV - [2006/06/09 22:40:00 | 000,040,192 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2006/05/29 14:11:20 | 000,060,672 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid) DRV - [2006/03/24 17:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2006/03/16 11:45:12 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp) DRV - [2006/03/15 11:52:40 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) DRV - [2006/01/10 12:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct) DRV - [2005/12/09 16:35:00 | 000,018,816 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PBADRV.sys -- (PBADRV) DRV - [2005/11/10 10:25:14 | 000,142,720 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV) DRV - [2005/08/01 17:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2005/07/11 19:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt) DRV - [2005/01/06 14:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070427 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070427 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070427 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{3454EB89-1A89-4A7E-93E9-0575B7646945}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DMUS IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local; [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.order.1: "Google" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://us-mg6.mail.yahoo.com/neo/launch?.rand=6ef1rs2shq96n" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1289 FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=utf-8&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/09/25 12:49:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\extension@FastFreeConverter.com: C:\Program Files\Fast Free Converter\FastFreeConverter\extension@FastFreeConverter.com [2013/09/23 17:40:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/09/30 20:01:30 | 000,000,000 | ---D | M] [2010/03/22 13:20:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ryan LaShomb\Application Data\Mozilla\Extensions [2013/10/08 15:28:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ryan LaShomb\Application Data\Mozilla\Firefox\Profiles\vqmtmw6l.default\extensions [2010/04/28 10:23:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ryan LaShomb\Application Data\Mozilla\Firefox\Profiles\vqmtmw6l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013/09/30 20:00:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013/09/30 20:02:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2010/05/27 10:52:02 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [color=#E56717]========== Chrome ==========[/color] O1 HOSTS File: ([2013/10/08 15:28:36 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Fast Free Converter 4.1) - {C3E50543-BC36-4C80-8070-38A97E02DEB2} - C:\Program Files\Fast Free Converter\FastFreeConverter\FastFreeConverter.dll (Fast Free Converter) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnceEx: [] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.com/DellDriverScanner/DellSystem.CAB (DellSystem.Scanner) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{776C951C-D0DD-4903-91AC-7540FAE06064}: DhcpNameServer = 209.18.47.61 209.18.47.62 O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (Intuit, Inc.) O20 - AppInit_DLLs: (wxvault.dll) - C:\WINDOWS\System32\wxvault.dll () O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (C:\WINDOWS\system32\BCMLogon.dll) - C:\WINDOWS\system32\BCMLogon.dll (Dell Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Ryan LaShomb\Application Data\ArcSoft\PhotoViewer\1.0.0\PV_SetWallPaper.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ryan LaShomb\Application Data\ArcSoft\PhotoViewer\1.0.0\PV_SetWallPaper.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{28eac39e-ab7d-11dd-90f7-0019b965f6d9}\Shell - "" = AutoRun O33 - MountPoints2\{28eac39e-ab7d-11dd-90f7-0019b965f6d9}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{28eac39e-ab7d-11dd-90f7-0019b965f6d9}\Shell\AutoRun\command - "" = E:\laucher.exe O33 - MountPoints2\{3d0bc1be-84e6-11de-91c1-001a6b3228b6}\Shell\AutoRun\command - "" = E:\CAEdgemobile.exe O33 - MountPoints2\{54c5ff28-d1bf-11df-aeba-001a6b3228b6}\Shell - "" = AutoRun O33 - MountPoints2\{54c5ff28-d1bf-11df-aeba-001a6b3228b6}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{54c5ff28-d1bf-11df-aeba-001a6b3228b6}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\{c95a4e66-978d-11dc-8f82-0019b965f6d9}\Shell\AutoRun\command - "" = E:\.pspware\PSPWareLauncher.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/10/08 15:25:50 | 000,000,000 | ---D | C] -- C:\_OTL [2013/10/08 09:47:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ryan LaShomb\Desktop\OTL.exe [2013/10/02 13:28:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan LaShomb\Desktop\Geeks [2013/10/02 00:38:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia [2013/10/02 00:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe [2013/10/02 00:38:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\HPAppData [2013/09/30 20:00:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/09/27 00:38:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Mozilla [2013/09/25 12:50:00 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys [2013/09/23 18:25:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX [2013/09/23 18:25:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared [2013/09/23 18:02:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Xvid [2013/09/23 18:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid [2013/09/23 18:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan LaShomb\Application Data\0D0S1L2Z1P1B0T1P1B2Z [2013/09/23 18:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\DirectVobSub [2013/09/23 17:52:39 | 000,000,000 | ---D | C] -- C:\Program Files\Lame For Audacity [2013/09/23 17:43:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan LaShomb\Application Data\CDXReader [2013/09/23 17:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan LaShomb\Application Data\LavFilters [2013/09/23 17:43:06 | 000,000,000 | ---D | C] -- C:\Program Files\DSP-worx [2013/09/23 17:43:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX [2013/09/23 17:42:58 | 000,000,000 | ---D | C] -- C:\Program Files\OpenSource Flash Video Splitter [2013/09/23 17:40:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan LaShomb\AppData [2013/09/23 17:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\File Type Helper [2013/09/23 17:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\Fast Free Converter [2013/09/18 16:08:56 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll [2013/09/17 13:57:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan LaShomb\Desktop\219 Wardell Plant Pics [2013/09/13 19:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 8 [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/10/08 20:45:36 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013/10/08 20:45:17 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/10/08 19:47:04 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/10/08 18:40:25 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Ryan LaShomb\Desktop\AutoCAD 2004.lnk [2013/10/08 18:38:51 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/10/08 18:37:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/10/08 18:35:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/10/08 15:28:36 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2013/10/08 15:26:01 | 001,318,392 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/10/08 15:26:00 | 000,506,512 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/10/08 10:31:48 | 001,491,792 | ---- | M] () -- C:\Documents and Settings\Ryan LaShomb\Desktop\LashombLandscapingDeicingFlyer_Web.jpg [2013/10/08 10:29:50 | 004,068,932 | ---- | M] () -- C:\Documents and Settings\Ryan LaShomb\Desktop\LashombLandscapingDeicingFlyer_OL.jpg [2013/10/08 10:20:24 | 000,159,770 | ---- | M] () -- C:\Documents and Settings\Ryan LaShomb\Desktop\1.jpg [2013/10/08 09:47:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ryan LaShomb\Desktop\OTL.exe [2013/10/03 15:12:25 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013/10/02 12:02:13 | 020,882,432 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb [2013/10/02 12:02:10 | 009,719,808 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb [2013/10/01 00:38:04 | 000,000,092 | ---- | M] () -- C:\Documents and Settings\Ryan LaShomb\Application Data\WB.CFG [2013/10/01 00:38:04 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Ryan LaShomb\Application Data\WBPU-TTL.DAT [2013/09/25 18:52:11 | 000,364,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/09/25 18:45:22 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2013/09/23 17:47:19 | 000,001,794 | ---- | M] () -- C:\WINDOWS\unins000.dat [2013/09/23 17:43:00 | 000,715,038 | ---- | M] () -- C:\WINDOWS\unins000.exe [2013/09/18 16:08:56 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll [2013/09/18 12:47:54 | 000,061,513 | ---- | M] () -- C:\Documents and Settings\Ryan LaShomb\Desktop\219 Wardel July 13.pdf [2013/09/18 12:46:57 | 000,062,985 | ---- | M] () -- C:\Documents and Settings\Ryan LaShomb\Desktop\219 Wardell Aug. 13.pdf [2013/09/13 19:25:28 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 8.lnk [2013/09/11 03:13:00 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/10/08 10:31:24 | 001,491,792 | ---- | C] () -- C:\Documents and Settings\Ryan LaShomb\Desktop\LashombLandscapingDeicingFlyer_Web.jpg [2013/10/08 10:29:24 | 004,068,932 | ---- | C] () -- C:\Documents and Settings\Ryan LaShomb\Desktop\LashombLandscapingDeicingFlyer_OL.jpg [2013/10/08 10:20:23 | 000,159,770 | ---- | C] () -- C:\Documents and Settings\Ryan LaShomb\Desktop\1.jpg [2013/09/26 00:38:04 | 000,000,097 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\WB.CFG [2013/09/26 00:38:04 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\WBPU-TTL.DAT [2013/09/25 12:50:02 | 000,177,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys [2013/09/25 12:50:01 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys [2013/09/24 17:38:04 | 000,000,092 | ---- | C] () -- C:\Documents and Settings\Ryan LaShomb\Application Data\WB.CFG [2013/09/24 17:38:04 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Ryan LaShomb\Application Data\WBPU-TTL.DAT [2013/09/23 18:02:52 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2013/09/23 18:02:52 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2013/09/23 18:02:52 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax [2013/09/23 17:43:20 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll [2013/09/23 17:43:06 | 000,715,038 | ---- | C] () -- C:\WINDOWS\unins000.exe [2013/09/23 17:43:05 | 000,001,794 | ---- | C] () -- C:\WINDOWS\unins000.dat [2013/09/18 12:47:51 | 000,061,513 | ---- | C] () -- C:\Documents and Settings\Ryan LaShomb\Desktop\219 Wardel July 13.pdf [2013/09/18 12:46:57 | 000,062,985 | ---- | C] () -- C:\Documents and Settings\Ryan LaShomb\Desktop\219 Wardell Aug. 13.pdf [2013/09/13 19:25:28 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 8.lnk [2013/05/10 16:55:12 | 000,163,161 | ---- | C] () -- C:\WINDOWS\hpoins29.dat [2013/05/10 16:55:12 | 000,000,799 | ---- | C] () -- C:\WINDOWS\hpomdl29.dat [2012/05/08 16:49:19 | 000,000,032 | -HS- | C] () -- C:\Documents and Settings\Ryan LaShomb\Application Data\{b9c903e0-c592-11df-851a-0800200c9a66}.dat [2012/02/15 23:41:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011/10/21 14:30:42 | 000,013,024 | ---- | C] () -- C:\Documents and Settings\Ryan LaShomb\Application Data\Comma Separated Values (Windows).CAL [2009/02/24 13:27:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ryan LaShomb\Ÿ9Ÿ9 [2008/04/12 21:48:39 | 000,086,528 | ---- | C] () -- C:\Documents and Settings\Ryan LaShomb\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/10/30 15:33:14 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Ryan LaShomb\Application Data\$_hpcst$.hpc [2007/05/03 21:30:08 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Ryan LaShomb\Local Settings\Application Data\fusioncache.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2004/08/11 18:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2010/01/18 13:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\5-Day Forecast [2010/05/06 08:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2007/05/14 20:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk [2011/05/16 12:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2010/03/09 11:36:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9 [2008/05/28 14:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES [2011/01/03 13:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CrapCleaner [2012/09/18 13:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\install_clap [2012/01/19 13:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon [2011/03/29 20:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound [2011/06/03 07:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance [2012/09/04 14:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm [2013/03/12 11:17:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung [2011/06/03 18:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11 [2012/04/19 08:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp [2007/04/27 01:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp [2013/04/08 15:10:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2013/04/11 14:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZipEC [2013/09/23 18:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan LaShomb\Application Data\0D0S1L2Z1P1B0T1P1B2Z [2007/05/14 20:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan LaShomb\Application Data\Autodesk [2013/09/23 18:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan LaShomb\Application Data\CDXReader [2011/11/07 14:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan LaShomb\Application Data\HamsterSoft [2013/09/23 18:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan LaShomb\Application Data\LavFilters [2012/01/19 13:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan LaShomb\Application Data\Leadertech [2012/01/28 18:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan LaShomb\Application Data\Memeo [2012/08/14 08:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan LaShomb\Application Data\RoboForm [2012/01/19 13:26:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan LaShomb\Application Data\Seagate [2013/02/02 11:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan LaShomb\Application Data\TeamViewer [2008/03/31 15:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan LaShomb\Application Data\Windows Desktop Search [color=#E56717]========== Purity Check ==========[/color] < End of report >