I am running Win 7sp1, with nearly the latest updates. Recently my computer has begun playing audio at random times. It almost sounds like TV commercials or news. This can occur at any time, unless I disable the network adapter. Windows updates now fail to install. No hardware changes have been made.
I have ESET NOD32 Antivirus and run the latest Malwarebytes weekly.
In addition to the OTL.txt log, a file called "Extras.txt". Should I post that as well?
=======================
OTL logfile created on: 6/2/2014 11:08:32 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Scott\Desktop\Cleaning
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16844)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
8.00 Gb Total Physical Memory | 6.03 Gb Available Physical Memory | 75.44% Memory free
15.99 Gb Paging File | 14.31 Gb Available in Paging File | 89.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 180.94 Gb Free Space | 19.43% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 295.62 Gb Free Space | 31.74% Space Free | Partition Type: NTFS
Computer Name: HIPPEAUX | User Name: Scott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/06/02 10:58:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Scott\Desktop\Cleaning\OTL.exe
PRC - [2014/05/09 08:19:26 | 000,263,048 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
PRC - [2013/10/15 10:58:54 | 000,311,184 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2012/12/21 13:08:56 | 001,333,424 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2012/11/30 23:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/10/23 23:40:08 | 000,135,056 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe
PRC - [2012/07/10 19:42:34 | 000,460,432 | ---- | M] (NovaStor Corporation) -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsService.exe
PRC - [2012/07/10 19:32:40 | 000,313,488 | ---- | M] (NovaStor Corporation) -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsCtrl.exe
PRC - [2011/12/07 16:32:34 | 000,162,920 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision\Bundle\OSDServer\RTSS.exe
PRC - [2011/08/16 20:00:36 | 001,005,568 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/10/07 02:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009/03/26 10:48:46 | 000,364,032 | ---- | M] (TrippLite) -- C:\Program Files (x86)\TrippLite\PowerAlert\console\pastatus.exe
========== Modules (No Company Name) ==========
MOD - [2012/07/10 19:44:30 | 002,471,568 | ---- | M] () -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsAppRes409.dll
MOD - [2012/07/10 19:29:24 | 000,183,952 | ---- | M] () -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsEngineRes409.dll
MOD - [2011/12/07 16:32:34 | 000,162,920 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision\Bundle\OSDServer\RTSS.exe
MOD - [2011/12/02 20:23:06 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision\Bundle\OSDServer\RTMUI.dll
MOD - [2011/12/02 20:23:04 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision\Bundle\OSDServer\RTSSHooks.dll
MOD - [2011/12/02 20:22:58 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision\Bundle\OSDServer\RTUI.dll
MOD - [2011/12/02 20:22:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision\Bundle\OSDServer\RTFC.dll
MOD - [2011/05/01 02:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision\Bundle\OSDServer\RTTSH.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/12/21 13:08:56 | 001,333,424 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/10/07 02:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/05/19 12:22:45 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2014/05/14 13:38:18 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/21 21:26:13 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/15 10:58:54 | 000,311,184 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/12/03 10:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/11/30 23:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/10/23 23:40:08 | 000,135,056 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe -- (PDFProFiltSrv)
SRV - [2012/07/10 19:42:34 | 000,460,432 | ---- | M] (NovaStor Corporation) [Auto | Running] -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsService.exe -- (nsService)
SRV - [2012/07/10 19:15:06 | 000,256,512 | ---- | M] (NovaStor Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\ManagementServer.Agent.Service.exe -- (Backup Client Agent Service)
SRV - [2012/04/11 12:39:02 | 004,743,680 | ---- | M] (NovaStor Corporation) [Auto | Running] -- C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\DR\x64\drdiag.exe -- (Disaster Recovery Imaging)
SRV - [2011/08/16 20:00:36 | 001,005,568 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2011/08/16 15:53:58 | 000,199,680 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/06/25 09:00:36 | 000,038,016 | ---- | M] (SteelSeries Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SAlpham64.sys -- (SAlphamHid)
DRV:64bit: - [2012/12/21 13:09:28 | 000,139,768 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012/12/21 13:08:54 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/12/21 13:08:18 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012/07/03 10:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/27 11:30:40 | 000,024,456 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)
DRV:64bit: - [2011/07/27 11:30:12 | 000,018,952 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VHIDMini.sys -- (VHidMinidrv)
DRV:64bit: - [2011/07/27 11:29:08 | 000,025,352 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btcombus.sys -- (BTCOMBUS)
DRV:64bit: - [2011/07/27 11:28:58 | 000,029,576 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btcomport.sys -- (BTCOM)
DRV:64bit: - [2011/07/27 11:28:28 | 000,042,888 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btcusb.sys -- (Btcsrusb)
DRV:64bit: - [2011/06/15 03:30:46 | 000,093,240 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:45:12 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010/11/20 08:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 08:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 06:35:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:64bit: - [2010/11/20 06:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/08/18 23:19:46 | 000,020,488 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetdrv.sys -- (BT)
DRV:64bit: - [2010/04/06 19:33:10 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs)
DRV:64bit: - [2010/04/06 19:32:48 | 000,027,016 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV:64bit: - [2009/10/07 03:49:26 | 006,379,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2009/10/07 03:47:44 | 000,327,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2009/10/07 03:45:36 | 000,271,640 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
DRV:64bit: - [2009/10/07 02:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 02:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/17 15:02:20 | 000,036,872 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV:64bit: - [2009/06/17 15:02:12 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\blueletaudio.sys -- (BlueletAudio)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008/10/21 10:22:44 | 000,145,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017unic.sys -- (s0017unic)
DRV:64bit: - [2008/10/21 10:22:44 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017obex.sys -- (s0017obex)
DRV:64bit: - [2008/10/21 10:22:44 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017nd5.sys -- (s0017nd5)
DRV:64bit: - [2008/10/21 10:22:42 | 000,152,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdm.sys -- (s0017mdm)
DRV:64bit: - [2008/10/21 10:22:42 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mgmt.sys -- (s0017mgmt)
DRV:64bit: - [2008/10/21 10:22:42 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV:64bit: - [2008/10/21 10:22:40 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017bus.sys -- (s0017bus)
DRV:64bit: - [2008/06/27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/06/17 15:02:12 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\blueletaudio.sys -- (BlueletAudio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 02 AF 96 86 5B 96 CB 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {B36F8A13-8910-42D2-A22C-A18DB52ACE2E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{9E1C648E-5DCB-4741-9939-9A45FAF7BB97}: "URL" = http://duckduckgo.com/?q={searchTerms}
IE - HKCU\..\SearchScopes\{B36F8A13-8910-42D2-A22C-A18DB52ACE2E}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53172
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Search the Web"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://att.my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {73c39a20-8768-4a82-8b43-fc9535715c5c}:2.20
FF - prefs.js..extensions.enabledItems: {477c4c36-24eb-11da-94d4-00e08161165f}:2.7.6
FF - prefs.js..extensions.enabledItems: {7102aba3-045c-4ec2-b921-46d87636d84b}:2.10
FF - prefs.js..extensions.enabledItems: {99f30549-35d4-11d9-8a2a-396c6e707e82}:1.1.4
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.6
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.9.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {da7f40f0-8675-11db-b606-0800200c9a66}:3.04
FF - prefs.js..extensions.enabledItems: [email protected]:1.85
FF - prefs.js..extensions.enabledItems: {6d677280-ddfe-11dc-95ff-0800200c9a66}:0.4
FF - prefs.js..extensions.enabledItems: {269e35b1-cdde-11de-8a39-0800200c9a67}:0.3.3
FF - prefs.js..keyword.URL: "http://ws.infospace...._id=60531&qkw="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\nuance.com/DragonRIAPlugin: C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll (Nuance Communications Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Professional 8\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Scott\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Scott\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2013/03/14 15:24:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011/08/19 21:30:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013/10/15 10:58:10 | 000,173,427 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/04/21 21:26:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/19 12:21:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/23 10:31:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014/05/19 12:21:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013/03/14 15:24:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/04/21 21:26:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/19 12:21:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/23 10:31:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014/05/19 12:21:23 | 000,000,000 | ---D | M]
[2010/11/16 22:17:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Extensions
[2010/11/16 22:17:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2014/05/30 20:58:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions
[2010/11/22 21:23:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/22 21:23:27 | 000,000,000 | ---D | M] (EmailTheWeb.com) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{73c39a20-8768-4a82-8b43-fc9535715c5c}
[2014/03/24 14:20:05 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/05/26 09:06:28 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2013/03/23 21:13:10 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\[email protected]
[2013/06/27 16:17:01 | 000,000,000 | ---D | M] (Pocket) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\[email protected]
[2010/11/22 21:25:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (Netfox) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{269e35b1-cdde-11de-8a39-0800200c9a67}
[2010/11/17 10:34:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{31309720-471b-11dd-ae16-0800200c9a66}
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (Neofox IE 6) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{3EB655F8-A508-11DB-8BC6-FD5B55D89593}
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (Grab and Drag) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{477c4c36-24eb-11da-94d4-00e08161165f}
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (Orthodox) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{6d677280-ddfe-11dc-95ff-0800200c9a66}
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (CHM Reader) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{6e098d65-7d2d-46d4-ada0-2f882a29f795}
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (History Submenus) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{7102aba3-045c-4ec2-b921-46d87636d84b}
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (EmailTheWeb.com) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{73c39a20-8768-4a82-8b43-fc9535715c5c}
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] ("Looks Familiar") -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{8d443e84-8d17-4211-948d-d033289ab0b4}
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (NoUn Buttons) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{99f30549-35d4-11d9-8a2a-396c6e707e82}
[2010/11/22 21:25:53 | 000,000,000 | ---D | M] (CoolChaser Toolbar) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{a2880346-35bb-45bb-9190-eedb49c132c5}
[2010/11/22 21:25:54 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/11/22 21:25:55 | 000,000,000 | ---D | M] (FOXSCAPE) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{da7f40f0-8675-11db-b606-0800200c9a66}
[2010/11/22 21:25:51 | 000,000,000 | ---D | M] (ClassicFox) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\[email protected]
[2010/11/22 21:25:51 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\[email protected]
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (Read It Later) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\[email protected]
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (Firefoxp) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\[email protected]
[2010/11/22 21:25:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\staged-xpis
[2010/11/22 21:25:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{da7f40f0-8675-11db-b606-0800200c9a66}\mozapps\extensions
[2012/06/27 14:01:00 | 000,827,050 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\[email protected]
[2012/06/27 14:01:02 | 000,811,915 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\[email protected]
[2014/05/15 08:49:22 | 000,017,922 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\[email protected]
[2012/06/27 14:29:25 | 000,316,198 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\[email protected]
[2013/08/03 13:36:10 | 000,070,941 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\[email protected]
[2013/12/23 19:42:39 | 000,159,912 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\[email protected]
[2014/03/13 10:10:58 | 003,679,842 | R--- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\[email protected]
[2014/03/13 10:10:58 | 000,062,091 | R--- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\[email protected]
[2013/08/03 12:06:57 | 000,067,795 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\[email protected]
[2013/08/03 12:06:57 | 000,066,429 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\[email protected]
[2014/01/02 16:08:14 | 000,475,779 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2014/05/08 11:09:20 | 000,692,058 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
[2014/05/30 20:58:06 | 000,537,411 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2014/04/22 11:09:22 | 003,648,308 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{13b4437e-b706-11dc-8314-0800200c9a66}.xpi
[2013/12/25 16:06:40 | 000,179,023 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{477c4c36-24eb-11da-94d4-00e08161165f}.xpi
[2014/05/28 17:20:22 | 000,533,329 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014/05/01 11:09:20 | 000,957,880 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011/12/11 11:03:41 | 000,002,964 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{d618933b-9eb4-1c04-949d-0f9b1a39ebb9}.xpi
[2014/04/22 11:09:20 | 001,775,810 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{da7f40f0-8675-11db-b606-0800200c9a66}.xpi
[2013/12/15 16:04:45 | 001,156,402 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\990y0zbd.hippeaux\extensions\{fd2f951f-77ea-4938-9493-0c892c027a13}.xpi
[2008/01/31 13:06:03 | 000,457,744 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{3EB655F8-A508-11DB-8BC6-FD5B55D89593}\chrome\tmp.xpi
[1980/01/01 00:00:00 | 000,001,502 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{da7f40f0-8675-11db-b606-0800200c9a66}\mozapps\xpinstall\xpinstallConfirm.css
[2008/08/04 19:49:52 | 000,000,541 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\{da7f40f0-8675-11db-b606-0800200c9a66}\mozapps\xpinstall\xpinstallItemGeneric.png
[2010/09/20 22:37:40 | 000,228,647 | ---- | M] () (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\New folder\dg9898ot.default\extensions\staged-xpis\[email protected]\tmp-1.xpi
[2014/04/21 21:26:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/04/21 21:26:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2014/04/21 21:26:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/04/21 21:26:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/03/19 04:58:26 | 000,067,216 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/14 17:02:42 | 008,523,264 | ---- | M] (LizardTech) -- C:\Program Files (x86)\mozilla firefox\plugins\npexview.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://att.my.yahoo.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Scott\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Scott\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Scott\AppData\Local\Google\Chrome\Application\35.0.1916.114\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Contribute CS5.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Scott\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.7.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Speed Dial = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.6_0\
CHR - Extension: Closed tabs = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\
CHR - Extension: Dragon NaturallySpeaking Rich Internet Application Support = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn\1.0_0\
CHR - Extension: Recent History (Toolbar Icon) = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\milbdjfbgdilllphgdmlahonjodlfokh\2.1.4.1_0\
CHR - Extension: Incredible StartPage - Productive Start Page = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeghkpohnalmpblddmnppfooljekh\1.7.2_0\
CHR - Extension: Google Wallet = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Slinky Brushed = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\piiokbhpgldooopjdacdondngonfljoc\19.6_0\
CHR - Extension: Gmail = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2011/08/19 18:45:48 | 000,000,922 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Professional 8\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Gaaiho PDF Conversion Toolbar Helper) - {C7DA0384-42AA-428c-B832-88AC343DE1A8} - C:\Program Files (x86)\Nuance\PDF Professional 8\bin\gzeoniefavclient.dll (Zeon Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Nuance PDF) - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files (x86)\Nuance\PDF Professional 8\bin\gzeoniefavclient.dll (Zeon Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [NCsoft] File not found
O4 - Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:64bit: - Extra context menu item: Append the content of the link to an existing PDF file - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Append the content of the selected links to an existing PDF file - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to existing PDF file - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Create PDF file - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Create PDF file from the content of the link - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Create PDF files from the selected links - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Download with &Shareaza - C:\Program Files (x86)\Shareaza\RazaWebHook64.dll (Shareaza Development Team)
O8:64bit: - Extra context menu item: Open with Nuance PDF Converter 8 - C:\Program Files (x86)\Nuance\PDF Professional 8\cnvres_eng.dll (Nuance Communications, Inc.)
O8:64bit: - Extra context menu item: Open with PDF Professional 8 - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Append the content of the link to an existing PDF file - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Append the content of the selected links to an existing PDF file - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to existing PDF file - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Create PDF file - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Create PDF file from the content of the link - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Create PDF files from the selected links - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\GZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Download with &Shareaza - C:\Program Files (x86)\Shareaza\RazaWebHook64.dll (Shareaza Development Team)
O8 - Extra context menu item: Open with Nuance PDF Converter 8 - C:\Program Files (x86)\Nuance\PDF Professional 8\cnvres_eng.dll (Nuance Communications, Inc.)
O8 - Extra context menu item: Open with PDF Professional 8 - C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: cleverreach.com ([novastor] http in Trusted sites)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: google-analytics.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: novastor.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: novastor.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F8E2FBA-ED5D-4E9B-89B7-A4D1D27DA700}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\jpip - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\sidlet - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\jpip {B92DD248-E3D5-4A92-B311-C9B841681455} - C:\Program Files (x86)\LizardTech\ExpressView\expressview.dll (LizardTech)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sidlet {B92DD248-E3D5-4A92-B311-C9B841681455} - C:\Program Files (x86)\LizardTech\ExpressView\expressview.dll (LizardTech)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/21 11:00:07 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/05/29 18:09:05 | 000,000,000 | ---D | C] -- C:\Users\Scott\Desktop\New folder (2)
[2014/05/28 20:32:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/05/28 19:52:34 | 000,000,000 | --SD | C] -- C:\ComboFix
[2014/05/28 18:54:30 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/05/28 18:27:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/05/28 18:27:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/05/28 18:27:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/05/28 18:23:28 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/05/28 18:22:27 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/05/28 18:09:23 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/05/28 17:51:59 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/05/28 17:49:39 | 000,000,000 | ---D | C] -- C:\Users\Scott\Desktop\Cleaning
[2014/05/28 16:13:58 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/05/28 15:49:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2.old
[2014/05/28 15:27:47 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2014/05/28 11:26:04 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\Seagate
[2014/05/28 11:23:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2014/05/19 12:22:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2014/05/18 19:12:37 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\DropboxMaster
[2014/05/18 13:15:58 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\TS3Client
[2014/05/18 13:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2014/05/18 13:15:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2014/05/14 13:38:13 | 017,938,608 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/07/12 13:19:33 | 009,822,920 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Scott\install_flash_player.exe
[2010/11/20 14:45:12 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Scott\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 30 Days ==========
[2014/06/02 11:10:19 | 000,000,086 | ---- | M] () -- C:\Windows\SysNative\jvmw.kqe
[2014/06/02 10:51:29 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-264554239-1153572309-3190330408-1001UA1ce4fdd6bac1e93.job
[2014/06/02 10:38:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/02 10:24:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6b89592f8da9.job
[2014/06/02 10:19:05 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-264554239-1153572309-3190330408-1001UA1cf4c4cdb2d5fe2.job
[2014/06/02 09:34:12 | 000,017,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/02 09:34:12 | 000,017,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/02 09:22:13 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf4c50f5ef2f27.job
[2014/06/02 09:22:10 | 000,001,169 | ---- | M] () -- C:\Windows\SysWow64\bscs.ini
[2014/06/02 09:22:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/02 09:21:58 | 2145,509,375 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/02 08:18:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-264554239-1153572309-3190330408-1001Core1cf4c4cda11646a.job
[2014/06/02 08:12:54 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\At2.job
[2014/06/02 08:12:54 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\At1.job
[2014/06/01 15:01:00 | 000,003,392 | -H-- | M] () -- C:\ProgramData\nsActivation.act
[2014/05/28 21:19:01 | 514,093,051 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/05/28 13:14:31 | 000,794,966 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/05/28 13:14:31 | 000,661,680 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/05/28 13:14:31 | 000,121,598 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/05/28 08:37:40 | 000,001,049 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/25 14:40:22 | 000,001,848 | ---- | M] () -- C:\Users\Scott\Desktop\Launch Icon (with NPC pieces).bat - Shortcut.lnk
[2014/05/25 14:40:16 | 000,001,848 | ---- | M] () -- C:\Users\Scott\Desktop\Launch Icon (Costume Creator).bat - Shortcut.lnk
[2014/05/23 19:08:42 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2014/05/23 16:13:35 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\gajd.edv
[2014/05/23 16:13:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\uhkgabk.sff
[2014/05/23 15:57:31 | 000,310,760 | --S- | M] () -- C:\Windows\SysNative\hbhsp.xzh
[2014/05/22 17:03:37 | 005,052,504 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/05/19 12:21:24 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 8 Professional.lnk
[2014/05/19 09:36:21 | 000,002,595 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\SAS7_000.DAT
[2014/05/18 13:15:52 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2014/05/18 09:10:23 | 000,000,132 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2014/05/14 13:38:18 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/05/14 13:38:18 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/14 13:38:13 | 017,938,608 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
========== Files Created - No Company Name ==========
[2014/05/28 18:27:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/05/28 18:27:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/05/28 18:27:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/05/28 18:27:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/05/28 18:27:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/05/25 14:40:22 | 000,001,848 | ---- | C] () -- C:\Users\Scott\Desktop\Launch Icon (with NPC pieces).bat - Shortcut.lnk
[2014/05/25 14:40:16 | 000,001,848 | ---- | C] () -- C:\Users\Scott\Desktop\Launch Icon (Costume Creator).bat - Shortcut.lnk
[2014/05/23 16:24:37 | 000,000,086 | ---- | C] () -- C:\Windows\SysNative\jvmw.kqe
[2014/05/23 16:13:35 | 000,000,064 | ---- | C] () -- C:\Windows\SysNative\gajd.edv
[2014/05/23 16:13:35 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\uhkgabk.sff
[2014/05/23 15:57:31 | 000,310,760 | --S- | C] () -- C:\Windows\SysNative\hbhsp.xzh
[2014/05/19 12:21:24 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 8.lnk
[2014/05/19 12:21:24 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk
[2014/05/19 12:21:24 | 000,002,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk
[2014/05/19 12:21:24 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 8 Professional.lnk
[2014/05/18 13:15:52 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2014/05/09 08:19:46 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6b89592f8da9.job
[2014/02/27 14:48:34 | 000,395,264 | ---- | C] () -- C:\Windows\SysWow64\pythoncom27.dll
[2014/02/27 14:48:34 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\pywintypes27.dll
[2014/02/27 14:48:34 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\pythoncomloader27.dll
[2013/09/20 14:03:34 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2013/05/19 14:18:30 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013/05/12 15:19:15 | 000,187,904 | ---- | C] () -- C:\Windows\SysWow64\imsispd.exe
[2013/05/12 15:17:21 | 000,249,344 | ---- | C] () -- C:\Windows\SysWow64\imsised.exe
[2013/05/12 15:17:21 | 000,070,656 | ---- | C] () -- C:\Windows\SysWow64\imsfchk.dll
[2013/02/10 12:41:22 | 000,034,816 | ---- | C] () -- C:\Users\Scott\murmur.sqlite
[2012/09/13 19:05:43 | 000,774,812 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/05 17:38:32 | 000,000,053 | RHS- | C] () -- C:\ProgramData\1.13.1.lic
[2012/08/05 17:38:28 | 000,003,392 | -H-- | C] () -- C:\ProgramData\nsActivation.act
[2012/08/03 15:40:39 | 000,000,059 | ---- | C] () -- C:\Windows\spwdrhsa.INI
[2012/07/17 16:56:07 | 000,000,132 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/12/19 12:54:08 | 000,004,812 | -HS- | C] () -- C:\Users\Scott\AppData\Local\s1qr71m2it4nvu
[2011/12/19 12:54:08 | 000,004,812 | -HS- | C] () -- C:\ProgramData\s1qr71m2it4nvu
[2011/09/24 16:20:09 | 000,002,595 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\SAS7_000.DAT
[2011/03/06 17:30:34 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Resources
[2011/03/06 17:30:34 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Repeat Routines
[2011/03/06 17:30:34 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Receipts
[2011/03/06 17:30:34 | 000,000,268 | RH-- | C] () -- C:\Users\Scott\AppData\Roaming\Quartz Composer
[2011/03/06 17:30:34 | 000,000,268 | RH-- | C] () -- C:\Users\Scott\AppData\Roaming\Project Templates
[2011/03/06 17:30:34 | 000,000,268 | RH-- | C] () -- C:\Users\Scott\AppData\Roaming\Profiles
[2011/03/06 17:30:34 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2011/03/06 17:30:34 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011/03/06 17:30:34 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2010/11/22 18:02:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/11/20 14:45:12 | 000,007,859 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\pcouffin.cat
[2010/11/20 14:45:12 | 000,001,167 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\pcouffin.inf
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 964 bytes -> C:\Users\Scott\AppData\Local\Temp:EMhRuAazUzpmse8jlfe1NJ0xct0rvp
@Alternate Data Stream - 247 bytes -> C:\ProgramData\TEMP:0FF263E8
@Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:AEC0AC81
@Alternate Data Stream - 182 bytes -> C:\ProgramData\TEMP:2683706C
@Alternate Data Stream - 16 bytes -> C:\Users\Scott\Downloads:Shareaza.GUID
< End of report >