Within the last few days I have been receiving alerts from my AV (pctools, and threatfire) that actions are being blocked, infections are being found,etc. but full scans fail to remove the offending program, but do identify it as trojan.gen and trojan.zeroaccess. My Dsl modem and hard drive lights indicate heavy traffic when the computer is idle. I have taken to unplugging the modem when I'm not online. HELP! Here is the OTL log:
OTL logfile created on: 1/12/2013 10:16:29 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\RipNmaggie\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.99 Gb Total Physical Memory | 1.50 Gb Available Physical Memory | 50.00% Memory free
6.20 Gb Paging File | 4.46 Gb Available in Paging File | 71.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.96 Gb Total Space | 38.75 Gb Free Space | 27.30% Space Free | Partition Type: NTFS
Drive D: | 7.09 Gb Total Space | 0.25 Gb Free Space | 3.55% Space Free | Partition Type: NTFS
Computer Name: RIPNMAGGIE-PC | User Name: RipNmaggie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/01/12 09:18:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\RipNmaggie\Desktop\OTL.exe
PRC - [2012/09/28 07:13:49 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\realplayer\Update\realsched.exe
PRC - [2012/06/22 14:34:12 | 002,673,624 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe
PRC - [2012/06/22 14:34:12 | 001,118,680 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
PRC - [2012/06/22 13:21:50 | 000,402,368 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
PRC - [2012/06/22 10:38:46 | 000,575,448 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2011/02/22 13:57:34 | 000,378,128 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFTray.exe
PRC - [2011/02/22 13:57:30 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe
PRC - [2011/02/07 11:56:11 | 000,138,192 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2010/09/13 11:48:12 | 000,025,704 | R--- | M] (Amazon.com) -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
PRC - [2009/09/15 17:47:36 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/06/02 17:50:34 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/06/02 17:50:32 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/01/15 10:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/11/20 06:34:52 | 000,155,648 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006/09/28 08:42:24 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2002/06/20 15:36:38 | 000,077,824 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
========== Modules (No Company Name) ==========
MOD - [2011/04/14 07:22:02 | 000,068,448 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2002/06/20 15:36:44 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
MOD - [2002/06/20 15:36:38 | 000,077,824 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
========== Services (SafeList) ==========
SRV - [2012/06/22 14:34:12 | 001,118,680 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2012/06/22 13:21:50 | 000,402,368 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2012/06/22 10:38:46 | 000,575,448 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2011/04/14 07:21:15 | 000,587,088 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/02/22 13:57:30 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2011/02/07 11:56:11 | 000,138,192 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010/09/13 11:48:12 | 000,025,704 | R--- | M] (Amazon.com) [Auto | Running] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2009/10/28 17:29:37 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/06/02 17:50:34 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/03/11 21:02:52 | 000,131,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2007/03/11 20:24:50 | 000,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/06/22 14:34:52 | 000,203,120 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\PCTSD.sys -- (PCTSD)
DRV - [2012/06/22 10:39:14 | 000,070,768 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PCTBD.sys -- (PCTBD)
DRV - [2012/04/23 11:36:50 | 000,383,368 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2012/02/28 10:43:06 | 000,909,728 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\System32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2012/02/28 10:43:00 | 000,342,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pctDS.sys -- (pctDS)
DRV - [2011/02/22 13:57:52 | 000,069,392 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2011/02/22 13:57:52 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2011/02/22 13:57:50 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2010/12/09 14:24:51 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/01/25 09:08:37 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AFS.SYS -- (AFS)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/06/04 07:20:06 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/04/10 23:46:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023.sys -- (USB_RNDIS_51)
DRV - [2008/05/08 04:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 04:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\URLSearchHook: {b80f591e-fe9a-46cf-a13e-180377240586} - No CLSID value found
IE - HKCU\..\URLSearchHook: {b843a48a-b70f-45cd-a15a-6c2b30c2c11e} - C:\Program Files\Gamers Unite! Snag Bar\Helper.dll ()
IE - HKCU\..\SearchScopes,DefaultScope = {6E4870F2-824B-4593-8B29-19BB3C55312B}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{547EEAAC-3665-4e6c-B326-C622D698543A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{6E4870F2-824B-4593-8B29-19BB3C55312B}: "URL" = http://ws.infospace....w={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2857573
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Search the Web"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://bing.zugo.com...fg=2-77-0-IUv5"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {34EFA911-B536-4C08-BECE-CD5E55C875B0}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {46d606b0-a645-11df-981c-0800200c9a66}:1.0.20
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@fileplanet.com/fpdlm: C:\Program Files\Download Manager\npfpdlm.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\RipNmaggie\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\RipNmaggie\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\ [2012/10/31 08:55:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/09/28 07:15:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/28 07:15:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/28 07:19:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F18C0537-AE1E-4362-81F7-515663426F29}: C:\Users\RipNmaggie\AppData\Local\{F18C0537-AE1E-4362-81F7-515663426F29} [2011/04/19 05:56:51 | 000,000,000 | ---D | M]
[2009/07/21 06:09:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RipNmaggie\AppData\Roaming\Mozilla\Extensions
[2011/02/06 09:20:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RipNmaggie\AppData\Roaming\Mozilla\Firefox\Profiles\fszdun30.default\extensions
[2009/07/21 06:17:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\RipNmaggie\AppData\Roaming\Mozilla\Firefox\Profiles\fszdun30.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/24 11:33:12 | 000,000,000 | ---D | M] (ShopToWin9) -- C:\Users\RipNmaggie\AppData\Roaming\Mozilla\Firefox\Profiles\fszdun30.default\extensions\{46d606b0-a645-11df-981c-0800200c9a66}
[2010/06/04 09:04:15 | 000,000,000 | ---D | M] (Gamers Unite! Snag Bar) -- C:\Users\RipNmaggie\AppData\Roaming\Mozilla\Firefox\Profiles\fszdun30.default\extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}
[2010/09/26 21:14:15 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\RipNmaggie\AppData\Roaming\Mozilla\Firefox\Profiles\fszdun30.default\extensions\[email protected]
[2010/06/04 09:03:31 | 000,001,844 | ---- | M] () -- C:\Users\RipNmaggie\AppData\Roaming\Mozilla\Firefox\Profiles\fszdun30.default\searchplugins\bing-ff.xml
[2012/01/08 14:23:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/14 21:30:12 | 000,000,000 | ---D | M] (ResultBar) -- C:\Program Files\Mozilla Firefox\extensions\{34EFA911-B536-4C08-BECE-CD5E55C875B0}
[2012/01/03 13:57:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2012/01/08 14:23:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/09/28 07:14:29 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
========== Chrome ==========
CHR - homepage: http://www.google.com/ig
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/ig
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\RipNmaggie\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\RipNmaggie\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\RipNmaggie\AppData\Local\Google\Chrome\Application\24.0.1312.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\RipNmaggie\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: IGN Download Manager Plug-in (Enabled) = C:\Program Files\Download Manager\npfpdlm.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = C:\Users\RipNmaggie\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Entanglement = C:\Users\RipNmaggie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Angry Birds = C:\Users\RipNmaggie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Brushed = C:\Users\RipNmaggie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\RipNmaggie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gamers Unite! Snag Bar = C:\Users\RipNmaggie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjdgpblkmmekbpdolbhlljkdhkplnkf\1.0.18_2\
CHR - Extension: Poppit = C:\Users\RipNmaggie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {16CDE0AA-8522-4353-BB65-A0D738912AFA} - C:\Program Files\Internet Explorer\PLUGINS\vvzpath.dll (Quickisearch Ltd.)
O2 - BHO: (Freecause Toolbar BHO) - {26A7CA19-7D58-411D-B2DA-F1B0324CBFFC} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll ()
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0983.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0983.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Gamers Unite! Snag Bar) - {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Gamers Unite! Snag Bar) - {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [autoclk] autoclk.exe File not found
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - Startup: C:\Users\RipNmaggie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: //@surf.mar@/ ([]money in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://static.ak.fac...b?1271388982625 (Reg Error: Key error.)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane..._2.3.10.115.cab (CDownloadCtrl Object)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2011DBF5-A49B-4069-BE8B-D7F5E4CF169B}: DhcpNameServer = 10.0.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6CB7118-2364-444B-B6FE-0FA81F84FB0F}: DhcpNameServer = 10.0.0.2
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\RipNmaggie\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\RipNmaggie\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/01/12 10:04:05 | 005,021,494 | ---- | C] (Swearware) -- C:\Users\RipNmaggie\Desktop\ComboFix.exe
[2013/01/12 09:19:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\RipNmaggie\Desktop\OTL.exe
[2013/01/09 20:06:47 | 000,000,000 | ---D | C] -- C:\Microsoft_SDK
[2013/01/09 08:59:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Money Plus
[2013/01/09 08:59:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Money Plus
[2013/01/01 16:47:17 | 000,000,000 | ---D | C] -- C:\Users\RipNmaggie\AppData\Local\{5D1E1294-3895-4F88-8D38-84166B40FC56}
[2013/01/01 16:44:59 | 000,000,000 | ---D | C] -- C:\Users\RipNmaggie\AppData\Local\{D56DC3A7-3DBB-412D-8A7A-00C3C11B6267}
[2012/12/25 19:16:43 | 000,000,000 | ---D | C] -- C:\Users\RipNmaggie\AppData\Local\{381EBC47-3901-4575-9EBC-2352C6DDD6C9}
[2012/12/16 18:21:02 | 000,000,000 | ---D | C] -- C:\Users\RipNmaggie\AppData\Local\{A4B0F649-DF98-4799-BCE6-EB793E11DF93}
[2012/12/16 18:00:45 | 000,000,000 | ---D | C] -- C:\Users\RipNmaggie\AppData\Local\{C84ECD5D-1520-4466-B197-6ECEDAA6FDB0}
[2010/01/11 19:51:02 | 004,284,535 | ---- | C] (ffdshow ) -- C:\Users\RipNmaggie\AppData\Roaming\ffdshow.exe
[2010/01/11 19:50:49 | 000,642,685 | ---- | C] (Xvid team ) -- C:\Users\RipNmaggie\AppData\Roaming\xvid.exe
[2010/01/11 19:49:59 | 002,169,915 | ---- | C] (LIGHTNING UK!) -- C:\Users\RipNmaggie\AppData\Roaming\Imgburn.exe
[2010/01/11 19:48:30 | 004,182,178 | ---- | C] (The Public) -- C:\Users\RipNmaggie\AppData\Roaming\Avisynth.exe
========== Files - Modified Within 30 Days ==========
[2013/01/12 10:03:53 | 005,021,494 | ---- | M] (Swearware) -- C:\Users\RipNmaggie\Desktop\ComboFix.exe
[2013/01/12 09:35:05 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2226117573-1085798453-351222274-1000UA.job
[2013/01/12 09:18:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\RipNmaggie\Desktop\OTL.exe
[2013/01/12 08:26:56 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/12 08:26:56 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/11 19:35:02 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2226117573-1085798453-351222274-1000Core.job
[2013/01/11 15:48:44 | 003,862,528 | ---- | M] () -- C:\Users\RipNmaggie\Documents\New Money.mny
[2013/01/11 08:26:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/10 15:47:40 | 002,387,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/10 12:50:49 | 000,626,838 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/10 12:50:49 | 000,106,464 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/10 08:21:00 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2013/01/09 16:41:52 | 002,301,691 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2013/01/09 09:10:37 | 003,407,872 | ---- | M] () -- C:\Users\RipNmaggie\Documents\My Money2.mny
[2013/01/07 20:00:00 | 000,000,674 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - RipNmaggie.job
[2013/01/01 17:01:58 | 000,458,779 | ---- | M] () -- C:\Users\RipNmaggie\Desktop\DSCN4155portrait.jpg
[2012/12/25 19:20:19 | 000,264,235 | ---- | M] () -- C:\Users\RipNmaggie\Desktop\Mom and Eric 001 (2).jpg
[2012/12/16 18:20:06 | 001,963,518 | ---- | M] () -- C:\Users\RipNmaggie\Desktop\2012Tree.jpg
[2012/12/16 17:58:42 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdu.DAT
[2012/12/15 21:39:03 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRipNmaggie.job
========== Files Created - No Company Name ==========
[2013/01/09 09:09:09 | 001,998,848 | ---- | C] () -- C:\Users\RipNmaggie\Documents\My Money2.MN8
[2013/01/09 09:03:37 | 003,862,528 | ---- | C] () -- C:\Users\RipNmaggie\Documents\New Money.mny
[2013/01/01 17:01:52 | 000,458,779 | ---- | C] () -- C:\Users\RipNmaggie\Desktop\DSCN4155portrait.jpg
[2012/12/25 19:20:15 | 000,264,235 | ---- | C] () -- C:\Users\RipNmaggie\Desktop\Mom and Eric 001 (2).jpg
[2012/12/16 18:20:02 | 001,963,518 | ---- | C] () -- C:\Users\RipNmaggie\Desktop\2012Tree.jpg
[2012/12/16 03:41:08 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/16 03:41:08 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/12/13 23:30:33 | 004,719,462 | ---- | C] () -- C:\Users\RipNmaggie\Desktop\DSCN4125.JPG
[2012/12/13 23:00:12 | 005,128,852 | ---- | C] () -- C:\Users\RipNmaggie\Desktop\DSCN4146.JPG
[2012/12/13 22:58:25 | 004,907,232 | ---- | C] () -- C:\Users\RipNmaggie\Desktop\DSCN4182.JPG
[2012/11/20 12:29:49 | 000,029,239 | ---- | C] () -- C:\Users\RipNmaggie\AppData\Roaming\UserTile.png
[2012/11/01 10:46:48 | 000,004,677 | ---- | C] () -- C:\Users\RipNmaggie\Get Organized.brain
[2012/01/02 11:17:40 | 000,004,772 | ---- | C] () -- C:\Users\RipNmaggie\Salient Thoughts.brain
[2011/12/23 15:53:58 | 000,767,960 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011/12/23 15:53:58 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll1010.old
[2011/04/07 11:57:22 | 000,000,120 | ---- | C] () -- C:\Users\RipNmaggie\AppData\Local\Dbubidifexemexiz.dat
[2011/04/07 11:57:22 | 000,000,000 | ---- | C] () -- C:\Users\RipNmaggie\AppData\Local\Ufowinozumahohew.bin
[2011/01/28 10:47:38 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/01/28 10:47:37 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/01/28 10:47:35 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/01/28 10:47:35 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/01/28 10:47:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/01/04 17:09:15 | 000,001,940 | ---- | C] () -- C:\Users\RipNmaggie\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/12 09:59:56 | 000,016,338 | ---- | C] () -- C:\Users\RipNmaggie\28648_135430056467604_100000018302261_383997_7572732_n.jpg
[2010/01/27 09:08:58 | 000,000,188 | ---- | C] () -- C:\Users\RipNmaggie\AppData\Roaming\Share-to-Web Upload Folder.zip
[2010/01/25 04:38:19 | 000,000,680 | ---- | C] () -- C:\Users\RipNmaggie\AppData\Local\d3d9caps.dat
[2009/12/02 16:04:35 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Importer
[2009/12/02 16:04:35 | 000,000,268 | RH-- | C] () -- C:\Users\RipNmaggie\AppData\Roaming\Image Capture
[2009/12/02 16:04:35 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/10/20 18:53:07 | 000,022,789 | ---- | C] () -- C:\Users\RipNmaggie\.recently-used.xbel
[2008/02/17 15:11:01 | 000,000,000 | -H-- | C] () -- C:\Users\RipNmaggie\hpothb07.tif
[2008/02/17 15:11:01 | 000,000,000 | -H-- | C] () -- C:\Users\RipNmaggie\hpothb07.dat
[2007/10/06 17:27:00 | 000,000,235 | ---- | C] () -- C:\Users\RipNmaggie\AppData\Roaming\devices.xml
[2007/10/06 17:27:00 | 000,000,012 | ---- | C] () -- C:\Users\RipNmaggie\AppData\Roaming\settings.xml
[2007/09/15 04:51:30 | 000,000,932 | ---- | C] () -- C:\Users\RipNmaggie\AppData\Roaming\wklnhst.dat
[2007/09/03 12:54:46 | 000,085,504 | ---- | C] () -- C:\Users\RipNmaggie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2013/01/08 14:07:41 | 000,002,048 | -HS- | M] () -- C:\$Recycle.bin\S-1-5-18\$11b7b40d861611e7172feb9aec999c32\@
[2013/01/08 14:07:41 | 000,059,904 | -HS- | M] () -- C:\$Recycle.bin\S-1-5-18\$11b7b40d861611e7172feb9aec999c32\n
[2013/01/08 14:07:41 | 000,000,000 | -HSD | M] -- C:\$Recycle.bin\S-1-5-18\$11b7b40d861611e7172feb9aec999c32\L
[2013/01/12 10:32:49 | 000,000,000 | -HSD | M] -- C:\$Recycle.bin\S-1-5-18\$11b7b40d861611e7172feb9aec999c32\U
[2013/01/11 15:50:05 | 000,000,928 | ---- | M] () -- C:\$Recycle.bin\S-1-5-18\$11b7b40d861611e7172feb9aec999c32\U\00000001.@
[2013/01/12 10:32:49 | 000,011,776 | ---- | M] () -- C:\$Recycle.bin\S-1-5-18\$11b7b40d861611e7172feb9aec999c32\U\80000000.@
[2013/01/12 10:32:49 | 000,021,504 | ---- | M] () -- C:\$Recycle.bin\S-1-5-18\$11b7b40d861611e7172feb9aec999c32\U\800000cb.@
[2006/11/02 07:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = C:\$Recycle.Bin\S-1-5-21-2226117573-1085798453-351222274-1000\$11b7b40d861611e7172feb9aec999c32\n.
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\$Recycle.Bin\S-1-5-18\$11b7b40d861611e7172feb9aec999c32\n. -- [2013/01/08 14:07:41 | 000,059,904 | -HS- | M] ()
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2009/11/28 05:43:31 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\Amazon
[2010/01/06 13:39:53 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\BitTorrent
[2012/11/11 15:26:12 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\Canon
[2010/12/09 14:30:49 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\DAEMON Tools Lite
[2011/11/20 10:25:49 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\eTeks
[2010/11/03 15:01:50 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\FFRend
[2012/08/08 09:49:58 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\Gamers Unite! Snag Bar for Chrome
[2012/01/02 15:33:12 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\GetRightToGo
[2009/10/20 18:53:07 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\gtk-2.0
[2010/01/12 14:32:27 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\ImgBurn
[2007/09/12 08:34:42 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\MusicNet
[2010/01/11 19:26:29 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\NCH Swift Sound
[2010/04/15 22:12:23 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\Nikon
[2008/11/25 09:11:02 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\OpenOffice.org
[2012/01/02 10:33:01 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\PersonalBrain
[2010/12/09 12:40:28 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\PriceGong
[2010/01/11 11:39:43 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\Recordpad
[2008/01/22 14:09:33 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\Template
[2011/12/23 15:28:21 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\TestApp
[2007/09/04 18:31:00 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\WildTangent
[2008/03/09 09:11:31 | 000,000,000 | ---D | M] -- C:\Users\RipNmaggie\AppData\Roaming\WinBatch
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
< End of report >