OTL logfile created on: 3/1/2013 10:51:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jason\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.61 Gb Total Physical Memory | 1.30 Gb Available Physical Memory | 49.96% Memory free
5.22 Gb Paging File | 3.64 Gb Available in Paging File | 69.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 459.76 Gb Total Space | 377.45 Gb Free Space | 82.10% Space Free | Partition Type: NTFS
Drive D: | 5.91 Gb Total Space | 0.92 Gb Free Space | 15.51% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 351.30 Gb Free Space | 75.43% Space Free | Partition Type: NTFS
Computer Name: JASON-HP | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/01 22:28:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
PRC - [2013/02/26 17:38:24 | 000,701,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe
PRC - [2013/02/21 05:37:06 | 001,236,336 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2013/02/21 05:37:04 | 018,814,816 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAware.exe
PRC - [2013/02/11 04:47:42 | 000,673,192 | ---- | M] (Lavasoft.) -- C:\ProgramData\Search Protection\SearchProtection.exe
PRC - [2013/01/31 09:11:58 | 000,542,632 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2013/01/27 09:39:55 | 000,162,816 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
PRC - [2012/12/18 13:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/26 18:56:36 | 000,070,656 | ---- | M] (Nike) -- C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe
PRC - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
PRC - [2012/08/29 12:01:16 | 000,095,744 | ---- | M] (j2 Global Communications, Inc.) -- C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe
PRC - [2011/11/11 14:31:00 | 000,042,496 | ---- | M] (Supra) -- C:\dKEYUSBCradle\SyncService.exe
PRC - [2011/11/11 14:30:58 | 000,105,472 | ---- | M] (Supra) -- C:\dKEYUSBCradle\SyncInfoApp.exe
PRC - [2011/11/11 14:30:54 | 000,014,848 | ---- | M] (Supra) -- C:\dKEYUSBCradle\ProxyDaemon.exe
PRC - [2011/11/11 14:27:10 | 000,073,216 | ---- | M] () -- C:\dKEYUSBCradle\stunnel-4.10.exe
PRC - [2011/02/17 00:47:12 | 000,579,640 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
PRC - [2011/01/25 19:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/11/20 15:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 15:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 15:29:10 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2010/11/10 17:39:34 | 000,284,160 | ---- | M] (Advanced Micro Devices, Inc.) -- c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2010/11/09 09:56:08 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/11/09 09:55:38 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/10/11 04:48:00 | 000,246,840 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
PRC - [2010/09/28 10:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2010/06/17 07:23:34 | 000,140,224 | ---- | M] (Advanced Micro Devices) -- c:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
PRC - [2010/02/11 12:07:54 | 000,710,656 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
PRC - [2009/11/17 05:15:08 | 000,087,968 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
PRC - [2009/08/24 20:11:16 | 000,656,896 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
PRC - [2009/07/13 19:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/07/02 16:58:40 | 000,406,016 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
PRC - [2009/05/08 18:39:48 | 002,068,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
PRC - [2009/05/08 18:11:00 | 002,068,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
PRC - [2009/02/27 21:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
PRC - [2008/11/20 12:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe
========== Modules (No Company Name) ==========
MOD - [2013/02/11 04:47:14 | 000,087,464 | ---- | M] () -- C:\Program Files\adawaretb\adawareDx.dll
MOD - [2013/01/27 09:39:55 | 000,162,816 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
MOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/12/12 00:01:26 | 000,243,712 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/11/20 15:56:18 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\30b1d86571495ea86b9a19b13498aad3\WindowsFormsIntegration.ni.dll
MOD - [2010/11/20 15:52:53 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\fbc05b5b05dc6366b02b8e2f77d080f1\System.Core.ni.dll
MOD - [2010/11/20 15:52:49 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\299d0b38053fd7cbd84bac2178c3703b\PresentationFramework.Aero.ni.dll
MOD - [2010/11/20 15:52:40 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\da5da08245467818759aa44c4eb948e1\System.Web.ni.dll
MOD - [2010/11/20 15:52:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2010/11/20 15:52:23 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bfaf8f86e69928fb2f67987c0203f603\PresentationFramework.ni.dll
MOD - [2010/11/20 15:52:10 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2010/11/20 15:52:03 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2010/11/20 15:52:00 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\PresentationCore.ni.dll
MOD - [2010/11/20 15:50:46 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2010/11/20 15:50:41 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2010/11/20 15:50:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2010/11/20 15:50:36 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2010/11/20 15:50:29 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2010/11/10 17:39:38 | 000,096,256 | ---- | M] () -- c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2010/11/05 13:09:54 | 000,098,304 | R--- | M] () -- c:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009/07/02 16:58:40 | 000,406,016 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
MOD - [2009/02/27 21:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
MOD - [2009/02/19 19:22:50 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.dll
========== Services (SafeList) ==========
SRV - [2013/02/26 17:38:29 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/21 05:37:06 | 001,236,336 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2012/12/18 13:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2011/11/11 14:31:00 | 000,042,496 | ---- | M] (Supra) [Auto | Running] -- C:\dKEYUSBCradle\SyncService.exe -- (dKeySync)
SRV - [2011/02/17 00:47:12 | 000,579,640 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV - [2011/01/25 19:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/11/10 17:39:34 | 000,284,160 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2010/11/09 09:55:38 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/10/11 04:48:00 | 000,246,840 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV - [2010/09/28 10:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/06/17 07:23:34 | 000,140,224 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- c:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV - [2009/11/17 05:15:08 | 000,087,968 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe -- (AERTFilters)
SRV - [2009/07/13 19:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 19:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 19:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Auto | Stopped] -- C:\Users\Jason\AppData\Local\Temp\5937.sys -- (5937)
DRV - [2013/02/27 19:56:35 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto)
DRV - [2013/02/11 11:28:31 | 000,035,896 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gfiark.sys -- (gfiark)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/09/12 20:19:38 | 000,066,344 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\sbapifs.sys -- (sbapifs)
DRV - [2011/11/11 14:25:56 | 000,066,568 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\silabser.sys -- (silabser)
DRV - [2011/11/11 14:25:56 | 000,049,416 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\silabenm.sys -- (silabenm)
DRV - [2010/11/28 15:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010/11/20 15:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 15:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 15:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 15:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 15:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 15:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 15:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 15:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 15:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/11/09 10:33:04 | 006,574,080 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/11/09 09:18:34 | 000,229,888 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/11/04 07:52:50 | 000,064,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2010/11/04 07:52:50 | 000,032,384 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010/02/18 11:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009/09/16 01:37:08 | 000,083,888 | ---- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OxSer.sys -- (OxSer)
DRV - [2009/07/13 18:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 17:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2008/07/31 05:13:18 | 000,082,048 | ---- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OxPPort.sys -- (OxPPort)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/19
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCOM/19
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CMDTDF
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3220468
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CMDTDF
IE - HKLM\..\SearchScopes\{C20123EB-608F-4110-A3FA-EF65B9A8C98B}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/19
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securesearch....C87CD512EBAC5CB
IE - HKCU\..\URLSearchHook: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CMDTDF
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://lavasoft.blek...q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3220468
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CMDTDF
IE - HKCU\..\SearchScopes\{C20123EB-608F-4110-A3FA-EF65B9A8C98B}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/01/27 01:14:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/01/27 01:14:51 | 000,000,000 | ---D | M]
[2013/01/27 08:47:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\extensions
[2013/01/27 08:47:53 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.13.20.29_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.13.20.29_0\plugins/np-cwmp.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Logo Maker = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciojdpgahhgdpmlhnocojjfhkfdmemdh\1_0\
CHR - Extension: Google Search = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.14.251.3_0\
CHR - Extension: SecureSearch = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik\1.0.0.1_0\
CHR - Extension: Gmail = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013/03/01 22:43:53 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP KEYBOARDx] C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE (Hewlett-Packard)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Nike+ Connect] C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)
O4 - HKLM..\Run: [SearchProtection] C:\ProgramData\Search Protection\_run.bat ()
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [eFax 4.4] C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe (j2 Global Communications, Inc.)
O4 - HKCU..\Run: [Plex Media Server] C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eFax 4.4.lnk = C:\Program Files\eFax Messenger 4.4\J2GTray.exe (j2 Global Communications, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5110868B-96A9-4C1A-A370-55044B8FBAE8}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/03/09 21:37:48 | 000,000,164 | ---- | M] () - F:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/01 22:30:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/01 22:28:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2013/03/01 22:17:27 | 000,035,896 | ---- | C] (GFI Software) -- C:\Windows\System32\drivers\gfiark.sys
[2013/02/27 20:41:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\VDD
[2013/02/27 20:39:34 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\LavasoftStatistics
[2013/02/27 20:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013/02/27 20:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2013/02/27 20:03:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013/02/27 20:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2013/02/27 20:03:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013/02/27 20:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Search Protection
[2013/02/27 20:03:06 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\adawarebp
[2013/02/27 20:03:05 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
[2013/02/27 20:03:05 | 000,000,000 | ---D | C] -- C:\ProgramData\adawaretb
[2013/02/27 20:03:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2013/02/27 20:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2013/02/27 20:02:52 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\SecureSearch
[2013/02/27 20:02:44 | 000,000,000 | ---D | C] -- C:\Program Files\adawaretb
[2013/02/27 19:56:36 | 000,013,560 | ---- | C] (GFI Software) -- C:\Windows\System32\drivers\gfibto.sys
[2013/02/27 19:56:35 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Ad-Aware Antivirus
[2013/02/27 18:16:45 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Malwarebytes
[2013/02/27 18:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/27 18:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/02/27 18:16:17 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/02/27 18:16:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/02/27 18:16:09 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Programs
[2013/02/24 10:59:31 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/02/23 12:18:28 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Adobe
[2013/02/23 12:17:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/02/23 12:17:50 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/02/23 09:38:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/02/23 09:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/02/23 09:38:00 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013/02/23 09:38:00 | 000,782,240 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013/02/23 09:38:00 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/02/23 09:37:49 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/02/23 09:37:49 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/02/23 09:37:49 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/02/23 09:37:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/02/23 09:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/02/18 18:37:53 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\The Walking Dead 1-90
[2013/02/16 14:06:15 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\Gary Allan - Set You Free (2013)
[2013/02/15 12:02:41 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\Mary Margaret
[2013/02/10 14:28:57 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\j2 Global
[2013/02/10 14:27:52 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\eFax Messenger
[2013/02/10 14:26:42 | 000,000,000 | ---D | C] -- C:\ProgramData\eFax Messenger 4.4 Output
[2013/02/10 14:26:34 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\eFax Messenger 4.4
[2013/02/10 14:26:34 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFax Messenger 4.4
[2013/02/10 14:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\eFax Messenger 4.4
[2013/02/07 18:35:01 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\My Scans
[2013/02/05 18:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
[2013/02/05 18:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\Plex
[2013/02/03 12:30:45 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2013/02/01 16:50:46 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\redsn0w
[2013/01/31 18:43:17 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Corel Website Creator X6
[2013/01/31 18:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
[2013/01/31 18:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2013/01/31 18:40:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Corel Website Creator X6
[2013/01/31 18:23:30 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\HTML And CSS - Design And Build Websites V413HAV
========== Files - Modified Within 30 Days ==========
[2013/03/01 22:54:56 | 000,016,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/01 22:54:56 | 000,016,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/01 22:52:26 | 000,657,732 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/01 22:52:26 | 000,119,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/01 22:47:47 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/03/01 22:47:16 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/01 22:45:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/01 22:45:52 | 2103,349,248 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/01 22:43:53 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2013/03/01 22:28:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2013/03/01 22:26:04 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/01 21:41:42 | 1678,127,636 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/03/01 20:04:26 | 000,000,000 | ---- | M] () -- C:\Windows\System32\SBRC.dat
[2013/02/27 20:44:12 | 000,380,509 | ---- | M] () -- C:\Users\Jason\Desktop\Search Map.png
[2013/02/27 20:23:49 | 001,435,189 | ---- | M] () -- C:\Users\Jason\Desktop\Renata DL.jpg
[2013/02/27 19:56:35 | 000,013,560 | ---- | M] (GFI Software) -- C:\Windows\System32\drivers\gfibto.sys
[2013/02/27 18:16:18 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/27 18:12:40 | 000,136,592 | ---- | M] () -- C:\Users\Jason\Documents\cc_20130227_181235.reg
[2013/02/27 17:14:20 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJason.job
[2013/02/23 12:41:34 | 001,588,941 | ---- | M] () -- C:\Users\Jason\Desktop\Lease_Application_Nina.pdf
[2013/02/23 12:18:04 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/02/23 12:15:27 | 001,685,518 | ---- | M] () -- C:\Users\Jason\Desktop\Lease_Application Pryor.pdf
[2013/02/23 12:14:59 | 000,376,982 | ---- | M] () -- C:\Users\Jason\Desktop\2011_CorpTax_Return.pdf
[2013/02/23 09:40:35 | 000,000,088 | ---- | M] () -- C:\Users\Jason\.java.policy
[2013/02/23 09:39:59 | 000,000,134 | ---- | M] () -- C:\Users\Jason\Desktop\ZIP Forms.url
[2013/02/23 09:37:36 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/02/23 09:37:35 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013/02/23 09:37:35 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013/02/23 09:37:35 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/02/23 09:37:35 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/02/23 09:37:35 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/02/22 23:17:06 | 000,002,131 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/02/22 17:29:37 | 000,210,968 | ---- | M] () -- C:\Users\Jason\Desktop\Check.png
[2013/02/15 12:19:01 | 000,205,593 | ---- | M] () -- C:\Windows\hpoins46.dat
[2013/02/15 12:15:00 | 000,001,946 | ---- | M] () -- C:\Users\Public\Desktop\HP ePrinterCenter.lnk
[2013/02/11 11:28:31 | 000,035,896 | ---- | M] (GFI Software) -- C:\Windows\System32\drivers\gfiark.sys
[2013/02/11 09:23:09 | 000,298,365 | ---- | M] () -- C:\Users\Jason\Desktop\Lease Extension.pdf
[2013/02/11 09:21:56 | 000,237,949 | ---- | M] () -- C:\Users\Jason\Desktop\Inventory-Lease.pdf
[2013/02/11 09:21:24 | 000,216,667 | ---- | M] () -- C:\Users\Jason\Desktop\Residential Lease.pdf
[2013/02/10 14:27:48 | 000,001,000 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eFax 4.4.lnk
[2013/02/10 14:27:47 | 000,000,971 | ---- | M] () -- C:\Users\Jason\Desktop\eFax Compose Fax 4.4.lnk
[2013/02/10 14:27:43 | 000,000,964 | ---- | M] () -- C:\Users\Jason\Desktop\eFax Messenger 4.4.lnk
[2013/02/10 14:26:44 | 000,000,000 | ---- | M] () -- C:\Windows\System32\eFax_4_4_Port
[2013/02/07 18:35:01 | 000,583,916 | ---- | M] () -- C:\Users\Jason\Desktop\Bruce Signed Page0001.pdf
[2013/02/07 18:07:05 | 000,384,673 | ---- | M] () -- C:\Users\Jason\Desktop\Bruce_Reiff.pdf
[2013/02/07 18:06:25 | 000,015,254 | ---- | M] () -- C:\Users\Jason\Documents\last_two_pay_stubs_for_Bruce_Reiff.pdf
[2013/02/07 18:06:25 | 000,015,254 | ---- | M] () -- C:\Users\Jason\Desktop\last_two_pay_stubs_for_Bruce_Reiff.pdf
[2013/02/01 19:09:32 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/01/31 18:43:17 | 000,002,148 | ---- | M] () -- C:\Users\Public\Desktop\Corel Website Creator X6.lnk
[2013/01/31 11:39:02 | 000,162,268 | ---- | M] () -- C:\Users\Jason\Desktop\Residential Lease App.pdf
========== Files Created - No Company Name ==========
[2013/03/01 21:41:42 | 1678,127,636 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/03/01 20:04:26 | 000,000,000 | ---- | C] () -- C:\Windows\System32\SBRC.dat
[2013/02/27 20:44:11 | 000,380,509 | ---- | C] () -- C:\Users\Jason\Desktop\Search Map.png
[2013/02/27 20:24:13 | 001,435,189 | ---- | C] () -- C:\Users\Jason\Desktop\Renata DL.jpg
[2013/02/27 20:03:50 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/02/27 18:16:18 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/27 18:12:37 | 000,136,592 | ---- | C] () -- C:\Users\Jason\Documents\cc_20130227_181235.reg
[2013/02/23 12:41:29 | 001,588,941 | ---- | C] () -- C:\Users\Jason\Desktop\Lease_Application_Nina.pdf
[2013/02/23 12:18:04 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/02/23 12:18:04 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/02/23 12:15:25 | 001,685,518 | ---- | C] () -- C:\Users\Jason\Desktop\Lease_Application Pryor.pdf
[2013/02/23 12:14:57 | 000,376,982 | ---- | C] () -- C:\Users\Jason\Desktop\2011_CorpTax_Return.pdf
[2013/02/23 09:40:35 | 000,000,088 | ---- | C] () -- C:\Users\Jason\.java.policy
[2013/02/23 09:39:49 | 000,000,134 | ---- | C] () -- C:\Users\Jason\Desktop\ZIP Forms.url
[2013/02/22 17:29:36 | 000,210,968 | ---- | C] () -- C:\Users\Jason\Desktop\Check.png
[2013/02/15 12:15:00 | 000,001,946 | ---- | C] () -- C:\Users\Public\Desktop\HP ePrinterCenter.lnk
[2013/02/15 12:11:42 | 000,205,593 | ---- | C] () -- C:\Windows\hpoins46.dat
[2013/02/15 12:11:42 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2013/02/11 09:23:06 | 000,298,365 | ---- | C] () -- C:\Users\Jason\Desktop\Lease Extension.pdf
[2013/02/11 09:21:53 | 000,237,949 | ---- | C] () -- C:\Users\Jason\Desktop\Inventory-Lease.pdf
[2013/02/11 09:21:20 | 000,216,667 | ---- | C] () -- C:\Users\Jason\Desktop\Residential Lease.pdf
[2013/02/11 09:16:55 | 000,015,254 | ---- | C] () -- C:\Users\Jason\Documents\last_two_pay_stubs_for_Bruce_Reiff.pdf
[2013/02/10 14:27:48 | 000,001,000 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eFax 4.4.lnk
[2013/02/10 14:27:45 | 000,000,971 | ---- | C] () -- C:\Users\Jason\Desktop\eFax Compose Fax 4.4.lnk
[2013/02/10 14:27:41 | 000,000,964 | ---- | C] () -- C:\Users\Jason\Desktop\eFax Messenger 4.4.lnk
[2013/02/10 14:26:44 | 000,000,000 | ---- | C] () -- C:\Windows\System32\eFax_4_4_Port
[2013/02/07 18:35:01 | 000,583,916 | ---- | C] () -- C:\Users\Jason\Desktop\Bruce Signed Page0001.pdf
[2013/02/07 18:19:51 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp
[2013/02/07 18:07:05 | 000,384,673 | ---- | C] () -- C:\Users\Jason\Desktop\Bruce_Reiff.pdf
[2013/02/07 18:06:19 | 000,015,254 | ---- | C] () -- C:\Users\Jason\Desktop\last_two_pay_stubs_for_Bruce_Reiff.pdf
[2013/02/04 17:15:05 | 000,000,320 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForJason.job
[2013/02/01 19:09:32 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/01/31 18:43:17 | 000,002,148 | ---- | C] () -- C:\Users\Public\Desktop\Corel Website Creator X6.lnk
[2013/01/31 11:38:59 | 000,162,268 | ---- | C] () -- C:\Users\Jason\Desktop\Residential Lease App.pdf
[2013/01/15 20:38:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/01/15 20:33:08 | 000,223,990 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013/01/15 20:33:08 | 000,002,888 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2013/01/15 20:33:04 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2013/01/15 20:33:03 | 000,014,051 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2011/03/03 23:04:58 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
========== ZeroAccess Check ==========
[2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 15:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 15:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >