Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Losing Internet Connectivity also Video Buffering Issues

Started by rsderrick , Aug 06 2012 03:31 PM

  • Please log in to reply

#1
rsderrick
Posted 06 August 2012 - 03:31 PM

rsderrick

    Member

  • Member
  • PipPip
  • 62 posts
Hi Everyone,

I am having a problem that I am confused about. I have an issue where I have to almost constantly repair my connection in "local are connection" in order to get internet connectivity. I am not sure why this is happening. I suspect maybe some sort of virus but I'm just not sure. I have also tried various speed tests on the net and my connection speeds is high. Down is 28.16 Mbps and UP is 3.83 Mbps. This computer is hardwired. Other computers on the wireless network don't have any speed issues. I'd like to rule out malware or virus. Can someone help please? OTL Posted below:


OTL logfile created on: 8/6/2012 5:06:20 PM - Run 3
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\Scott\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 48.83% Memory free
3.85 Gb Paging File | 3.01 Gb Available in Paging File | 78.29% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 758.69 Gb Free Space | 81.45% Space Free | Partition Type: NTFS
Drive D: | 702.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: SCOTT-F04908DE0 | User Name: Scott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Scott\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Documents and Settings\Scott\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\CE\CovenantEyesHelper.exe ()
PRC - C:\Program Files\CE\CovenantEyes.exe ()
PRC - C:\WINDOWS\system32\authServer.exe ()
PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
PRC - C:\WINDOWS\system32\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\system32\CTxfispi.exe (Creative Technology Ltd)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\system32\CtHelper.exe (Creative Technology Ltd)
PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Adobe Systems Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\ppgooglenaclpluginchrome.dll ()
MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll ()
MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\pdf.dll ()
MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\avutil-51.dll ()
MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\avformat-54.dll ()
MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()
MOD - C:\Program Files\CE\nmsvTree.dll ()
MOD - C:\Program Files\CE\nmSvc.dll ()
MOD - C:\WINDOWS\system32\nmNsp.dll ()
MOD - C:\Program Files\CE\CovenantEyesHelper.exe ()
MOD - C:\WINDOWS\system32\CESpy.dll ()
MOD - C:\Program Files\CE\zlib.dll ()
MOD - C:\Program Files\CE\CovenantEyes.exe ()
MOD - C:\WINDOWS\system32\authServer.exe ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
MOD - C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll ()
MOD - C:\WINDOWS\CTXFIRES.DLL ()
MOD - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\devenum.dll ()


========== Win32 Services (SafeList) ==========

SRV - (Updater Service for StartNow Toolbar) -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Auth Service) -- C:\WINDOWS\system32\authServer.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (UMVPFSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
SRV - (NMSAccess) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (CTAudSvcService) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (Adobe Version Cue CS3) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (NTIOLib_1_0_4) -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys File not found
DRV - (MpKslb03c1e63) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E2DDA5BC-E858-4634-BB64-98A52C0DDD90}\MpKslb03c1e63.sys File not found
DRV - (MpKsl97dfd0e7) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F6A2EA03-ECC1-4769-BAFA-C038E7969C74}\MpKsl97dfd0e7.sys File not found
DRV - (MpKsl93620a2c) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{13E8288A-80CD-483C-98A8-2159612BA6D5}\MpKsl93620a2c.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (LVUVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (CompFilter) -- C:\WINDOWS\system32\drivers\lvbusflt.sys (Logitech Inc.)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (SmartDefragDriver) -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys ()
DRV - (NTIOLib_1_0_8) -- C:\Program Files\MSI\MSIWDev\NTIOLib.sys (MSI)
DRV - (MSI_MSIBIOS_010507) -- C:\Program Files\MSI\MSIWDev\msibios32_100507.sys (Your Corporation)
DRV - (ha20x2k) -- C:\WINDOWS\system32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTEXFIFX.SYS) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTEXFIFX) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTHWIUT.SYS) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CTHWIUT) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT.SYS) -- C:\WINDOWS\system32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT) -- C:\WINDOWS\system32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (AX88772) -- C:\WINDOWS\system32\drivers\ax88772.sys (ASIX Electronics Corp.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-06-08 15:47:59&v=11.1.0.7&sap=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {EA3CE7E0-F9A6-41C8-86E7-0CE83169174F}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...arcSearchScopes
IE - HKCU\..\SearchScopes\{EA3CE7E0-F9A6-41C8-86E7-0CE83169174F}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://isearch.avg.c...5:47:59&sap=hp"
FF - prefs.js..keyword.URL: "http://isearch.avg.c...7:59&sap=ku&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@3gstudios.com/webmediaclient,version=1.0: C:\Program Files\3G Studios\Web Media Client\npWebMediaClient.dll (3G Studios, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Scott\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Scott\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Scott\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Scott\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011/08/11 14:08:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011/08/11 13:45:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/27 16:24:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/29 09:28:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/06/28 20:27:51 | 000,000,000 | ---D | M]

[2012/01/05 14:17:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scott\Application Data\Mozilla\Extensions
[2012/07/02 21:09:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\dnfm1hot.default\extensions
[2012/07/02 21:09:58 | 000,000,000 | ---D | M] ("I Want This") -- C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\dnfm1hot.default\extensions\[email protected]
[2012/05/27 16:24:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/19 14:00:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/05/27 16:24:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/01/05 14:20:25 | 000,066,808 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\SCOTT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\DNFM1HOT.DEFAULT\EXTENSIONS\[email protected]
[2012/04/20 21:19:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/04/04 01:53:56 | 000,182,160 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2012/01/22 16:59:03 | 000,150,696 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2012/02/04 17:48:03 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2012/02/04 17:48:03 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2012/02/04 17:48:03 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2012/02/04 17:48:03 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2012/02/04 17:48:03 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2012/02/04 17:48:03 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2012/02/04 17:48:03 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2012/01/22 16:59:28 | 000,011,776 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2012/01/22 16:58:55 | 000,108,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2012/04/20 21:18:25 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2012/06/08 15:47:39 | 000,003,749 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/04/20 21:18:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/20 21:18:25 | 000,001,131 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2012/04/20 21:18:25 | 000,003,413 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2012/04/20 21:18:25 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/04/20 21:18:25 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2012/04/20 21:18:25 | 000,001,096 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Scott\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Scott\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: iLinc Communications Netscape/Mozilla Install Plugin v 11.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPCltInst11.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: SEOquake = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc\1.0.5_0\
CHR - Extension: Angry Birds = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\
CHR - Extension: Web Media Client = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhgkogmomehdgfcheknganbgdaaoemop\0.0.4.0_0\
CHR - Extension: Canvas Rider = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.7_0\

O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - Reg Error: Value error. File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - Reg Error: Value error. File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NMSVC] C:\Program Files\CE\CovenantEyes.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Vonage] C:\Program Files\Vonage\Vonage Click-2-Call\click2call.exe (Vonage Holdings)
O4 - HKCU..\Run: [0C4CE765DFA7A6F49B6B9EDEA51F9EFCC26324AF._service_run] C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Facebook Update] C:\Documents and Settings\Scott\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Scott\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Scott\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nmNsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - %SystemRoot%\System32\nmNsp.dll File not found
O15 - HKCU\..Trusted Domains: com ([www.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.ms...CAB/install.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {9437EF71-9276-432D-AA74-CF8DA12EF11B} https://na5.salesfor...AXMailMerge.cab (CMMHost Object)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15118/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9CCBEC7-A90D-4EDF-BFAA-6FB51D679B35}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\qbwc {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/08/11 10:31:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/25 20:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\Fonts
[2012/07/24 19:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\Image Gallery Magic 2
[2012/07/24 19:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\Column Composer Pages
[2012/07/19 21:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Local Settings\Application Data\ESET
[2012/07/18 15:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Adobe Photoshop Elements 10
[2012/07/18 15:38:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/07/18 15:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant
[2012/07/17 19:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\Column Composer Magic
[2012/07/11 21:10:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Scott\My Documents\Dropbox
[2012/07/11 21:04:33 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2012/07/11 21:04:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Start Menu\Programs\Dropbox
[2012/07/11 21:01:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Application Data\Dropbox
[2012/07/11 03:01:20 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado28.tlb
[2012/02/11 21:47:32 | 001,393,736 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\Scott\gotomypc_635.exe

========== Files - Modified Within 30 Days ==========

[2012/08/06 16:42:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/08/06 16:41:43 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2012/08/06 16:41:20 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-813497703-682003330-1004.job
[2012/08/06 16:41:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/06 16:41:17 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/06 16:41:16 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2012/08/06 16:39:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/06 16:38:04 | 000,054,472 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/08/06 16:38:04 | 000,054,472 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/08/06 16:38:04 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/08/06 16:36:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/06 16:33:01 | 000,000,998 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004UA.job
[2012/08/06 16:31:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004UA.job
[2012/08/06 16:26:27 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/06 15:43:14 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2012/08/06 04:31:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004Core.job
[2012/08/05 19:33:00 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004Core.job
[2012/08/04 17:06:35 | 025,608,192 | R--- | M] () -- C:\Documents and Settings\Scott\Desktop\The Ingredient Source LLC.QBW
[2012/08/04 17:06:35 | 004,259,840 | R--- | M] () -- C:\Documents and Settings\Scott\Desktop\The Ingredient Source LLC.QBW.TLG
[2012/08/04 17:06:35 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\The Ingredient Source LLC.QBW.ND
[2012/08/04 16:00:18 | 000,008,354 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\rainbow dash.jpg
[2012/08/04 15:58:01 | 000,143,937 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\neon rainbow dash.jpg
[2012/08/04 15:54:47 | 000,088,803 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\Rainbow-Dash-Pony.jpg
[2012/08/04 08:42:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-813497703-682003330-1004.job
[2012/08/03 01:36:07 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/08/03 01:36:07 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/08/03 01:36:06 | 009,827,016 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012/08/02 18:07:47 | 000,006,246 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\!@.png
[2012/08/02 17:19:23 | 000,002,913 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\bitzsam.png
[2012/08/02 17:19:23 | 000,002,913 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\bitzsam.png
[2012/08/02 16:49:48 | 000,011,774 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\awsome tuxedo.png
[2012/08/02 16:49:48 | 000,011,774 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\awsome tuxedo.png
[2012/08/02 15:09:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/08/01 23:26:18 | 000,037,429 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\cool blue eye body.gif
[2012/08/01 23:26:18 | 000,037,429 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\cool blue eye body.gif
[2012/08/01 20:35:42 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Google Chrome.lnk
[2012/08/01 20:35:42 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/01 14:45:27 | 000,017,386 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (DRM Properties).pdf
[2012/08/01 14:34:39 | 000,017,455 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (Community School Of Davidson).pdf
[2012/07/31 23:41:19 | 000,041,174 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\pimpsy.jpg
[2012/07/31 18:57:44 | 000,020,991 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\3sw8D.png
[2012/07/30 10:50:03 | 000,013,651 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Intuit.pdf
[2012/07/27 11:08:26 | 000,011,418 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\newbody6.png
[2012/07/26 21:43:17 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/07/26 17:49:29 | 001,607,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/26 00:44:21 | 000,066,408 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/07/23 10:04:09 | 000,006,513 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\!.PNG
[2012/07/23 09:57:59 | 000,009,787 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\classic_personal_head_graal782997-102.gif
[2012/07/19 14:45:27 | 000,001,956 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\11123.PNG
[2012/07/19 13:06:46 | 000,006,924 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\111.png
[2012/07/19 13:03:43 | 000,020,405 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\12.PNG
[2012/07/19 12:55:22 | 000,019,566 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\1.jpg
[2012/07/18 15:38:14 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Download Assistant.lnk
[2012/07/18 01:00:42 | 000,172,525 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\music logo.png
[2012/07/18 01:00:06 | 001,066,832 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\music logo.ai
[2012/07/17 22:11:50 | 000,214,190 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo Notes Highlighted.png
[2012/07/17 22:00:39 | 000,035,260 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo Notes Highlighted.jpg
[2012/07/17 21:57:37 | 001,081,372 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo Notes Highlighted.ai
[2012/07/17 18:08:28 | 000,214,533 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo.png
[2012/07/17 18:05:30 | 001,079,746 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo.ai
[2012/07/17 18:04:57 | 001,080,972 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Logo Altered.ai
[2012/07/17 15:38:35 | 000,034,144 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\kota body.png
[2012/07/17 14:38:34 | 000,025,133 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\black-hoodie-oreo.png
[2012/07/17 12:16:01 | 000,086,562 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\THE MUSIC NEVER STOPS TOUR.pdf
[2012/07/17 10:31:58 | 000,086,562 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\THE MUSIC NEVER STOPS TOUR 2nd version.pdf
[2012/07/17 10:30:53 | 000,243,315 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\God's Promises Never Stop When... 2nd version.pdf
[2012/07/16 16:42:39 | 000,011,507 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\classic_personal_body_graal795754-193.gif
[2012/07/16 16:40:18 | 000,025,133 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\classic_personal_body_6989120-102.png
[2012/07/16 16:38:01 | 000,068,336 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\thumbs_classic_personal_body_6989120-102.png
[2012/07/16 16:02:38 | 000,004,925 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\Pro head.gif
[2012/07/16 13:41:47 | 000,012,860 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\aaa.png
[2012/07/15 21:05:22 | 002,034,980 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\HDPVR.JPG
[2012/07/15 21:05:05 | 001,896,940 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Xbox.JPG
[2012/07/14 22:39:39 | 000,126,781 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Nicole's Album and Song List.pdf
[2012/07/14 22:31:41 | 000,128,653 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Nicole's W9.pdf
[2012/07/14 22:30:41 | 000,002,311 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Adobe Acrobat 8 Professional.lnk
[2012/07/14 22:25:03 | 000,026,670 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Nicole's ID.pdf
[2012/07/14 22:23:36 | 000,036,261 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Voided Check.pdf
[2012/07/13 16:31:08 | 000,330,103 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Music Never Stops Logo Design Questions.pdf
[2012/07/12 15:56:00 | 000,017,480 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (Sears Outlet).pdf
[2012/07/12 03:04:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/07/11 21:10:28 | 000,000,994 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Dropbox.lnk
[2012/07/11 21:04:42 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\Scott\Start Menu\Programs\Startup\Dropbox.lnk
[2012/07/11 10:51:15 | 000,244,534 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\God's Promises Never Stop When....pdf
[2012/07/11 10:41:28 | 000,379,813 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Closure2.jpeg
[2012/07/11 10:41:05 | 000,496,036 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Closure1.jpeg
[2012/07/09 21:30:59 | 000,000,068 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\2010 Top 10 Hottest Jerkin Songs + Download Links.url
[2012/07/08 20:44:37 | 000,021,207 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (Cook).pdf
[2012/07/08 20:30:54 | 000,017,400 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (Dodson).pdf
[2012/07/08 19:31:32 | 000,040,482 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Blythewood Bee Logo.jpg

========== Files Created - No Company Name ==========

[2012/08/04 16:00:23 | 000,008,354 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\rainbow dash.jpg
[2012/08/04 15:58:07 | 000,143,937 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\neon rainbow dash.jpg
[2012/08/04 15:54:55 | 000,088,803 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\Rainbow-Dash-Pony.jpg
[2012/08/02 18:08:16 | 000,006,246 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\!@.png
[2012/08/02 17:19:35 | 000,002,913 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\bitzsam.png
[2012/08/02 17:19:31 | 000,002,913 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\bitzsam.png
[2012/08/02 16:50:10 | 000,011,774 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\awsome tuxedo.png
[2012/08/02 16:50:05 | 000,011,774 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\awsome tuxedo.png
[2012/08/01 23:26:34 | 000,037,429 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\cool blue eye body.gif
[2012/08/01 23:26:28 | 000,037,429 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\cool blue eye body.gif
[2012/08/01 14:45:27 | 000,017,386 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (DRM Properties).pdf
[2012/08/01 14:34:39 | 000,017,455 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (Community School Of Davidson).pdf
[2012/07/31 23:41:29 | 000,041,174 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\pimpsy.jpg
[2012/07/31 18:57:44 | 000,020,991 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\3sw8D.png
[2012/07/30 10:50:03 | 000,013,651 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Intuit.pdf
[2012/07/27 11:08:33 | 000,011,418 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\newbody6.png
[2012/07/23 10:04:08 | 000,006,513 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\!.PNG
[2012/07/23 09:58:06 | 000,009,787 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\classic_personal_head_graal782997-102.gif
[2012/07/19 13:12:21 | 000,001,956 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\11123.PNG
[2012/07/19 13:06:56 | 000,006,924 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\111.png
[2012/07/19 12:58:19 | 000,020,405 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\12.PNG
[2012/07/19 12:43:27 | 000,019,566 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\1.jpg
[2012/07/18 15:38:14 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Download Assistant.lnk
[2012/07/18 15:38:14 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Download Assistant.lnk
[2012/07/17 22:11:49 | 000,214,190 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo Notes Highlighted.png
[2012/07/17 22:00:39 | 000,035,260 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo Notes Highlighted.jpg
[2012/07/17 21:57:32 | 001,081,372 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo Notes Highlighted.ai
[2012/07/17 18:08:28 | 000,214,533 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo.png
[2012/07/17 18:05:22 | 001,079,746 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo.ai
[2012/07/17 17:57:11 | 001,080,972 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Logo Altered.ai
[2012/07/17 17:33:46 | 001,066,832 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\music logo.ai
[2012/07/17 17:33:23 | 000,172,525 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\music logo.png
[2012/07/17 15:38:43 | 000,034,144 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\kota body.png
[2012/07/17 14:38:42 | 000,025,133 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\black-hoodie-oreo.png
[2012/07/17 10:31:58 | 000,086,562 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\THE MUSIC NEVER STOPS TOUR 2nd version.pdf
[2012/07/17 10:30:52 | 000,243,315 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\God's Promises Never Stop When... 2nd version.pdf
[2012/07/16 16:42:43 | 000,011,507 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\classic_personal_body_graal795754-193.gif
[2012/07/16 16:40:29 | 000,025,133 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\classic_personal_body_6989120-102.png
[2012/07/16 16:38:10 | 000,068,336 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\thumbs_classic_personal_body_6989120-102.png
[2012/07/16 16:03:14 | 000,004,925 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\Pro head.gif
[2012/07/16 13:42:04 | 000,012,860 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\aaa.png
[2012/07/15 21:05:05 | 002,034,980 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\HDPVR.JPG
[2012/07/15 21:05:05 | 001,896,940 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Xbox.JPG
[2012/07/14 22:39:38 | 000,126,781 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Nicole's Album and Song List.pdf
[2012/07/14 22:31:41 | 000,128,653 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Nicole's W9.pdf
[2012/07/14 22:25:03 | 000,026,670 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Nicole's ID.pdf
[2012/07/14 22:23:36 | 000,036,261 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Voided Check.pdf
[2012/07/13 16:22:40 | 000,330,103 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Music Never Stops Logo Design Questions.pdf
[2012/07/12 15:56:00 | 000,017,480 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (Sears Outlet).pdf
[2012/07/11 21:10:28 | 000,000,994 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Dropbox.lnk
[2012/07/11 21:04:42 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Scott\Start Menu\Programs\Startup\Dropbox.lnk
[2012/07/11 10:55:04 | 000,086,562 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\THE MUSIC NEVER STOPS TOUR.pdf
[2012/07/11 10:51:14 | 000,244,534 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\God's Promises Never Stop When....pdf
[2012/07/11 10:41:05 | 000,496,036 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Closure1.jpeg
[2012/07/11 10:41:05 | 000,379,813 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Closure2.jpeg
[2012/07/09 21:30:59 | 000,000,068 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\2010 Top 10 Hottest Jerkin Songs + Download Links.url
[2012/07/08 20:44:37 | 000,021,207 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (Cook).pdf
[2012/07/08 20:30:54 | 000,017,400 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (Dodson).pdf
[2012/07/08 19:31:32 | 000,040,482 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Blythewood Bee Logo.jpg
[2012/05/29 17:08:09 | 001,623,288 | ---- | C] () -- C:\WINDOWS\System32\nmNsp.dll
[2012/05/29 17:08:09 | 000,177,912 | ---- | C] () -- C:\WINDOWS\System32\CESpy.dll
[2012/05/29 17:08:08 | 001,633,280 | ---- | C] () -- C:\WINDOWS\System32\authServer.exe
[2012/05/27 16:14:24 | 000,000,061 | ---- | C] () -- C:\Documents and Settings\Scott\jagex_cl_runescape_LIVE.dat
[2012/05/27 16:14:24 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Scott\random.dat
[2012/05/18 03:22:43 | 000,465,128 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/03/18 15:56:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Scott\jagex_Runescape_preferences.dat
[2012/02/15 04:01:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/06 20:51:47 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2012/01/16 01:06:51 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/01/14 18:59:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/16 18:47:23 | 000,000,141 | ---- | C] () -- C:\WINDOWS\RealFlight.INI
[2011/12/15 15:11:40 | 000,072,080 | ---- | C] () -- C:\Documents and Settings\Scott\g2mdlhlpx.exe
[2011/12/12 08:19:15 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Scott\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/19 13:55:24 | 000,214,016 | ---- | C] () -- C:\Documents and Settings\Scott\Application Data\SharedSettings.ccs
[2011/11/14 14:51:51 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2011/10/06 09:37:00 | 000,110,456 | ---- | C] () -- C:\Documents and Settings\Scott\g2ax_customer_downloadhelper_win32_x86.exe
[2011/09/30 16:36:55 | 000,020,886 | ---- | C] () -- C:\WINDOWS\System32\ddmon.dll
[2011/09/01 00:12:37 | 000,066,408 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/08/28 16:00:51 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\Scott\Application Data\6ad5bb60c75b4ccde42fd0a36026cffc_c68827fd-c27b-4547-9594-982fb91d1c77.gpg
[2011/08/15 14:04:27 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2011/08/13 19:20:04 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2011/08/12 15:52:18 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/08/12 15:52:17 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011/08/12 15:52:11 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/08/12 15:52:11 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/08/12 15:52:08 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/08/12 11:37:45 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011/08/11 13:48:29 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/08/11 13:44:42 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/08/11 13:44:42 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/08/11 11:28:33 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011/08/11 10:53:58 | 000,261,632 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2011/08/11 10:53:35 | 000,281,152 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/08/11 10:53:35 | 000,281,152 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/08/11 10:53:35 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/08/11 10:53:22 | 002,128,778 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011/08/11 10:33:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/08/11 10:29:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/08/11 06:19:06 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/08/11 06:18:02 | 001,607,912 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/26 00:05:00 | 010,898,456 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2011/05/26 00:05:00 | 000,336,408 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2011/05/26 00:05:00 | 000,104,472 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2011/05/25 23:56:28 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini

========== LOP Check ==========

[2011/09/17 12:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2011/12/06 21:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2011/08/16 15:20:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/08/16 15:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Carbonite
[2011/11/19 13:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CoffeeCup Software
[2012/06/08 15:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2012/06/28 20:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011/08/30 23:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2012/06/24 12:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/08/16 11:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11
[2011/08/17 12:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/06/17 00:20:36 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Scott\Application Data\.#
[2011/08/28 16:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\.jagex_cache_22
[2011/12/19 13:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\.minecraft
[2011/08/31 09:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\.salesforce.com
[2012/06/16 13:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\3G Studios
[2011/12/06 21:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Canneverbe Limited
[2011/11/14 15:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Canon
[2012/08/06 16:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\CE
[2011/11/19 14:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\CoffeeCup Software
[2012/07/18 15:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/12/25 10:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\com.jakks.spynet
[2011/09/30 16:38:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\deskPDF
[2012/08/06 16:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Dropbox
[2011/09/01 16:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\ElevatedDiagnostics
[2011/11/19 14:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\GlobalSCAPE
[2011/11/20 19:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Image-Line
[2011/08/11 13:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\IObit
[2011/08/24 14:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Leadertech
[2011/11/20 18:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\OpenCandy
[2011/09/26 16:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\OpenOffice.org
[2011/09/01 13:34:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\salesforce.com
[2011/11/30 10:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Sammsoft
[2011/08/28 17:55:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Unity
[2011/10/18 13:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Windows Desktop Search
[2011/10/25 11:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Windows Search
[2012/08/05 19:33:00 | 000,000,976 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004Core.job
[2012/08/06 16:33:01 | 000,000,998 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004UA.job
[2012/08/06 16:41:16 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Gammo
Posted 10 August 2012 - 07:29 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0

#3
rsderrick
Posted 11 August 2012 - 12:56 PM

rsderrick

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
The problem I am having is odd. The desktop I am using is hard wired to the net. I can be on the internet browsing fine and for some reason I will click on links I'll lose internet connection. It's random. To fix it I click on the local area connection and repair the connection it seem to fix the issue for a short time. I also have had issues viewing streaming videos due to buffering. I've made sure that my video card and network card has the latest drivers. This hasn't fixed the problem. When I run and internet speed test using various speed test sites, my speeds seem to be great. Down is 28.16 Mbps and UP is 3.83 Mbps. I've considered changing the network card thinking it might be that but I wanted to rule out any sort of malware or virus before I go that direction.

Thanks for you help. See the latest OTL below.


OTL logfile created on: 8/11/2012 2:46:54 PM - Run 4
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\Scott\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.60 Gb Available Physical Memory | 29.81% Memory free
3.85 Gb Paging File | 2.49 Gb Available in Paging File | 64.63% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 756.72 Gb Free Space | 81.24% Space Free | Partition Type: NTFS
Drive D: | 702.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: SCOTT-F04908DE0 | User Name: Scott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Scott\My Documents\Downloads\OTL (2).exe (OldTimer Tools)
PRC - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Documents and Settings\Scott\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\CE\CovenantEyesHelper.exe ()
PRC - C:\Program Files\CE\CovenantEyes.exe ()
PRC - C:\WINDOWS\system32\authServer.exe ()
PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
PRC - C:\Program Files\Intuit\QuickBooks 2010\QBW32.EXE (Intuit Inc.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
PRC - C:\WINDOWS\system32\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\system32\CTxfispi.exe (Creative Technology Ltd)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Intuit\QuickBooks 2010\QBDBMgr.exe (Intuit, Inc.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\axlbridge.exe (Intuit Inc.)
PRC - C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\system32\CtHelper.exe (Creative Technology Ltd)
PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Adobe Systems Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\ppgooglenaclpluginchrome.dll ()
MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll ()
MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\pdf.dll ()
MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\libglesv2.dll ()
MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\libegl.dll ()
MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\avutil-51.dll ()
MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\avformat-54.dll ()
MOD - C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\avcodec-54.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e4ecfaaf5417aceecb7fa8abddf06113\PresentationFramework.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\f33e2a4d9b385234406fa2d662f78875\PresentationCore.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\129b15861e200613ff78ae15581f9093\System.Security.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\38d07a5ac34b99d94fd14f42e779f625\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8b873631a0855fb6aa0ad25f1d9de7fe\PresentationFramework.Luna.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\186c27fbd7b38b5551889274f6fa2ccd\PresentationFramework.Aero.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()
MOD - C:\Program Files\NVIDIA Corporation\nView\nvShell.dll ()
MOD - C:\Program Files\CE\nmsvTree.dll ()
MOD - C:\Program Files\CE\nmSvc.dll ()
MOD - C:\WINDOWS\system32\nmNsp.dll ()
MOD - C:\Program Files\CE\CovenantEyesHelper.exe ()
MOD - C:\WINDOWS\system32\CESpy.dll ()
MOD - C:\Program Files\CE\zlib.dll ()
MOD - C:\Program Files\CE\CovenantEyes.exe ()
MOD - C:\WINDOWS\system32\authServer.exe ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2010\ReportBridge.DLL ()
MOD - C:\Program Files\Intuit\QuickBooks 2010\QBMAPILibrary.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2010\QBCompressor.DLL ()
MOD - C:\Program Files\Intuit\QuickBooks 2010\QB2WPFBridge.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2010\mbpopup.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2010\boost_regex-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2010\boost_serialization-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2010\BackupLib.dll ()
MOD - C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Intuit.QuickBooks.XmlDigitalSignature\1.2.0.0__5b3f47ba29970ccb\Intuit.QuickBooks.XmlDigitalSignature.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
MOD - C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll ()
MOD - C:\WINDOWS\CTXFIRES.DLL ()
MOD - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\devenum.dll ()
MOD - C:\Program Files\Intuit\QuickBooks 2010\zlib1.dll ()


========== Win32 Services (SafeList) ==========

SRV - (Updater Service for StartNow Toolbar) -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Auth Service) -- C:\WINDOWS\system32\authServer.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (UMVPFSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
SRV - (NMSAccess) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (CTAudSvcService) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (Adobe Version Cue CS3) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (NTIOLib_1_0_4) -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys File not found
DRV - (MpKslb03c1e63) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E2DDA5BC-E858-4634-BB64-98A52C0DDD90}\MpKslb03c1e63.sys File not found
DRV - (MpKsl97dfd0e7) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F6A2EA03-ECC1-4769-BAFA-C038E7969C74}\MpKsl97dfd0e7.sys File not found
DRV - (MpKsl93620a2c) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{13E8288A-80CD-483C-98A8-2159612BA6D5}\MpKsl93620a2c.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (LVUVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (CompFilter) -- C:\WINDOWS\system32\drivers\lvbusflt.sys (Logitech Inc.)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (SmartDefragDriver) -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys ()
DRV - (NTIOLib_1_0_8) -- C:\Program Files\MSI\MSIWDev\NTIOLib.sys (MSI)
DRV - (MSI_MSIBIOS_010507) -- C:\Program Files\MSI\MSIWDev\msibios32_100507.sys (Your Corporation)
DRV - (ha20x2k) -- C:\WINDOWS\system32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTEXFIFX.SYS) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTEXFIFX) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTHWIUT.SYS) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CTHWIUT) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT.SYS) -- C:\WINDOWS\system32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT) -- C:\WINDOWS\system32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (AX88772) -- C:\WINDOWS\system32\drivers\ax88772.sys (ASIX Electronics Corp.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-06-08 15:47:59&v=11.1.0.7&sap=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {EA3CE7E0-F9A6-41C8-86E7-0CE83169174F}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...arcSearchScopes
IE - HKCU\..\SearchScopes\{EA3CE7E0-F9A6-41C8-86E7-0CE83169174F}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://isearch.avg.c...5:47:59&sap=hp"
FF - prefs.js..keyword.URL: "http://isearch.avg.c...7:59&sap=ku&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@3gstudios.com/webmediaclient,version=1.0: C:\Program Files\3G Studios\Web Media Client\npWebMediaClient.dll (3G Studios, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Scott\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Scott\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Scott\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Scott\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/27 16:24:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/29 09:28:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/06/28 20:27:51 | 000,000,000 | ---D | M]

[2012/01/05 14:17:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scott\Application Data\Mozilla\Extensions
[2012/07/02 21:09:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\dnfm1hot.default\extensions
[2012/07/02 21:09:58 | 000,000,000 | ---D | M] ("I Want This") -- C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\dnfm1hot.default\extensions\[email protected]
[2012/05/27 16:24:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/19 14:00:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/01/05 14:20:25 | 000,066,808 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\SCOTT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\DNFM1HOT.DEFAULT\EXTENSIONS\[email protected]
[2012/04/20 21:19:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/08 15:47:39 | 000,003,749 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/04/20 21:18:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/20 21:18:25 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Scott\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Scott\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: iLinc Communications Netscape/Mozilla Install Plugin v 11.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPCltInst11.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: SEOquake = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc\1.0.5_0\
CHR - Extension: Angry Birds = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\
CHR - Extension: Web Media Client = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhgkogmomehdgfcheknganbgdaaoemop\0.0.4.0_0\
CHR - Extension: Canvas Rider = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.7_0\

O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - Reg Error: Value error. File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NMSVC] C:\Program Files\CE\CovenantEyes.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Vonage] C:\Program Files\Vonage\Vonage Click-2-Call\click2call.exe (Vonage Holdings)
O4 - HKCU..\Run: [0C4CE765DFA7A6F49B6B9EDEA51F9EFCC26324AF._service_run] C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Documents and Settings\Scott\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\Scott\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Scott\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nmNsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\nmNsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - %SystemRoot%\System32\nmNsp.dll File not found
O15 - HKCU\..Trusted Domains: com ([www.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.ms...CAB/install.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {9437EF71-9276-432D-AA74-CF8DA12EF11B} https://na5.salesfor...AXMailMerge.cab (CMMHost Object)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15118/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9CCBEC7-A90D-4EDF-BFAA-6FB51D679B35}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/08/11 10:31:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/09 18:23:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/08/09 18:22:01 | 000,102,416 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\RTNUninst32.dll
[2012/08/09 18:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\Network Card Driver
[2012/08/09 17:52:20 | 100,834,120 | ---- | C] (NVIDIA Corporation) -- C:\Documents and Settings\Scott\Desktop\301.42-desktop-winxp-32bit-english-whql.exe
[2012/07/25 20:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\Fonts
[2012/07/24 19:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\Image Gallery Magic 2
[2012/07/24 19:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\Column Composer Pages
[2012/07/19 21:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Local Settings\Application Data\ESET
[2012/07/18 15:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Adobe Photoshop Elements 10
[2012/07/18 15:38:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/07/18 15:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant
[2012/07/17 19:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\Column Composer Magic
[2012/02/11 21:47:32 | 001,393,736 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\Scott\gotomypc_635.exe

========== Files - Modified Within 30 Days ==========

[2012/08/11 14:49:33 | 025,608,192 | R--- | M] () -- C:\Documents and Settings\Scott\Desktop\The Ingredient Source LLC.QBW
[2012/08/11 14:49:33 | 004,521,984 | R--- | M] () -- C:\Documents and Settings\Scott\Desktop\The Ingredient Source LLC.QBW.TLG
[2012/08/11 14:36:05 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/11 14:31:09 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004UA.job
[2012/08/11 14:26:28 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/11 13:33:02 | 000,000,998 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004UA.job
[2012/08/11 11:26:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/11 08:42:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-813497703-682003330-1004.job
[2012/08/11 04:31:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004Core.job
[2012/08/10 20:39:10 | 000,020,991 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\samsbody.png
[2012/08/10 19:33:00 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004Core.job
[2012/08/10 14:12:18 | 000,000,403 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\The Ingredient Source LLC.QBW.ND
[2012/08/09 18:02:48 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2012/08/09 18:01:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/09 18:01:21 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-813497703-682003330-1004.job
[2012/08/09 18:01:17 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2012/08/09 18:01:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/09 17:59:29 | 000,054,472 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/08/09 17:59:29 | 000,054,472 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/08/09 17:59:29 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/08/09 17:56:29 | 001,075,248 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/08/09 17:56:29 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/08/09 17:56:23 | 001,075,248 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/08/09 17:53:44 | 100,834,120 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\Scott\Desktop\301.42-desktop-winxp-32bit-english-whql.exe
[2012/08/09 17:49:01 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/08/09 15:48:35 | 000,026,851 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Tool Truck Bill Of Sale.pdf
[2012/08/09 15:09:24 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/08/09 07:45:14 | 000,023,489 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\sk body.PNG
[2012/08/09 07:45:14 | 000,023,489 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\sk body.PNG
[2012/08/09 07:40:10 | 000,036,332 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\xertics body.png
[2012/08/09 07:40:10 | 000,036,332 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\xertics body.png
[2012/08/09 07:34:49 | 000,019,347 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\isilversbody.png
[2012/08/09 07:34:49 | 000,019,347 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\isilversbody.png
[2012/08/09 07:28:02 | 000,007,580 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\cool emo head.png
[2012/08/09 07:27:47 | 000,007,580 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\photo.png
[2012/08/09 07:21:40 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\cool body.png
[2012/08/09 07:21:40 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\cool body.png
[2012/08/09 07:19:45 | 000,010,047 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\brown head.png
[2012/08/09 07:19:45 | 000,010,047 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\brown head.png
[2012/08/08 23:35:16 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Google Chrome.lnk
[2012/08/08 23:35:16 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/08 12:37:07 | 000,090,874 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\vinyl_scratch.jpg
[2012/08/08 12:33:40 | 000,032,460 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\lol.png
[2012/08/08 12:31:14 | 000,157,092 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\vinyl_scratch_wallpaper_by_glitcher007-d4evn0j.jpg
[2012/08/07 22:11:45 | 000,059,118 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\ponyville.jpg
[2012/08/07 22:08:24 | 000,219,549 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\my little brony.jpg
[2012/08/07 21:07:07 | 004,369,450 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\equestria.jpg
[2012/08/07 21:00:11 | 000,031,949 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\brony picture.jpg
[2012/08/07 20:54:48 | 000,096,247 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\mlp.jpg
[2012/08/07 20:46:07 | 000,034,266 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\rainbow dash with glasses.png
[2012/08/07 20:35:19 | 000,270,777 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\rainbow dash cool thing.png
[2012/08/07 15:28:54 | 000,000,024 | ---- | M] () -- C:\Documents and Settings\Scott\random.dat
[2012/08/07 15:27:30 | 000,000,061 | ---- | M] () -- C:\Documents and Settings\Scott\jagex_cl_runescape_LIVE.dat
[2012/08/06 15:43:14 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2012/08/04 16:00:18 | 000,008,354 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\rainbow dash.jpg
[2012/08/04 15:58:01 | 000,143,937 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\neon rainbow dash.jpg
[2012/08/04 15:54:47 | 000,088,803 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\Rainbow-Dash-Pony.jpg
[2012/08/03 01:36:07 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/08/03 01:36:07 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/08/03 01:36:06 | 009,827,016 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012/08/02 18:07:47 | 000,006,246 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\!@.png
[2012/08/02 17:19:23 | 000,002,913 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\bitzsam.png
[2012/08/02 17:19:23 | 000,002,913 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\bitzsam.png
[2012/08/02 16:49:48 | 000,011,774 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\awsome tuxedo.png
[2012/08/02 16:49:48 | 000,011,774 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\awsome tuxedo.png
[2012/08/01 23:26:18 | 000,037,429 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\cool blue eye body.gif
[2012/08/01 23:26:18 | 000,037,429 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\cool blue eye body.gif
[2012/08/01 14:45:27 | 000,017,386 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (DRM Properties).pdf
[2012/08/01 14:34:39 | 000,017,455 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (Community School Of Davidson).pdf
[2012/07/31 23:41:19 | 000,041,174 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\pimpsy.jpg
[2012/07/31 18:57:44 | 000,020,991 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\3sw8D.png
[2012/07/30 10:50:03 | 000,013,651 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Intuit.pdf
[2012/07/27 11:08:26 | 000,011,418 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\newbody6.png
[2012/07/26 21:43:17 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/07/26 17:49:29 | 001,607,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/26 00:44:21 | 000,066,408 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/07/23 10:04:09 | 000,006,513 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\!.PNG
[2012/07/23 09:57:59 | 000,009,787 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\classic_personal_head_graal782997-102.gif
[2012/07/19 14:45:27 | 000,001,956 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\11123.PNG
[2012/07/19 13:06:46 | 000,006,924 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\111.png
[2012/07/19 13:03:43 | 000,020,405 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\12.PNG
[2012/07/19 12:55:22 | 000,019,566 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\1.jpg
[2012/07/18 15:38:14 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Download Assistant.lnk
[2012/07/18 01:00:42 | 000,172,525 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\music logo.png
[2012/07/18 01:00:06 | 001,066,832 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\music logo.ai
[2012/07/17 22:11:50 | 000,214,190 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo Notes Highlighted.png
[2012/07/17 22:00:39 | 000,035,260 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo Notes Highlighted.jpg
[2012/07/17 21:57:37 | 001,081,372 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo Notes Highlighted.ai
[2012/07/17 18:08:28 | 000,214,533 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo.png
[2012/07/17 18:05:30 | 001,079,746 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo.ai
[2012/07/17 18:04:57 | 001,080,972 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Logo Altered.ai
[2012/07/17 15:38:35 | 000,034,144 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\kota body.png
[2012/07/17 14:38:34 | 000,025,133 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\black-hoodie-oreo.png
[2012/07/17 12:16:01 | 000,086,562 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\THE MUSIC NEVER STOPS TOUR.pdf
[2012/07/17 10:31:58 | 000,086,562 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\THE MUSIC NEVER STOPS TOUR 2nd version.pdf
[2012/07/17 10:30:53 | 000,243,315 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\God's Promises Never Stop When... 2nd version.pdf
[2012/07/16 16:42:39 | 000,011,507 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\classic_personal_body_graal795754-193.gif
[2012/07/16 16:40:18 | 000,025,133 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\classic_personal_body_6989120-102.png
[2012/07/16 16:38:01 | 000,068,336 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\thumbs_classic_personal_body_6989120-102.png
[2012/07/16 16:02:38 | 000,004,925 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\Pro head.gif
[2012/07/16 13:41:47 | 000,012,860 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\aaa.png
[2012/07/15 21:05:22 | 002,034,980 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\HDPVR.JPG
[2012/07/15 21:05:05 | 001,896,940 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Xbox.JPG
[2012/07/14 22:39:39 | 000,126,781 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Nicole's Album and Song List.pdf
[2012/07/14 22:31:41 | 000,128,653 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Nicole's W9.pdf
[2012/07/14 22:30:41 | 000,002,311 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Adobe Acrobat 8 Professional.lnk
[2012/07/14 22:25:03 | 000,026,670 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Nicole's ID.pdf
[2012/07/14 22:23:36 | 000,036,261 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Voided Check.pdf
[2012/07/13 16:31:08 | 000,330,103 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Music Never Stops Logo Design Questions.pdf
[2012/07/12 15:56:00 | 000,017,480 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (Sears Outlet).pdf

========== Files Created - No Company Name ==========

[2012/08/10 20:39:22 | 000,020,991 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\samsbody.png
[2012/08/09 15:48:35 | 000,026,851 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Tool Truck Bill Of Sale.pdf
[2012/08/09 07:45:22 | 000,023,489 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\sk body.PNG
[2012/08/09 07:45:18 | 000,023,489 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\sk body.PNG
[2012/08/09 07:40:18 | 000,036,332 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\xertics body.png
[2012/08/09 07:40:16 | 000,036,332 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\xertics body.png
[2012/08/09 07:34:58 | 000,019,347 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\isilversbody.png
[2012/08/09 07:34:53 | 000,019,347 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\isilversbody.png
[2012/08/09 07:28:08 | 000,007,580 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\cool emo head.png
[2012/08/09 07:27:47 | 000,007,580 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\photo.png
[2012/08/09 07:21:48 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\cool body.png
[2012/08/09 07:21:45 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\cool body.png
[2012/08/09 07:20:02 | 000,010,047 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\brown head.png
[2012/08/09 07:19:59 | 000,010,047 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\brown head.png
[2012/08/08 12:37:11 | 000,090,874 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\vinyl_scratch.jpg
[2012/08/08 12:33:44 | 000,032,460 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\lol.png
[2012/08/08 12:31:30 | 000,157,092 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\vinyl_scratch_wallpaper_by_glitcher007-d4evn0j.jpg
[2012/08/07 22:11:51 | 000,059,118 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\ponyville.jpg
[2012/08/07 22:08:34 | 000,219,549 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\my little brony.jpg
[2012/08/07 21:07:15 | 004,369,450 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\equestria.jpg
[2012/08/07 21:00:17 | 000,031,949 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\brony picture.jpg
[2012/08/07 20:54:55 | 000,096,247 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\mlp.jpg
[2012/08/07 20:46:17 | 000,034,266 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\rainbow dash with glasses.png
[2012/08/07 20:35:33 | 000,270,777 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\rainbow dash cool thing.png
[2012/08/04 16:00:23 | 000,008,354 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\rainbow dash.jpg
[2012/08/04 15:58:07 | 000,143,937 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\neon rainbow dash.jpg
[2012/08/04 15:54:55 | 000,088,803 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\Rainbow-Dash-Pony.jpg
[2012/08/02 18:08:16 | 000,006,246 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\!@.png
[2012/08/02 17:19:35 | 000,002,913 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\bitzsam.png
[2012/08/02 17:19:31 | 000,002,913 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\bitzsam.png
[2012/08/02 16:50:10 | 000,011,774 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\awsome tuxedo.png
[2012/08/02 16:50:05 | 000,011,774 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\awsome tuxedo.png
[2012/08/01 23:26:34 | 000,037,429 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\cool blue eye body.gif
[2012/08/01 23:26:28 | 000,037,429 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\cool blue eye body.gif
[2012/08/01 14:45:27 | 000,017,386 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (DRM Properties).pdf
[2012/08/01 14:34:39 | 000,017,455 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (Community School Of Davidson).pdf
[2012/07/31 23:41:29 | 000,041,174 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\pimpsy.jpg
[2012/07/31 18:57:44 | 000,020,991 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\3sw8D.png
[2012/07/30 10:50:03 | 000,013,651 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Intuit.pdf
[2012/07/27 11:08:33 | 000,011,418 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\newbody6.png
[2012/07/23 10:04:08 | 000,006,513 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\!.PNG
[2012/07/23 09:58:06 | 000,009,787 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\classic_personal_head_graal782997-102.gif
[2012/07/19 13:12:21 | 000,001,956 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\11123.PNG
[2012/07/19 13:06:56 | 000,006,924 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\111.png
[2012/07/19 12:58:19 | 000,020,405 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\12.PNG
[2012/07/19 12:43:27 | 000,019,566 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\1.jpg
[2012/07/18 15:38:14 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Download Assistant.lnk
[2012/07/18 15:38:14 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Download Assistant.lnk
[2012/07/17 22:11:49 | 000,214,190 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo Notes Highlighted.png
[2012/07/17 22:00:39 | 000,035,260 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo Notes Highlighted.jpg
[2012/07/17 21:57:32 | 001,081,372 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo Notes Highlighted.ai
[2012/07/17 18:08:28 | 000,214,533 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo.png
[2012/07/17 18:05:22 | 001,079,746 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Tour Logo.ai
[2012/07/17 17:57:11 | 001,080,972 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Logo Altered.ai
[2012/07/17 17:33:46 | 001,066,832 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\music logo.ai
[2012/07/17 17:33:23 | 000,172,525 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\music logo.png
[2012/07/17 15:38:43 | 000,034,144 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\kota body.png
[2012/07/17 14:38:42 | 000,025,133 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\black-hoodie-oreo.png
[2012/07/17 10:31:58 | 000,086,562 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\THE MUSIC NEVER STOPS TOUR 2nd version.pdf
[2012/07/17 10:30:52 | 000,243,315 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\God's Promises Never Stop When... 2nd version.pdf
[2012/07/16 16:42:43 | 000,011,507 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\classic_personal_body_graal795754-193.gif
[2012/07/16 16:40:29 | 000,025,133 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\classic_personal_body_6989120-102.png
[2012/07/16 16:38:10 | 000,068,336 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\thumbs_classic_personal_body_6989120-102.png
[2012/07/16 16:03:14 | 000,004,925 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\Pro head.gif
[2012/07/16 13:42:04 | 000,012,860 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\aaa.png
[2012/07/15 21:05:05 | 002,034,980 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\HDPVR.JPG
[2012/07/15 21:05:05 | 001,896,940 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Xbox.JPG
[2012/07/14 22:39:38 | 000,126,781 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Nicole's Album and Song List.pdf
[2012/07/14 22:31:41 | 000,128,653 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Nicole's W9.pdf
[2012/07/14 22:25:03 | 000,026,670 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Nicole's ID.pdf
[2012/07/14 22:23:36 | 000,036,261 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Voided Check.pdf
[2012/07/13 16:22:40 | 000,330,103 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Music Never Stops Logo Design Questions.pdf
[2012/07/12 15:56:00 | 000,017,480 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Bee Removal Invoice (Sears Outlet).pdf
[2012/05/29 17:08:09 | 001,623,288 | ---- | C] () -- C:\WINDOWS\System32\nmNsp.dll
[2012/05/29 17:08:09 | 000,177,912 | ---- | C] () -- C:\WINDOWS\System32\CESpy.dll
[2012/05/29 17:08:08 | 001,633,280 | ---- | C] () -- C:\WINDOWS\System32\authServer.exe
[2012/05/27 16:14:24 | 000,000,061 | ---- | C] () -- C:\Documents and Settings\Scott\jagex_cl_runescape_LIVE.dat
[2012/05/27 16:14:24 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Scott\random.dat
[2012/05/18 03:22:43 | 000,465,128 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/03/18 15:56:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Scott\jagex_Runescape_preferences.dat
[2012/02/15 04:01:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/06 20:51:47 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2012/01/16 01:06:51 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/01/14 18:59:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/16 18:47:23 | 000,000,141 | ---- | C] () -- C:\WINDOWS\RealFlight.INI
[2011/12/15 15:11:40 | 000,072,080 | ---- | C] () -- C:\Documents and Settings\Scott\g2mdlhlpx.exe
[2011/12/12 08:19:15 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Scott\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/19 13:55:24 | 000,214,016 | ---- | C] () -- C:\Documents and Settings\Scott\Application Data\SharedSettings.ccs
[2011/11/14 14:51:51 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2011/10/06 09:37:00 | 000,110,456 | ---- | C] () -- C:\Documents and Settings\Scott\g2ax_customer_downloadhelper_win32_x86.exe
[2011/09/30 16:36:55 | 000,020,886 | ---- | C] () -- C:\WINDOWS\System32\ddmon.dll
[2011/09/01 00:12:37 | 000,066,408 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/08/28 16:00:51 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\Scott\Application Data\6ad5bb60c75b4ccde42fd0a36026cffc_c68827fd-c27b-4547-9594-982fb91d1c77.gpg
[2011/08/15 14:04:27 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2011/08/13 19:20:04 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2011/08/12 15:52:18 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/08/12 15:52:17 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011/08/12 15:52:11 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/08/12 15:52:11 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/08/12 15:52:08 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/08/12 11:37:45 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011/08/11 13:48:29 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/08/11 13:44:42 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/08/11 13:44:42 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/08/11 11:28:33 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011/08/11 10:53:58 | 000,261,632 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2011/08/11 10:53:35 | 001,075,248 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/08/11 10:53:35 | 001,075,248 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/08/11 10:53:35 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/08/11 10:53:22 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011/08/11 10:33:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/08/11 10:29:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/08/11 06:19:06 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/08/11 06:18:02 | 001,607,912 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/26 00:05:00 | 010,898,456 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2011/05/26 00:05:00 | 000,336,408 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2011/05/26 00:05:00 | 000,104,472 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2011/05/25 23:56:28 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini

< End of report >
  • 0

#4
Gammo
Posted 12 August 2012 - 11:30 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
You've got a program called CovenantEyes on your computer. Did you (or another user of the PC) install this knowingly?


Please ignore the following part, it's a note to myself:
SRV - (Updater Service for StartNow Toolbar) -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe File not found
[2012/07/02 21:09:58 | 000,000,000 | ---D | M] ("I Want This") -- C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\dnfm1hot.default\extensions\[email protected]
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - Reg Error: Value error. File not found
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - Reg Error: Value error. File not found
  • 0

#5
rsderrick
Posted 12 August 2012 - 01:18 PM

rsderrick

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
Yes I'm aware of it. It is a internet accountability program. I'm told by the company that program doesn't slow the computer down. Of course I'm open to your thoughts.
  • 0

#6
Gammo
Posted 13 August 2012 - 04:45 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
CovenantEyes appears to be legitimate, but if you don't need it, I suggest you uninstall it.






Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
SRV - (Updater Service for StartNow Toolbar) -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe File not found
[2012/07/02 21:09:58 | 000,000,000 | ---D | M] ("I Want This") -- C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\dnfm1hot.default\extensions\[email protected]
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - Reg Error: Value error. File not found
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - Reg Error: Value error. File not found

:Services

:Reg

:Files
ipconfig /flushdns /c
C:\Program Files\StartNow Toolbar

:Commands
[purity]
[resethosts]
[emptytemp]
[emptyflash]
[createrestorepoint]
[reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done





Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.



Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#7
rsderrick
Posted 13 August 2012 - 05:47 PM

rsderrick

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
It doesn't seem like this has the problem. It seems like it might have helped the YouTube issue as small percentage but it's hard to gauge it.

ComboFix 12-08-13.01 - Scott 08/13/2012 17:13:17.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1303 [GMT -4:00]
Running from: c:\documents and settings\Scott\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Scott\Application Data\.#
c:\documents and settings\Scott\Application Data\6ad5bb60c75b4ccde42fd0a36026cffc_c68827fd-c27b-4547-9594-982fb91d1c77.gpg
c:\documents and settings\Scott\g2ax_customer_downloadhelper_win32_x86.exe
c:\documents and settings\Scott\g2mdlhlpx.exe
c:\documents and settings\Scott\WINDOWS
c:\documents and settings\Scott\WINDOWS\crc32.crc
C:\Thumbs.db
c:\windows\system32\_000011_.tmp.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-07-13 to 2012-08-13 )))))))))))))))))))))))))))))))
.
.
2012-08-13 20:49 . 2012-08-13 20:49 -------- d-----w- C:\_OTL
2012-08-09 22:22 . 2010-09-23 19:46 102416 ----a-w- c:\windows\system32\RTNUninst32.dll
2012-07-20 01:13 . 2012-07-20 01:13 -------- d-----w- c:\documents and settings\Scott\Local Settings\Application Data\ESET
2012-07-18 19:38 . 2012-07-18 19:38 -------- d-----w- c:\documents and settings\Scott\Adobe Photoshop Elements 10
2012-07-18 19:38 . 2012-07-18 19:38 -------- d-----w- c:\documents and settings\Scott\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-07-18 19:38 . 2012-07-18 19:38 -------- d-----w- c:\program files\Adobe Download Assistant
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-03 05:36 . 2012-04-28 21:01 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-03 05:36 . 2011-08-11 15:05 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-03 05:36 . 2012-05-05 05:36 9827016 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-06-13 13:29 . 2009-10-22 20:33 1875072 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:48 . 2009-10-22 20:32 1447936 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:48 . 2009-10-22 20:32 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:31 . 2009-10-22 20:32 153088 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 19:19 . 2009-10-22 20:33 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19 . 2011-08-11 14:30 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 19:19 . 2011-08-11 14:30 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 19:19 . 2011-08-11 14:30 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19 . 2009-10-22 20:33 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19 . 2011-08-11 14:30 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 19:19 . 2011-08-11 14:30 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 19:19 . 2009-10-22 20:33 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 19:19 . 2009-10-22 20:33 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19 . 2009-10-22 20:31 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 19:19 . 2009-10-22 20:33 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:19 . 2011-08-11 14:30 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 19:19 . 2011-08-11 14:30 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 19:18 . 2009-10-22 20:33 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 19:18 . 2009-10-22 20:33 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 19:18 . 2009-10-22 20:33 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:19 . 2009-10-22 20:31 599552 ----a-w- c:\windows\system32\crypt32.dll
2012-05-23 14:53 . 2011-08-12 15:37 360336 ----a-w- c:\windows\system32\drivers\Rtenicxp.sys
2012-05-16 15:08 . 2009-10-22 20:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-04-21 01:19 . 2012-01-05 18:16 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-10-22 . 367DE8E5F638C091F49273144274F629 . 361600 . . [5.1.2600.5649] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2009-10-22 . CE42C0C1C33CEBD799056525461C523B . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2011-03-04 00:52 762000 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2011-03-04 00:52 762000 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2011-03-04 00:52 762000 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\documents and settings\Scott\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\documents and settings\Scott\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\documents and settings\Scott\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\documents and settings\Scott\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\documents and settings\Scott\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
"0C4CE765DFA7A6F49B6B9EDEA51F9EFCC26324AF._service_run"="c:\documents and settings\Scott\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012-08-07 1229848]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTHelper"="CTHELPER.EXE" [2006-12-12 19456]
"RTHDCPL"="RTHDCPL.EXE" [2011-04-14 20053608]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-02-22 1497352]
"Carbonite Backup"="c:\program files\Carbonite\Carbonite Backup\CarboniteUI.exe" [2011-03-04 948880]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"Vonage"="c:\program files\Vonage\Vonage Click-2-Call\click2call.exe" [2004-05-26 135168]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1313640]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-23 620152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-01-22 296056]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"NMSVC"="c:\program files\CE\CovenantEyes.exe" [2011-11-28 2428928]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 3117344]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
"NvMediaCenter"="NvMCTray.dll" [2012-05-15 108352]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-05-15 1634112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Intuit\\QuickBooks 2010\\QBDBMgrN.exe"=
"c:\\Documents and Settings\\Scott\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Documents and Settings\\Scott\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Documents and Settings\\Scott\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58992:TCP"= 58992:TCP:Pando Media Booster
"58992:UDP"= 58992:UDP:Pando Media Booster
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
"58331:TCP"= 58331:TCP:Pando Media Booster
"58331:UDP"= 58331:UDP:Pando Media Booster
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [8/11/2011 1:44 PM 13496]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [8/4/2011 9:20 AM 120152]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [8/4/2011 9:20 AM 104160]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [3/7/2012 3:40 PM 913144]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [8/9/2012 5:57 PM 1262400]
R2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [5/26/2011 12:05 AM 450848]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [5/5/2010 9:23 PM 171096]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [5/5/2010 9:24 PM 1324120]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [5/5/2010 9:23 PM 72792]
S1 MpKsl93620a2c;MpKsl93620a2c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{13E8288A-80CD-483C-98A8-2159612BA6D5}\MpKsl93620a2c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{13E8288A-80CD-483C-98A8-2159612BA6D5}\MpKsl93620a2c.sys [?]
S1 MpKsl97dfd0e7;MpKsl97dfd0e7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F6A2EA03-ECC1-4769-BAFA-C038E7969C74}\MpKsl97dfd0e7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F6A2EA03-ECC1-4769-BAFA-C038E7969C74}\MpKsl97dfd0e7.sys [?]
S1 MpKslb03c1e63;MpKslb03c1e63;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E2DDA5BC-E858-4634-BB64-98A52C0DDD90}\MpKslb03c1e63.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E2DDA5BC-E858-4634-BB64-98A52C0DDD90}\MpKslb03c1e63.sys [?]
S2 Auth Service;Auth Service;c:\windows\system32\authServer.exe [5/29/2012 5:08 PM 1633280]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2011 12:01 AM 136176]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [7/5/2012 6:41 PM 3048136]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [1/31/2012 4:09 PM 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/28/2012 5:01 PM 250056]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [8/11/2011 12:44 PM 1691480]
S3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [5/26/2011 12:05 AM 22176]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [8/12/2011 12:23 PM 79360]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [5/5/2010 9:23 PM 171096]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [5/5/2010 9:24 PM 1324120]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [5/5/2010 9:23 PM 72792]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2011 12:01 AM 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [5/27/2012 4:24 PM 129976]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios32_100507.sys [5/10/2010 10:44 AM 25912]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;\??\c:\program files\MSI\Live Update 5\NTIOLib.sys --> c:\program files\MSI\Live Update 5\NTIOLib.sys [?]
S3 NTIOLib_1_0_8;NTIOLib_1_0_8;c:\progra~1\MSI\MSIWDev\NTIOLib.sys [1/27/2011 2:43 PM 7680]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [8/11/2011 10:53 AM 119528]
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-28 05:36]
.
2012-08-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2012-08-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004Core.job
- c:\documents and settings\Scott\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2011-10-02 23:28]
.
2012-08-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004UA.job
- c:\documents and settings\Scott\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2011-10-02 23:28]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-10 04:01]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-10 04:01]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004Core.job
- c:\documents and settings\Scott\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-08-11 17:01]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004UA.job
- c:\documents and settings\Scott\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-08-11 17:01]
.
2012-08-13 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-813497703-682003330-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 21:02]
.
2012-08-11 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-813497703-682003330-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 21:02]
.
2012-08-13 c:\windows\Tasks\SmartDefrag_Startup.job
- c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2011-08-11 00:19]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://isearch.avg.com/?cid={BA3A5744-13DF-4868-9FA3-BBF15D8CEC7A}&mid=fd3e3c0ae7a147d090dcd1438bf95b82-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=en&ds=ft011&pr=sa&d=2012-06-08 15:47&v=11.1.0.7&sap=hp
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
LSP: CESpy.dll
Trusted Zone: com\www.msi
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
DPF: {9437EF71-9276-432D-AA74-CF8DA12EF11B} - hxxps://na5.salesforce.com/dwnld/mailmerge/AXMailMerge.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\documents and settings\Scott\Application Data\Mozilla\Firefox\Profiles\dnfm1hot.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://isearch.avg.com?cid=%7B60ac3304-f4e1-4c12-8c13-2dba3d24dcd6%7D&mid=fd3e3c0ae7a147d090dcd1438bf95b82-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&ds=ft011&v=11.1.0.7&lang=en&pr=sa&d=2012-06-08%2015%3A47%3A59&sap=hp
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B60ac3304-f4e1-4c12-8c13-2dba3d24dcd6%7D&mid=fd3e3c0ae7a147d090dcd1438bf95b82-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&ds=ft011&v=11.1.0.7&lang=en&pr=sa&d=2012-06-08%2015%3A47%3A59&sap=ku&q=
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-StartNow Toolbar - c:\program files\StartNow Toolbar\StartNowToolbarUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-13 17:20
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTHelper = CTHELPER.EXE?
CTxfiHlp = CTXFIHLP.EXE?
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(748)
c:\windows\system32\CESpy.dll
.
Completion time: 2012-08-13 17:24:09
ComboFix-quarantined-files.txt 2012-08-13 21:23
.
Pre-Run: 820,737,118,208 bytes free
Post-Run: 820,674,306,048 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - CF41FF888F67156AA14F0F1676502B69
  • 0

#8
Gammo
Posted 14 August 2012 - 08:14 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.


Also please tell me how your PC is running now. I don't see anything too serious in your log files, so I'm not sure malware is the cause of your problems to be honest. :)
  • 0

#9
rsderrick
Posted 14 August 2012 - 08:49 AM

rsderrick

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
Thanks so much for the info. I kinda guessed it might not be anything but I want to make sure I rule it completely out first. Here's the log:


Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.14.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Scott :: SCOTT-F04908DE0 [administrator]

Protection: Enabled

8/14/2012 10:31:27 AM
mbam-log-2012-08-14 (10-31-27).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 241699
Time elapsed: 11 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 7
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: c1e4c3e11259ce370e22c36bcc56a1cc -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\Scott\My Documents\Downloads\minecraft setup.exe (PUP.AdBundle) -> Quarantined and deleted successfully.

(end)
  • 0

#10
Gammo
Posted 14 August 2012 - 08:50 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Your logs appear to be clean now. There is only a bit of cleanup that we will deal with in this post, as well as prevention from future infections. ^_^

Remove Combofix now that we're done with it.
  • Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
  • Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
    Posted Image
  • Please follow the prompts to uninstall Combofix.
  • You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • Download OTC to your desktop and run it
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep a backup of your important files
Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Make proper use of your anti-virus and firewall
You should keep your anti-virus and firewall guard enabled at all times, don't shut them off unless there's a specific reason to do so.

Also, regularly performing a full system scan with your anti-virus program is a good idea to make sure nothing has slipped through your protection. Once every two weeks works well for many people. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.

Keep in mind that anti-virus programs are far from perfect. They don't protect you against every piece of malware that's out there, so don't trust them blindly. If an anti-virus reports a file as 'clean' then it's doesn't necessarily has to mean it is.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep all your software updated
It is important to keep up on system updates from Microsoft by regularly checking their website at: http://windowsupdate.microsoft.com/, as these patch critical security vulnerabilities and help to keep you safe.

It's also important to keep programs up to date so that malware doesn't exploit any old security flaws. FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Java and Adobe Reader are two of the main security vulnerabilities. You can find the latest version of Java here, you will want the Java SE Runtime Environment (JRE) one. You can find the latest version of Adobe Reader here.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Use a safer web browser
Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a couple good free alternatives: Google Chrome and Opera. Both are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these.

The WOT add-on will nicely help to enhance your security, no matter which web browser you use. This add-on tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Some other security programs

It is wise these days to have a few security programs installed and running on your machine except from just an anti-virus and a firewall. I will list some of them.
  • A good anti-spyware program installed on your pc is very important to help remove any spyware that may have gotten on your computer. I highly recommend Malwarebytes' Anti-Malware.
  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites in the future.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Be careful
Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to exercise common sense. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully to make sure that you know what you're getting.

Using peer-to-peer programs (eg: LimeWire, BitTorrent, uTorrent, Kazaa) or downloading cracks and keygens is something else to avoid. These are the most common way to get infected. Malware writers use these programs to spread infections as it is the easiest way for them. The majority of infections we see in the Malware Removal forum are due to people using p2p programs to download cracks/keygens/warez. These are not only illegal, but will always contain some form of malware. You have no way of verifying that the things you download are legitimate or that they don't contain malware. Even with an up to date anti-virus and firewall, some of these things will still infect you. It is highly recommend that you uninstall all peer-to-peer programs. It just isn't worth it.

Other common ways of getting infected are dis-reputable sites forcing you to download and install a codec. Or viruses using Instant Messaging programs (Windows Live Messenger, MSN Messenger, AIM) to send a file claiming it to be "photos" from a friend, only for it to turn out to be a virus.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Slow computer?
If your computer begins to slow down in the future for no particular reason, your first step should not be to come to the malware forum. As your computer ages and is used, it's parts wear, files and programs accumulate, and its performance can decrease. To restore your computer's performance to its best possible level, follow the steps in this page written by malware expert Miekiemoes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'll leave this thread open for a couple days in case you come across any lingering problems that need fixing, then I'll close it up. If you need it reopened for any reason just shoot me a PM. It's been a pleasure working with you, now best of luck!

Cheers,
Gammo :cool:
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP