Problems

Jtsou · Dec 13, 2012

OTL logfile created on: 12/13/2012 9:05:29 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Josh\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 62.80% Memory free
6.72 Gb Paging File | 5.50 Gb Available in Paging File | 81.88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596.17 Gb Total Space | 40.00 Gb Free Space | 6.71% Space Free | Partition Type: NTFS
Drive D: | 7.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JOSHDESKTOP | User Name: Josh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Josh\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe (Uniblue Systems Ltd)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
PRC - C:\Windows\System32\sdclt.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe (National Instruments Corporation)
PRC - C:\Windows\System32\nisvcloc.exe (National Instruments Corp.)
PRC - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)
PRC - C:\Windows\System32\lktsrv.exe (National Instruments Corporation)
PRC - C:\Windows\System32\lkads.exe (National Instruments Corporation)
PRC - C:\Windows\System32\lkcitdl.exe (National Instruments, Inc.)
PRC - C:\Program Files\National Instruments\MAX\nimxs.exe (National Instruments Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()

========== Services (SafeList) ==========

SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (tvnserver) -- C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (NITaggerService) -- C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe (National Instruments Corporation)
SRV - (niSvcLoc) -- C:\Windows\System32\nisvcloc.exe (National Instruments Corp.)
SRV - (NIDomainService) -- C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)
SRV - (lkTimeSync) -- C:\Windows\System32\lktsrv.exe (National Instruments Corporation)
SRV - (lkClassAds) -- C:\Windows\System32\lkads.exe (National Instruments Corporation)
SRV - (OpcEnum) -- C:\Windows\System32\Opcenum.exe (OPC Foundation)
SRV - (LkCitadelServer) -- C:\Windows\System32\lkcitdl.exe (National Instruments, Inc.)
SRV - (mxssvr) -- C:\Program Files\National Instruments\MAX\nimxs.exe (National Instruments Corporation)
SRV - (NILM License Manager) -- C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation)

========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (GPU-Z) -- C:\Users\Josh\AppData\Local\Temp\GPU-Z.sys File not found
DRV - (cpuz130) -- C:\Users\Josh\AppData\Local\Temp\cpuz130\cpuz_x32.sys File not found
DRV - (catchme) -- C:\Users\Josh\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (silabser) -- C:\Windows\System32\drivers\silabser.sys (Silicon Laboratories)
DRV - (silabenm) -- C:\Windows\System32\drivers\silabenm.sys (Silicon Laboratories)
DRV - (cpuz135) -- C:\Windows\System32\drivers\cpuz135_x32.sys (CPUID)
DRV - (RivaTuner32) -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys ()
DRV - (JL2005C) -- C:\Windows\System32\drivers\jl2005c.sys (Windows (R) 2000 DDK provider)
DRV - (RsFx0103) -- C:\Windows\System32\drivers\RsFx0103.sys (Microsoft Corporation)
DRV - (motccgpfl) -- C:\Windows\System32\drivers\motccgpfl.sys (Motorola)
DRV - (motccgp) -- C:\Windows\System32\drivers\motccgp.sys (Motorola)
DRV - (DS1410D) -- C:\Windows\System32\drivers\DS1410D.sys (Dallas Semiconductor MAXIM)
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (cvintdrv) -- C:\Windows\System32\drivers\cvintdrv.sys ()
DRV - (motport) -- C:\Windows\System32\drivers\motport.sys (Motorola)
DRV - (motmodem) -- C:\Windows\System32\drivers\motmodem.sys (Motorola)
DRV - (Ser2pl) -- C:\Windows\System32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (CommSB96) -- C:\Windows\System32\drivers\COMMSB96.sys (Motorola)
DRV - (CommSBEP) -- C:\Windows\System32\drivers\COMMSBEP.sys (Motorola)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Coupons.com - Top Trending Coupons
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\..\URLSearchHook: {f122b94e-0c50-13c4-c9d3-893faefad90b} - C:\Program Files\Shop to Win 27\Helper.dll ()
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\..\SearchScopes,DefaultScope = {306FA7DD-3B7B-4057-B4BD-34879C18AFCC}
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\..\SearchScopes\{306FA7DD-3B7B-4057-B4BD-34879C18AFCC}: "URL" = http://start.funmoods.com/results.php?f=4&a=axl&q={searchTerms}
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\..\SearchScopes\{BC364A77-1EA2-BC9C-F6F5-CC73E1D83A10}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z133&form=ZGAIDF&install_date=20111227&iesrc={referrer:source}
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\..\SearchScopes\{CE3A3FD1-0A27-07DC-3FED-9D0FBEBC1CD0}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z131&form=ZGAIDF&install_date=20111227&iesrc={referrer:source}
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledAddons: links@freeworkz.com:1.0.0
FF - prefs.js..extensions.enabledAddons: smartlinks@getsmartlinks.com:1.0.35
FF - prefs.js..extensions.enabledAddons: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledAddons: {f34c9277-6577-4dff-b2d7-7d58092f272f}:1.0.0.12
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.12
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.MyFunCards_5m.com/Plugin: C:\Program Files\MyFunCards_5mEI\Installr\1.bin\NP5mEISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@ei.MyScrapNook_12.com/Plugin: C:\Program Files\MyScrapNook_12EI\Installr\1.bin\NP12EISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@ei.Webfetti_52.com/Plugin: C:\Program Files\Webfetti_52EI\Installr\1.bin\NP52EISB.dll (Webfetti)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Josh\AppData\Local\Roblox\Versions\version-7f608c9e01fb44d4\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Josh\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Josh\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Josh\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Josh\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}: C:\Program Files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/27 18:07:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/04 10:34:07 | 000,000,000 | ---D | M]

[2012/11/10 18:56:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\Extensions
[2012/11/21 12:32:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions
[2012/11/21 12:32:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/11/10 18:56:30 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}
[2012/04/26 20:25:35 | 000,000,000 | ---D | M] (FreeWorkz) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\links@freeworkz.com
[2011/08/20 18:44:53 | 000,000,000 | ---D | M] (BetterLinks) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\smartlinks@getsmartlinks.com
[2012/11/20 12:01:39 | 000,554,816 | ---- | M] () (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\{70a82904-3146-7b54-d1d2-81a0dce450cf}.xpi
[2012/11/10 18:56:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/07 16:18:56 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/11/10 18:56:40 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2011/06/11 02:01:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/10/27 18:07:37 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/09 16:09:28 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2007/07/24 18:03:42 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv85win32.dll
[2012/08/29 10:25:52 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2012/10/20 11:48:09 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FreeWorkz Games) - {D1ECD019-8423-43de-98D1-7892AF2DA309} - C:\Program Files\FreeWorkz\FreeWorkzIE.dll (FreeWorkz)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Shop to Win) - {EE146ACC-D881-1414-2148-B1D008B47ADB} - C:\Program Files\Shop to Win 27\Shop to Win 27.dll (Shop To Win, LLC)
O3 - HKLM\..\Toolbar: (no name) - !{8dcb7100-df86-4384-8842-8fa844297b3f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Coupons.com CouponBar) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-3950573694-155688357-640864980-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3950573694-155688357-640864980-1000..\Run: [DriverFinder] C:\Program Files\DriverFinder\DriverFinder.exe File not found
O4 - HKU\S-1-5-21-3950573694-155688357-640864980-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3950573694-155688357-640864980-1000..\Run: [SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe (Uniblue Systems Ltd)
O4 - Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7DB7E52-DF48-40EA-91EA-FFD8BD9E7E98}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/05/10 18:31:28 | 000,000,139 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/13 08:43:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Josh\Desktop\OTL.exe
[2012/12/13 08:39:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/12/13 01:08:23 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/12/13 01:08:23 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\temp
[2012/12/12 23:33:55 | 000,000,000 | --SD | C] -- C:\Vageta1258V
[2012/12/10 09:41:13 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\PSREdit
[2012/12/10 09:40:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSREdit
[2012/12/10 09:40:59 | 000,000,000 | ---D | C] -- C:\Program Files\PSREdit
[2012/12/10 09:40:19 | 005,504,197 | ---- | C] (PSREdit Software) -- C:\Users\Josh\Desktop\PSREdit500_Setup_1.93R3.exe
[2012/12/10 09:27:58 | 000,000,000 | ---D | C] -- C:\Users\Josh\Desktop\Win500
[2012/12/04 00:43:42 | 000,000,000 | ---D | C] -- C:\Vageta11310V
[2012/12/04 00:43:24 | 000,000,000 | ---D | C] -- C:\Vageta4155V
[2012/12/04 00:42:26 | 000,000,000 | ---D | C] -- C:\Vageta17506V
[2012/12/04 00:42:25 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2012/12/04 00:41:28 | 000,000,000 | ---D | C] -- C:\Vageta
[2012/12/03 23:47:27 | 000,000,000 | ---D | C] -- C:\Users\Josh\Desktop\BurnCDCC
[2012/12/03 23:31:24 | 000,000,000 | ---D | C] -- C:\Users\Josh\Desktop\grub4dos
[2012/12/03 18:42:06 | 005,011,070 | R--- | C] (Swearware) -- C:\Users\Josh\Desktop\Vageta.com
[2012/12/03 14:41:28 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\Google
[2012/12/01 09:20:38 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Josh\Desktop\dds.scr
[2012/12/01 07:49:32 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/12/01 07:49:32 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Roaming\Malwarebytes
[2012/12/01 07:49:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/12/01 07:49:24 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/12/01 07:49:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/12/01 07:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/28 07:12:11 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\ESN
[2012/11/27 21:30:57 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\Origin
[2012/11/27 21:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012/11/21 22:48:59 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Roaming\dvdcss
[2012/11/21 22:47:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
[2012/11/21 22:47:50 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Roaming\Digiarty
[2012/11/21 22:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\Digiarty
[2007/10/04 10:03:02 | 000,942,080 | ---- | C] (Motorola Inc.) -- C:\Users\Josh\PPS
[2007/10/04 10:03:02 | 000,942,080 | ---- | C] (Motorola Inc.) -- C:\Users\Josh\minpps2.exe
[2 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/13 08:45:09 | 000,714,488 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/13 08:45:09 | 000,147,088 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/13 08:43:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Josh\Desktop\OTL.exe
[2012/12/13 08:39:43 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/13 08:39:42 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\PCConfidential.job
[2012/12/13 08:39:42 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC.job
[2012/12/13 08:39:35 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/13 08:39:35 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/13 08:39:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/13 08:39:29 | 3488,735,232 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/13 08:24:26 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/13 08:19:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3950573694-155688357-640864980-1000UA.job
[2012/12/13 08:14:23 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/13 01:19:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3950573694-155688357-640864980-1000Core.job
[2012/12/12 23:32:32 | 005,011,070 | R--- | M] (Swearware) -- C:\Users\Josh\Desktop\Vageta.com
[2012/12/12 23:06:09 | 000,138,056 | ---- | M] () -- C:\Users\Josh\AppData\Roaming\PnkBstrK.sys
[2012/12/12 22:58:53 | 000,281,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012/12/11 20:05:11 | 000,000,939 | ---- | M] () -- C:\Users\Josh\Desktop\ROBLOX Studio.lnk
[2012/12/11 20:05:10 | 000,001,152 | ---- | M] () -- C:\Users\Josh\Desktop\ROBLOX Player.lnk
[2012/12/11 20:05:10 | 000,000,959 | ---- | M] () -- C:\Users\Josh\Desktop\Alone!!!!.lnk
[2012/12/10 11:57:46 | 000,067,452 | ---- | M] () -- C:\Users\Josh\Documents\dec10.bin
[2012/12/10 09:41:00 | 000,001,836 | ---- | M] () -- C:\Users\Public\Desktop\PSREdit500.lnk
[2012/12/10 09:40:34 | 005,504,197 | ---- | M] (PSREdit Software) -- C:\Users\Josh\Desktop\PSREdit500_Setup_1.93R3.exe
[2012/12/09 16:27:42 | 000,158,208 | ---- | M] () -- C:\Users\Josh\Documents\WLFD buisness.pub
[2012/12/09 16:21:23 | 000,002,619 | ---- | M] () -- C:\Users\Josh\Desktop\Microsoft Publisher 2010.lnk
[2012/12/08 17:21:03 | 000,000,024 | ---- | M] () -- C:\Users\Josh\random.dat
[2012/12/08 17:19:14 | 000,000,023 | ---- | M] () -- C:\Users\Josh\jagexappletviewer.preferences
[2012/12/08 17:09:59 | 000,000,032 | ---- | M] () -- C:\Users\Josh\jagex_cl_runescape_LIVE.dat
[2012/12/06 08:04:44 | 000,076,800 | ---- | M] () -- C:\Users\Josh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/04 12:56:33 | 001,041,952 | ---- | M] () -- C:\Users\Josh\Desktop\white_level_mini_boards.jpg
[2012/12/04 00:42:59 | 000,002,855 | ---- | M] () -- C:\Users\Josh\Desktop\Vageta.PIF
[2012/12/01 10:22:39 | 000,015,517 | ---- | M] () -- C:\Users\Josh\Desktop\pbgame.htm
[2012/12/01 10:09:37 | 000,007,591 | ---- | M] () -- C:\Users\Josh\Desktop\attach.zip
[2012/12/01 09:20:42 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Josh\Desktop\dds.scr
[2012/12/01 09:12:20 | 000,001,356 | ---- | M] () -- C:\Users\Josh\AppData\Local\d3d9caps.dat
[2012/12/01 07:50:02 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/12/01 07:49:25 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/27 21:20:45 | 000,000,776 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/11/23 19:00:56 | 000,002,613 | ---- | M] () -- C:\Users\Josh\Desktop\Microsoft Word 2010.lnk
[2012/11/13 19:48:37 | 000,000,216 | ---- | M] () -- C:\Users\Josh\Desktop\Call of Duty Black Ops II - Zombies.url
[2012/11/13 16:52:10 | 000,000,216 | ---- | M] () -- C:\Users\Josh\Desktop\Call of Duty Black Ops II - Multiplayer.url
[2 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/10 10:21:05 | 000,067,452 | ---- | C] () -- C:\Users\Josh\Documents\dec10.bin
[2012/12/10 09:41:00 | 000,001,836 | ---- | C] () -- C:\Users\Public\Desktop\PSREdit500.lnk
[2012/12/09 16:25:41 | 000,158,208 | ---- | C] () -- C:\Users\Josh\Documents\WLFD buisness.pub
[2012/12/08 00:38:09 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012/12/08 00:38:07 | 002,580,552 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2012/12/08 00:38:07 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012/12/04 12:56:31 | 001,041,952 | ---- | C] () -- C:\Users\Josh\Desktop\white_level_mini_boards.jpg
[2012/12/04 00:44:52 | 3488,735,232 | -HS- | C] () -- C:\hiberfil.sys
[2012/12/04 00:42:59 | 000,002,855 | ---- | C] () -- C:\Users\Josh\Desktop\Vageta.PIF
[2012/12/01 10:22:39 | 000,015,517 | ---- | C] () -- C:\Users\Josh\Desktop\pbgame.htm
[2012/12/01 10:22:14 | 002,211,840 | ---- | C] () -- C:\Users\Josh\Desktop\pbsetup.exe
[2012/12/01 10:09:37 | 000,007,591 | ---- | C] () -- C:\Users\Josh\Desktop\attach.zip
[2012/12/01 09:21:48 | 000,302,592 | ---- | C] () -- C:\Users\Josh\Desktop\gmer.exe
[2012/12/01 07:49:25 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/27 21:20:45 | 000,000,776 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/11/13 19:48:37 | 000,000,216 | ---- | C] () -- C:\Users\Josh\Desktop\Call of Duty Black Ops II - Zombies.url
[2012/11/13 16:52:10 | 000,000,216 | ---- | C] () -- C:\Users\Josh\Desktop\Call of Duty Black Ops II - Multiplayer.url
[2012/10/13 01:06:47 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/10/13 01:06:47 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/10/13 01:06:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/10/13 01:06:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/10/13 01:06:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/31 09:08:32 | 000,001,456 | ---- | C] () -- C:\Users\Josh\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/08/28 09:41:03 | 000,000,132 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2012/08/28 08:34:06 | 000,000,132 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012/07/06 11:12:45 | 000,000,048 | ---- | C] () -- C:\Users\Josh\jagex_cl_runescape_LIVE_BETA.dat
[2012/07/06 11:12:45 | 000,000,024 | ---- | C] () -- C:\Users\Josh\random.dat
[2012/05/02 09:38:27 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012/02/29 12:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012/02/28 06:53:49 | 000,000,004 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\steam_md4.dat
[2012/02/03 04:29:56 | 000,042,392 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2011/12/22 17:54:18 | 000,815,741 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\UserTile.png
[2011/12/10 23:05:00 | 000,049,152 | R--- | C] () -- C:\Windows\System32\PatComm10.dll
[2011/12/10 23:05:00 | 000,049,152 | R--- | C] () -- C:\Windows\System32\fudally_usb.dll
[2011/12/10 23:05:00 | 000,028,672 | R--- | C] () -- C:\Windows\System32\PNWatcherApp.dll
[2011/12/10 23:05:00 | 000,024,576 | R--- | C] () -- C:\Windows\System32\OtapRWCDTimer.dll
[2011/12/10 23:04:58 | 000,241,664 | R--- | C] () -- C:\Windows\System32\NextGen10.dll
[2011/12/10 23:04:29 | 000,032,768 | R--- | C] ( ) -- C:\Windows\System32\Interop.NEXTGENLib.dll
[2011/11/25 14:17:23 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2011/11/03 19:36:14 | 000,000,044 | ---- | C] () -- C:\Users\Josh\jagex_cl_runescape_LIVE1.dat
[2011/10/25 15:43:59 | 000,000,032 | ---- | C] () -- C:\Users\Josh\jagex_cl_runescape_LIVE.dat
[2011/10/18 10:03:46 | 000,000,132 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/10/04 00:50:20 | 000,138,056 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\PnkBstrK.sys
[2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/09/26 21:42:47 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/09/26 21:42:18 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/09/26 21:42:18 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/09/26 17:05:43 | 000,110,592 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll
[2011/09/13 17:41:07 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/07/20 10:40:41 | 000,148,920 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011/07/20 10:40:35 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2011/07/07 11:30:21 | 000,000,397 | ---- | C] () -- C:\Windows\CoDUO.INI
[2011/07/01 18:25:12 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2011/07/01 18:24:47 | 000,000,492 | ---- | C] () -- C:\Windows\hegames.ini
[2011/07/01 12:14:31 | 000,000,588 | ---- | C] () -- C:\Windows\EReg515.dat
[2011/07/01 12:12:46 | 000,000,999 | ---- | C] () -- C:\Windows\disney.ini
[2011/07/01 12:12:43 | 000,000,175 | ---- | C] () -- C:\Windows\disneysy.ini
[2011/07/01 12:09:51 | 000,001,984 | ---- | C] () -- C:\Windows\System32\drivers\papycpu.sys
[2011/07/01 12:09:27 | 000,000,178 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011/07/01 11:59:45 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2011/07/01 11:59:45 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2011/07/01 11:59:45 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2011/07/01 11:53:40 | 000,002,016 | ---- | C] () -- C:\Windows\System32\drivers\papycpu2.sys
[2011/07/01 11:53:40 | 000,001,888 | ---- | C] () -- C:\Windows\System32\drivers\papyjoy.sys
[2011/06/24 20:09:22 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2011/06/11 10:19:03 | 000,076,800 | ---- | C] () -- C:\Users\Josh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/09 10:56:40 | 000,000,129 | ---- | C] () -- C:\Users\Josh\jagex_runescape_preferences2.dat
[2011/06/09 10:55:22 | 000,000,035 | ---- | C] () -- C:\Users\Josh\jagex_runescape_preferences.dat
[2011/06/09 10:55:10 | 000,000,023 | ---- | C] () -- C:\Users\Josh\jagexappletviewer.preferences
[2011/06/09 10:29:15 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2011/06/09 10:29:15 | 000,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2011/06/09 10:14:30 | 000,001,356 | ---- | C] () -- C:\Users\Josh\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/04/02 15:17:50 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Audacity
[2012/05/03 15:17:25 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\BitTorrent
[2011/12/09 18:15:41 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\butel
[2011/12/09 18:20:14 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\butelsoap
[2011/12/09 16:09:28 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Catalina Marketing Corp
[2012/05/14 20:47:55 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/10/06 09:56:07 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/07/03 08:32:32 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\CompanionLink
[2011/12/21 01:26:04 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Cyberduck
[2012/05/08 18:02:34 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\DAEMON Tools Lite
[2012/11/21 22:48:03 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Digiarty
[2011/12/17 12:31:04 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\DispatchSMS
[2011/09/26 17:41:44 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\DriverFinder
[2012/12/13 08:41:10 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Dropbox
[2011/08/08 21:56:34 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\GameRanger
[2012/01/15 19:33:45 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Hasbro
[2012/10/08 21:19:56 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Image Zone Express
[2012/05/30 22:52:26 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\libimobiledevice
[2011/06/12 18:26:01 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\OpenOffice.org
[2012/12/01 21:28:58 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Origin
[2011/07/20 10:57:43 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Printer Info Cache
[2011/12/09 18:13:23 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Radioshack
[2011/12/20 23:00:06 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\redsn0w
[2012/05/14 12:41:16 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/09/23 14:58:12 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\SystemRequirementsLab
[2012/04/12 09:45:07 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\TaxCut
[2011/12/20 23:08:28 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\TightVNC
[2012/05/25 17:25:25 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\TS3Client
[2012/07/30 16:27:09 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Uniblue
[2012/05/26 06:48:33 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\wargaming.net
[2011/12/20 23:27:23 | 000,000,000 | -HSD | M] -- C:\Users\Josh\AppData\Roaming\wyUpdate AU

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:55643C1C
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:EDB71CBA
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:E0163B06
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:C0789917

< End of report >

Jtsou · Dec 13, 2012

OTL Extras logfile created on: 12/13/2012 9:05:30 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Josh\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 62.80% Memory free
6.72 Gb Paging File | 5.50 Gb Available in Paging File | 81.88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596.17 Gb Total Space | 40.00 Gb Free Space | 6.71% Space Free | Partition Type: NTFS
Drive D: | 7.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JOSHDESKTOP | User Name: Josh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3950573694-155688357-640864980-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{57D678D6-6C7D-473D-B8F5-D028C3CA9EB1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5B0A8255-15A4-4C12-AA0E-D942DDB4C55F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{60531BA1-0D57-420B-A7E3-268E5C9B85D4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{66DAE805-8C69-49C6-AF24-53F50E27C9EF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6C6E8DD7-3FA0-4E38-8634-0470CBA4FBC1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A170BC7C-5D4F-4620-B610-A101A3857382}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BDCB0353-40BC-4BFD-82AC-61C7447290B8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C7C9A0A4-0B40-48C2-B2D1-D2553E239305}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{CE0B2348-B624-4437-838F-DC7BD11DA1EC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E98BD14E-9F54-46BF-91C9-1682B3E0425F}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0021516A-3296-4A86-ABF8-07A20BEBA56F}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{007590B3-FBA0-4134-8D24-6DCF22FB16A7}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{05B1623F-B42C-40E4-BC33-D13776F3654B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{08B0D535-BA4C-41E3-A319-6ACF37FC2828}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{0D65C0D6-A8E0-469A-80DE-C6E3C31CFD7C}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{0E06B0F4-E525-4536-94D9-05F23ACEA00C}" = protocol=17 | dir=in | app=c:\program files\shop to win 27\troubleshooter.exe |
"{0EC862C1-5FCB-4C68-87F9-D03366CCA894}" = protocol=17 | dir=in | app=c:\program files\origin games\battlefield 3\bf3.exe |
"{1161C669-8F89-4A92-BFE3-A7B0839154F7}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{13326749-9EB0-4DD0-8432-92A317ADB2C5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{16E66945-7982-4FBF-893F-F6A6E1DCD64D}" = protocol=17 | dir=in | app=c:\program files\tightvnc\vncviewer.exe |
"{172BB9E2-C314-4B33-8E16-8149CA5642B1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{175B57B2-B2D1-4DE9-AE42-5845943DC57B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{2497A4A5-6B1A-48D0-80EF-82BEC5F9B28E}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{25211DAC-FDA4-403A-B6A5-28F31020F9CF}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{28150100-58D1-41BC-83E4-3E140B364F5B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{2E832F8E-9618-487F-A469-09D57EC38A12}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{32A2ABD1-CC6C-48AB-A4FF-E9EE7EFB54DB}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{33A0136C-F212-49CB-914A-4C0D6F6A9F8D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{361FB577-A10E-486B-BD11-A53DA2327720}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{38F3BCE1-0F7D-4FB8-ABE9-188B4876A155}" = protocol=17 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{39882010-E186-45FD-957D-453B2B13638D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3AACA2E3-8BFD-47AD-AA15-384625C27C8D}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{47A7C878-7A4E-487A-81E4-BCDAD41A89AD}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"{4948D475-94DC-4CB4-88EA-923857A797C9}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{4A7A0078-FBFF-4B95-94FC-248D7988DC0C}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{4E249B8A-2B4D-427E-97EA-35BE85DA238F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{4FEE6AB5-B189-40B0-BBA8-CCD690B153C5}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{52498606-A29D-418E-83A8-F5C899EBD35A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53AC72FF-E443-4B3D-83AE-56B733BD938E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5734E60A-DCE7-445B-A5A0-D9832ED9D8D8}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{57F3A837-309D-442B-A130-E1127EFD61AE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5CD83758-B406-4633-8024-E211B145D34B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{60612EE9-DE9D-44E5-9CB0-0327D1D56763}" = protocol=17 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{62F48759-04AA-4E74-AF18-8BFFF16B824B}" = protocol=6 | dir=in | app=c:\program files\tightvnc\vncviewer.exe |
"{66AD4EDE-3D8E-4C3B-B4D2-99B828B344EB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{68F55A1F-BCBA-4A01-8E4C-886AEBD45075}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6A9E86F1-D5C4-4F8E-8754-71B731F3C9E9}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{72DC2FE3-0674-487F-BADA-0B1FF766D606}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7465BA7E-0918-47E7-8662-FD9B53AD30F4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{75545034-3892-4B78-A556-7655F77A9C1C}" = dir=in | app=c:\program files\microsoft games\microsoft flight\flight.exe |
"{75C5396F-2575-4634-8FA2-74217A69F5EA}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"{78729916-AAC3-48DA-8D6C-D432A3D61FD2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{791E6E2B-6C29-4B38-A7A7-55222DE9A0BC}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{7B766A71-C797-4933-BE61-9D590186F061}" = protocol=6 | dir=in | app=c:\users\josh\appdata\roaming\dropbox\bin\dropbox.exe |
"{8521DA31-1157-4404-8977-B28CCB56F04A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{88CF7117-66D2-4D7E-AF36-4159B6C3282E}" = protocol=6 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{90CB94F1-C97F-407C-8592-2CCDE21BEBF7}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{91DAD268-435E-4659-A709-F2643872A57B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{929EE80A-8338-49E0-B89C-1EA9D6A69425}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{939D94A3-1B67-4C96-BC2F-56AACEBD81BE}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{94EC03A1-ABF7-4282-A29C-29E0AD4DB5EB}" = protocol=6 | dir=in | app=c:\program files\shop to win 27\troubleshooter.exe |
"{978B34C6-9C40-41C4-B36C-C6F2CAC144C0}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"{A037D4C9-C0D5-42FB-90DC-77E9C5CAB7B2}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{A3A4556D-62BE-4182-AD49-794217C10ADB}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{AB2BD032-F902-442C-A558-B9C004552761}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{AB56D24C-D3E6-423C-9569-B5B1CB79EA4E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{AB6E6BFD-D62C-4C47-9732-6E45258AA5D3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{B08CC020-78DE-4B41-A2CC-ADAD5EAB231F}" = protocol=6 | dir=out | app=system |
"{B203A230-9347-46C2-9C31-0E7A3CC4BD56}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B60B3562-8F2C-49B6-91D6-E6759BEB09AD}" = protocol=6 | dir=in | app=c:\program files\origin games\battlefield 3\bf3.exe |
"{B909A756-8932-431F-B84A-EF14108A628C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{BA9830DA-1D7D-40B7-8CA8-93C818AAF333}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{BAB6F9C0-A900-4ECC-8D37-BF02015C25C9}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{BB28F587-B441-4C86-B370-393ABD1B24FF}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{C175BD59-3673-4200-A7F6-B47EC19DE71C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C2892FD6-389D-4110-A3C4-A44475F69711}" = protocol=17 | dir=in | app=c:\program files\tightvnc\tvnserver.exe |
"{C59A5B7C-2D26-4C27-8D89-B6EF8D488237}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{C7788A49-377B-48A1-B48A-3339975A528F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C93642EE-3788-4845-8597-94A9803F2A7E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D3BF41DC-40DA-42D4-9FA9-74569DF16BD4}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{D51AC36C-771E-4D4A-ACCE-F531B86BB76C}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D82035FD-6302-4663-B3C0-38F0212AB386}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{DB58C6AF-639E-4D35-98F3-C565C540CCA3}" = protocol=6 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{DF1718CF-3D60-4075-8352-AEBD6FE6DD15}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{E212C649-1A7D-418C-8501-39A6721F3A20}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{E4552415-705F-434C-868C-7D04502D1986}" = protocol=6 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{E702531F-D3B5-4B5E-9547-A6936ADADFFA}" = protocol=17 | dir=in | app=c:\users\josh\appdata\roaming\dropbox\bin\dropbox.exe |
"{E7C3A9F7-7C30-4B64-B6A8-F3222B14A217}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{EF39D955-6D55-4210-98E4-D40EC23DD0AB}" = protocol=17 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{EFD83F20-FFA4-47F6-A771-7EF88E20A4FE}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"{F476AAA1-DF80-4075-9D5E-F895BCE7414B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F5CFA935-D0E3-4E36-9979-6C1415E6F6EB}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{F8E2E558-9942-46A7-8F38-FC995B1E22CE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{FBE00519-39B7-439E-9A86-A5EA8834F018}" = protocol=6 | dir=in | app=c:\program files\tightvnc\tvnserver.exe |
"TCP Query User{03FEF153-A091-479C-BD60-27BB0AC29EA2}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{09EF02B7-EA3D-4CA5-85C8-0CDE58F2B58E}C:\program files\steam\steamapps\jtsou\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\jtsou\team fortress 2\hl2.exe |
"TCP Query User{0D18B5F0-0811-45DD-9106-11069A920855}C:\program files\fomine lan chat\lanchat.exe" = protocol=6 | dir=in | app=c:\program files\fomine lan chat\lanchat.exe |
"TCP Query User{29B59089-6DC6-407B-9EEA-2241CCC203E6}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{32876DB0-06BE-43B0-A5C7-8B485FC68BCF}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe |
"TCP Query User{412CCAE1-2792-44E2-AA96-4C5F81C341BA}C:\program files\fomine lan chat\lanchat.exe" = protocol=6 | dir=in | app=c:\program files\fomine lan chat\lanchat.exe |
"TCP Query User{42CAB827-B702-4634-8CD8-6DFFE45035B7}C:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4mpold.exe" = protocol=6 | dir=in | app=c:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4mpold.exe |
"TCP Query User{457E8D7B-1BBA-427C-AA35-A2760180CDF1}C:\westwood\monopoly\monopoly.exe" = protocol=6 | dir=in | app=c:\westwood\monopoly\monopoly.exe |
"TCP Query User{47C6F433-0A55-4727-A894-9FD1036ED2C0}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{62C80296-39CE-4A00-A0D0-C91CF5BE2EB9}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{70681C1B-49B1-4780-8D13-79ACA884FFE9}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{86FC0BD5-78CF-43D7-8366-2F2E86221A5B}C:\users\josh\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\josh\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{8BFEC034-3319-4D13-AF66-EAD751843C11}C:\users\josh\downloads\aiw-37a-10802\bootstrap\iw4mp.exe" = protocol=6 | dir=in | app=c:\users\josh\downloads\aiw-37a-10802\bootstrap\iw4mp.exe |
"TCP Query User{971A02FD-F310-4E45-A8DE-7E15BF0C20AE}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{9E54ED23-1C71-430C-995A-DDCE77AB0B0A}C:\razorworks\cohokum\cohokum.exe" = protocol=6 | dir=in | app=c:\razorworks\cohokum\cohokum.exe |
"TCP Query User{9EC234AC-EDD2-42F5-ADFD-83C5386B5085}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{A77EC6B4-5A09-492E-9245-7A4B06241926}C:\users\josh\downloads\win500\win500_com.exe" = protocol=6 | dir=in | app=c:\users\josh\downloads\win500\win500_com.exe |
"TCP Query User{B0D78220-107A-4BEE-9218-40E2F452EC01}C:\program files\call of duty game of the year edition\codmp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty game of the year edition\codmp.exe |
"TCP Query User{B174CD5F-1AD1-4878-BE75-2368E9D1E306}C:\program files\steam\steamapps\jtsou\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\jtsou\team fortress 2\hl2.exe |
"TCP Query User{B62DF38D-4C76-4CA4-ACB3-0D3F62F55627}C:\program files\modernrcon\modernrcon_v0.8.exe" = protocol=6 | dir=in | app=c:\program files\modernrcon\modernrcon_v0.8.exe |
"TCP Query User{B9693F46-81FB-4C42-BF31-9F2944D64C08}C:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4mp.dat" = protocol=6 | dir=in | app=c:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4mp.dat |
"TCP Query User{B9DA7F4D-97BF-4657-B357-B9A556741F61}C:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4m.exe" = protocol=6 | dir=in | app=c:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4m.exe |
"TCP Query User{C3CDB2EA-8BC3-4CEE-8D8D-572F4B8C9347}C:\program files\call of duty game of the year edition\coduomp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty game of the year edition\coduomp.exe |
"TCP Query User{C7C2652D-D52E-4BBB-82EB-59C87CB6C774}C:\users\josh\desktop\hippovnc\winvnc.exe" = protocol=6 | dir=in | app=c:\users\josh\desktop\hippovnc\winvnc.exe |
"TCP Query User{CEC84EA8-1956-4402-8F17-1A5441B03874}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"TCP Query User{D8C6295B-AA62-49B6-BCD0-7F7849E4AD44}C:\program files\red storm entertainment\ghost recon\ghostrecon.exe" = protocol=6 | dir=in | app=c:\program files\red storm entertainment\ghost recon\ghostrecon.exe |
"TCP Query User{D9E8AC1B-9EC2-406A-8CC9-32117BC00D45}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{DA0F02E7-C0F6-46D1-B5CE-BD3D1CBC4C8D}C:\users\josh\downloads\aiw-37a-10802\iw4mp.exe" = protocol=6 | dir=in | app=c:\users\josh\downloads\aiw-37a-10802\iw4mp.exe |
"TCP Query User{DF121B6E-A339-4BBD-9BC4-F387A92FBE94}C:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe" = protocol=6 | dir=in | app=c:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe |
"TCP Query User{E6AA13A8-522E-4645-A121-BD0FC2FEFB0F}C:\users\josh\downloads\redsn0w_win_0.9.9b9d\redsn0w_win_0.9.9b9d\redsn0w.exe" = protocol=6 | dir=in | app=c:\users\josh\downloads\redsn0w_win_0.9.9b9d\redsn0w_win_0.9.9b9d\redsn0w.exe |
"TCP Query User{EC2F2D32-62D5-4965-99E6-FF29F68F9879}C:\program files\call of duty game of the year edition\coduomp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty game of the year edition\coduomp.exe |
"TCP Query User{F6F7B169-2B8D-475D-948A-ABE2C63AF1F4}C:\program files\call of duty game of the year edition\codmp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty game of the year edition\codmp.exe |
"UDP Query User{041E6FF6-6EC3-45FC-8B6C-53C151CA57BF}C:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4m.exe" = protocol=17 | dir=in | app=c:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4m.exe |
"UDP Query User{0438385C-2533-4865-A8F6-499AD701A00D}C:\users\josh\downloads\aiw-37a-10802\iw4mp.exe" = protocol=17 | dir=in | app=c:\users\josh\downloads\aiw-37a-10802\iw4mp.exe |
"UDP Query User{1440C309-114A-4866-BCED-330B05862CFD}C:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe" = protocol=17 | dir=in | app=c:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe |
"UDP Query User{20CAEBE2-63DF-4322-A845-B48B76D0EFD1}C:\program files\modernrcon\modernrcon_v0.8.exe" = protocol=17 | dir=in | app=c:\program files\modernrcon\modernrcon_v0.8.exe |
"UDP Query User{2825105A-320D-480C-BEB5-021EFCC527FB}C:\program files\red storm entertainment\ghost recon\ghostrecon.exe" = protocol=17 | dir=in | app=c:\program files\red storm entertainment\ghost recon\ghostrecon.exe |
"UDP Query User{3D65785E-B243-4A2F-BE0E-DD3FF0883A77}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"UDP Query User{47E9938B-3148-4616-95B2-6861778C7DD2}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{58FEEBFB-B197-408A-A570-4ED8240D40DA}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{5FB81400-4D25-44E1-8B59-E0A5E40EF55F}C:\program files\fomine lan chat\lanchat.exe" = protocol=17 | dir=in | app=c:\program files\fomine lan chat\lanchat.exe |
"UDP Query User{66B11E0F-7730-45F9-8671-25947E9AF1DC}C:\program files\call of duty game of the year edition\coduomp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty game of the year edition\coduomp.exe |
"UDP Query User{6772B7BE-C43A-425B-9B7A-467C628CF666}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe |
"UDP Query User{69793548-C5B4-41BA-804D-3B883D1F2E2D}C:\westwood\monopoly\monopoly.exe" = protocol=17 | dir=in | app=c:\westwood\monopoly\monopoly.exe |
"UDP Query User{6BAA55B1-7BD2-496E-A828-C88FEAB5F925}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{6D310646-A0CC-4472-BECB-803281E744C4}C:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4mp.dat" = protocol=17 | dir=in | app=c:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4mp.dat |
"UDP Query User{7C5B77EF-4D0A-4ABB-AA6B-2E5A7885944C}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{8A5AD045-E850-4EBC-B174-00AF57EC150E}C:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4mpold.exe" = protocol=17 | dir=in | app=c:\users\josh\downloads\aiw-client\modern warfare 2 - multiplayer\iw4mpold.exe |
"UDP Query User{8EDCA5B1-BB32-4F17-A930-D41AB4946782}C:\users\josh\downloads\redsn0w_win_0.9.9b9d\redsn0w_win_0.9.9b9d\redsn0w.exe" = protocol=17 | dir=in | app=c:\users\josh\downloads\redsn0w_win_0.9.9b9d\redsn0w_win_0.9.9b9d\redsn0w.exe |
"UDP Query User{8F09DFDD-6197-4E85-A036-323C33B08BFC}C:\users\josh\downloads\aiw-37a-10802\bootstrap\iw4mp.exe" = protocol=17 | dir=in | app=c:\users\josh\downloads\aiw-37a-10802\bootstrap\iw4mp.exe |
"UDP Query User{90C82B65-7E4E-4342-BD04-8537BF2FC9AC}C:\users\josh\desktop\hippovnc\winvnc.exe" = protocol=17 | dir=in | app=c:\users\josh\desktop\hippovnc\winvnc.exe |
"UDP Query User{92137E90-ED06-47F8-BA9C-4CBC9E0EC9A9}C:\users\josh\downloads\win500\win500_com.exe" = protocol=17 | dir=in | app=c:\users\josh\downloads\win500\win500_com.exe |
"UDP Query User{B203FCBB-B728-4619-94BD-D79B1591BE67}C:\users\josh\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\josh\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{C28CC56C-3A67-4ACA-B685-991B7C5A0758}C:\program files\call of duty game of the year edition\coduomp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty game of the year edition\coduomp.exe |
"UDP Query User{C7D89707-C163-43F1-A90B-6B5F10DC61B7}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{CA9279C0-A159-440E-9494-DB01AB6FD5A0}C:\program files\call of duty game of the year edition\codmp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty game of the year edition\codmp.exe |
"UDP Query User{D61D5375-F5DA-4742-8BA0-F2A341873C0E}C:\program files\steam\steamapps\jtsou\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\jtsou\team fortress 2\hl2.exe |
"UDP Query User{E284A779-9C58-422B-A7FE-FA8A657B5D41}C:\razorworks\cohokum\cohokum.exe" = protocol=17 | dir=in | app=c:\razorworks\cohokum\cohokum.exe |
"UDP Query User{E374E38C-8734-4A1E-9226-5C09611930F8}C:\program files\call of duty game of the year edition\codmp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty game of the year edition\codmp.exe |
"UDP Query User{E5CC9A07-360F-4241-8FC6-20BDFC456AEF}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{EA680C24-C5EA-4475-A290-33CFD4B720E5}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{F52A476F-D942-4995-A7DF-7F378AEB45E7}C:\program files\fomine lan chat\lanchat.exe" = protocol=17 | dir=in | app=c:\program files\fomine lan chat\lanchat.exe |
"UDP Query User{F6101C06-9CD0-4167-8EDC-D4FE86ABA561}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{FADB953D-030A-4374-B604-0224AF4807BE}C:\program files\steam\steamapps\jtsou\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\jtsou\team fortress 2\hl2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"%ProgramName%" = picture-shark 1.0
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{0699C67B-F5B5-4CA3-A3A9-B976406FA4DA}" = NI Service Locator
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.8
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B9E0BD1-328D-415C-80A5-6B0028F0C104}" = Call of Duty(R) 2 Patch 1.2
"{0C1DD35C-59F6-4292-9E61-823286BF31E1}_is1" = Shop To Win
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15D5755D-3795-45FE-9ED6-BC0DAFA3B333}" = NI-RPC 3.4.0f1
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1829DACB-46DE-4624-808B-7802AC528DDF}" = NI EULA Depot
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{226837D8-0BF8-4CBE-BAB2-8F07E2C2B4DD}" = HP Deskjet 1050 J410 series Basic Device Software
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{38A4AD83-3492-4A4E-A502-48106D88DD3E}" = NI USI 1.5.0
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3AFE68BA-6FC3-11D5-A805-0010B575AE4F}" = ASTRO 25 Mobile CPS
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43D16DA8-BF42-3C62-89D3-3AD47829DC2E}" = Google Talk Plugin
"{46ADF464-9D63-47E0-B59F-0D9C3A60B4C4}" = NI DataSocket 4.5.0
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{47FFFF8E-A6E7-4C9A-AB7B-1BE0FE29A95A}" = NI LabVIEW Run-Time Engine 8.5
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CE79985-8BCD-11D5-AA2E-0008C760B784}" = Ultimate Ride
"{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{503C86BF-22CB-4806-B2AE-AA79DFD8BA35}" = PL-2303HXD Vista Driver Installer
"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Special Forces
"{57700DD3-0C10-4CE6-95BA-630284EE2CB1}" = NI License Manager
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Help
"{5D87C09F-512F-474A-A306-0FE3B89C396F}" = RuneScape Launcher 1.2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}" = Battlefield 3™
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{671A5B67-1A00-424A-A902-49BC020FB3D1}" = NI VC2005MSMs x86
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{696CDC43-81FC-439C-A5CA-2F32E7C298F4}" = Minitor V PPS
"{6B2DC860-5B05-40E6-93DE-F17AAFE0A526}" = NI Variable Engine
"{6E605604-E2CE-4331-AA19-5FEF273F3CFD}" = NI LabVIEW Real-Time FIFO for Runtime
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F7D11DC-DE87-45C8-A37E-A35B724FC771}" = NI Help Assistant
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7112A06F-A109-46CC-810E-070679754F77}" = NI LabVIEW Deployable License 8.5.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7414C891-720D-4E86-85E5-C3AA898DA9EC}" = HP Deskjet 1050 J410 series Product Improvement Study
"{74CB3747-1685-46C1-8F02-FCDA36ADDBA9}" = NI TDMS
"{74E03281-FA64-11D3-B8D7-0080C8FCA09C}" = Enemy Engaged RAH66 Comanche Vs KA52 Hokum
"{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A702909-3A7D-4ABD-846B-1869A49D850B}" = NI MDF Support
"{8C8D1F1E-DC31-44F2-97F5-0D84CE49BB56}" = NI Uninstaller
"{8CC68433-5837-4075-B81F-EA7E4F14CE60}" = iCloud
"{8FA9410D-5894-4191-B8A4-CCEFAE34051C}" = NI OPC Support
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{916B2871-EB8A-4744-8880-AE0019823835}" = H&R Block North Carolina 2011
"{9198EBF1-7EBB-40D4-87C8-7415CF8AE448}" = NI MXS
"{92228315-BA53-4061-A404-0F05A72E946B}" = NI Logos XT Support
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{998EDD40-EBF5-11D6-837D-0000E8D55E8A}" = Icom CS-F30G
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A85FCCBE-31AB-4312-A5A9-165FF3B0BF90}" = RuneScape Launcher 1.2.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.09.16
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B05599F2-55E3-47D2-9047-AE171F35A90B}" = NI Logos 4.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B56DC4A9-C906-46F0-AF42-7A7CB96DC10D}" = ARC500 for GRE PSR500 and PSR600
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B6E7449A-AFA5-4AC4-8962-26044DF0FE3C}" = Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{B8726461-A7C6-4628-A67C-FE5FC5FB3E9F}" = Software for Scanners
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C6006AED-E5A7-4F77-BAD5-95AC43DE04F3}" = H&R Block Deluxe + Efile + State 2011
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D89EF3B3-6F17-4665-B7A9-A4235A6DC787}" = Ghost Recon
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries
"{DB3A97C0-EEC1-43FE-AB56-E2EA972CF111}" = 1600
"{DC0C5A78-6DBF-3444-0120-0FE8F0134FCD}" = Adobe Download Assistant
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E7C0D6C0-9BE3-486E-8F66-C5788CD704B9}" = One-click CD/DVD Copy
"{EA79DC46-98B0-4A26-A76F-448A032E5E4D}" = 1600Trb
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FDEABB07-6AC3-41E1-A17C-CA5D9707EF72}" = NI-RPC 3.4.0f1 for Phar Lap ETS
"{FEA5A8ED-93A1-44EE-9A7D-43103DB3F78D}" = 1600_Help
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF869B7B-C647-4F59-BD1A-470805A42E8C}" = TwoToneDetect
"3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9" = Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)
"88379_2009_0702_1736_is1" = Uninstall Dual Mode Camera (88379)
"88EB56038379B8B7DCFB4D2448A60F52E064B265" = Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)
"Aces High" = Aces High
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Afterburner" = MSI Afterburner 2.1.0
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Backyard Baseball 2003" = Backyard Baseball 2003
"Battlelog Web Plugins" = Battlelog Web Plugins
"Call of Duty Game of the Year Edition" = Call of Duty Game of the Year Edition
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"CoD RconTool" = CoD RconTool
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.18
"Cyberduck" = Cyberduck 4.2.1 (9350)
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"Euro Truck Simulator" = Euro Truck Simulator 1.3
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FormatFactory" = FormatFactory 2.70
"Fraps" = Fraps
"FreeWorkz" = FreeWorkz
"German Truck Simulator" = German Truck Simulator 1.32
"GFWL_{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"GoZone iSync" = GoZone iSync
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Photo Creations" = HP Photo Creations
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"ilividtoolbarguid" = Search-Results Toolbar
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU
"ModernRcon v0.8" = ModernRcon v0.8
"Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NI Uninstaller" = National Instruments Software
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Professional 2010
"OpenAL" = OpenAL
"Origin" = Origin
"Precision" = EVGA Precision 2.0.4
"ProRadio CPS R06.04.00" = Motorola Professional Radio CPS-R06.04.00
"PSREdit500.exe" = PSREdit500 Scanner Configuration Editor
"PunkBusterSvc" = PunkBuster Services
"ResourceHacker_is1" = Resource Hacker Version 3.5.2
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"Snapshots" = Snapshots
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 440" = Team Fortress 2
"SystemRequirementsLab" = System Requirements Lab
"Tansee iPhone Transfer SMS_is1" = Tansee iPhone Transfer SMS 2.9.0.0
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TightVNC" = TightVNC 2.0.4
"Trivial Pursuit Digital Choice_is1" = Trivial Pursuit Digital Choice v1.3.0 for Windows XP/Vista
"Weather" = Weather
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WinX DVD Ripper_is1" = WinX DVD Ripper 5.5.8
"Xfire" = Xfire (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3950573694-155688357-640864980-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}" = ROBLOX Studio 2.0 Beta for Josh
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for Josh
"{B805FF17-92FE-4757-8142-F0A2850DFE03}" = ROBLOX Studio for Josh
"7a4b3f526d795e58" = FirstToneProject
"Dropbox" = Dropbox
"ef1592f7111f99c9" = WeCad 5
"GameRanger" = GameRanger
"Uncompressor" = Uncompressor

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/9/2012 12:56:19 AM | Computer Name = JoshDesktop | Source = Application Hang | ID = 1002
Description = The program PPS.exe version 1.7.2.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 139c Start Time: 01cdd5c9642307cf Termination Time: 354

Error - 12/9/2012 8:05:03 PM | Computer Name = JoshDesktop | Source = Windows Backup | ID = 4104
Description =

Error - 12/10/2012 7:00:11 PM | Computer Name = JoshDesktop | Source = Application Hang | ID = 1002
Description = The program DllHost.exe version 6.0.6000.16386 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 17b0 Start Time: 01cdd72a0c24a9a0 Termination Time: 102

Error - 12/12/2012 10:28:32 PM | Computer Name = JoshDesktop | Source = Application Error | ID = 1000
Description = Faulting application WINWORD.EXE, version 14.0.6123.5005, time stamp
0x5007bc1d, faulting module gdiplus.dll_unloaded, version 0.0.0.0, time stamp 0x4f2bf90a,
exception code 0xc0000005, fault offset 0x747874b2, process id 0x4fc, application
start time 0x01cdd8d70d511bc0.

Error - 12/13/2012 12:37:40 AM | Computer Name = JoshDesktop | Source = Windows Search Service | ID = 3013
Description =

Error - 12/13/2012 2:04:04 AM | Computer Name = JoshDesktop | Source = Windows Search Service | ID = 3013
Description =

Error - 12/13/2012 2:04:17 AM | Computer Name = JoshDesktop | Source = Windows Search Service | ID = 3013
Description =

Error - 12/13/2012 2:05:54 AM | Computer Name = JoshDesktop | Source = Windows Search Service | ID = 3013
Description =

Error - 12/13/2012 2:05:54 AM | Computer Name = JoshDesktop | Source = Windows Search Service | ID = 3013
Description =

Error - 12/13/2012 2:08:24 AM | Computer Name = JoshDesktop | Source = Windows Search Service | ID = 3013
Description =

[ System Events ]
Error - 12/8/2012 4:42:54 AM | Computer Name = JoshDesktop | Source = Service Control Manager | ID = 7030
Description =

Error - 12/8/2012 9:49:10 AM | Computer Name = JoshDesktop | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:45:45 AM on 12/8/2012 was unexpected.

Error - 12/11/2012 9:03:56 PM | Computer Name = JoshDesktop | Source = Service Control Manager | ID = 7009
Description =

Error - 12/11/2012 9:03:57 PM | Computer Name = JoshDesktop | Source = Service Control Manager | ID = 7000
Description =

Error - 12/13/2012 12:24:51 AM | Computer Name = JoshDesktop | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:07:34 PM on 12/12/2012 was unexpected.

Error - 12/13/2012 12:24:54 AM | Computer Name = JoshDesktop | Source = Print | ID = 54
Description = Document Receipt - AdoramaPix failed to print and was deleted because
of corruption in the spooled file. The associated driver is: HP Deskjet 1050 J410
series. Try printing the document again.

Error - 12/13/2012 12:35:59 AM | Computer Name = JoshDesktop | Source = Service Control Manager | ID = 7030
Description =

Error - 12/13/2012 2:04:16 AM | Computer Name = JoshDesktop | Source = Service Control Manager | ID = 7030
Description =

Error - 12/13/2012 9:39:32 AM | Computer Name = JoshDesktop | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:37:48 AM on 12/13/2012 was unexpected.

Error - 12/13/2012 9:45:37 AM | Computer Name = JoshDesktop | Source = Service Control Manager | ID = 7022
Description =

< End of report >

jeffce · Dec 14, 2012

Please download and run ERUNT (Emergency Recovery Utility NT). This program allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed. **Remember if you are using Windows Vista as your operating system right-click the executable and Run as Administrator.
----------

Run OTL.exe

Copy/paste the following text written inside of the quote box into the Custom Scans/Fixes box located at the bottom of OTL

:Services

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Coupons.com - Top Trending Coupons
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\..\URLSearchHook: {f122b94e-0c50-13c4-c9d3-893faefad90b} - C:\Program Files\Shop to Win 27\Helper.dll ()
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\..\SearchScopes,DefaultScope = {306FA7DD-3B7B-4057-B4BD-34879C18AFCC}
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\..\SearchScopes\{306FA7DD-3B7B-4057-B4BD-34879C18AFCC}: "URL" = http://start.funmoods.com/results.php?f=4&a=axl&q={searchTerms}
FF - prefs.js..extensions.enabledAddons: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledAddons: {f34c9277-6577-4dff-b2d7-7d58092f272f}:1.0.0.12
[2012/11/10 18:56:30 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}
[2012/11/20 12:01:39 | 000,554,816 | ---- | M] () (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\{70a82904-3146-7b54-d1d2-81a0dce450cf}.xpi
[2012/11/10 18:56:40 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION
O2 - BHO: (FreeWorkz Games) - {D1ECD019-8423-43de-98D1-7892AF2DA309} - C:\Program Files\FreeWorkz\FreeWorkzIE.dll (FreeWorkz)
O2 - BHO: (Shop to Win) - {EE146ACC-D881-1414-2148-B1D008B47ADB} - C:\Program Files\Shop to Win 27\Shop to Win 27.dll (Shop To Win, LLC)
O3 - HKLM\..\Toolbar: (no name) - !{8dcb7100-df86-4384-8842-8fa844297b3f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Coupons.com CouponBar) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
[2 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2012/12/06 08:04:44 | 000,076,800 | ---- | M] () -- C:\Users\Josh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:Files
ipconfig /flushdns /c

:Commands
[emptytemp]
[resethosts]
[start explorer]
[Reboot]

Click to expand...
Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

----------

Post the new OTL log and let me know how your system is running now. :smile:

Jtsou · Dec 14, 2012

An extras log was not produced:

OTL logfile created on: 12/14/2012 12:37:24 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Josh\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.11 Gb Available Physical Memory | 65.06% Memory free
6.68 Gb Paging File | 5.64 Gb Available in Paging File | 84.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596.17 Gb Total Space | 39.86 Gb Free Space | 6.69% Space Free | Partition Type: NTFS
Drive D: | 7.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JOSHDESKTOP | User Name: Josh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Josh\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe (Uniblue Systems Ltd)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe (National Instruments Corporation)
PRC - C:\Windows\System32\nisvcloc.exe (National Instruments Corp.)
PRC - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)
PRC - C:\Windows\System32\lktsrv.exe (National Instruments Corporation)
PRC - C:\Windows\System32\lkads.exe (National Instruments Corporation)
PRC - C:\Windows\System32\lkcitdl.exe (National Instruments, Inc.)
PRC - C:\Program Files\National Instruments\MAX\nimxs.exe (National Instruments Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()

========== Services (SafeList) ==========

SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (tvnserver) -- C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (NITaggerService) -- C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe (National Instruments Corporation)
SRV - (niSvcLoc) -- C:\Windows\System32\nisvcloc.exe (National Instruments Corp.)
SRV - (NIDomainService) -- C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)
SRV - (lkTimeSync) -- C:\Windows\System32\lktsrv.exe (National Instruments Corporation)
SRV - (lkClassAds) -- C:\Windows\System32\lkads.exe (National Instruments Corporation)
SRV - (OpcEnum) -- C:\Windows\System32\Opcenum.exe (OPC Foundation)
SRV - (LkCitadelServer) -- C:\Windows\System32\lkcitdl.exe (National Instruments, Inc.)
SRV - (mxssvr) -- C:\Program Files\National Instruments\MAX\nimxs.exe (National Instruments Corporation)
SRV - (NILM License Manager) -- C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation)

========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (GPU-Z) -- C:\Users\Josh\AppData\Local\Temp\GPU-Z.sys File not found
DRV - (cpuz130) -- C:\Users\Josh\AppData\Local\Temp\cpuz130\cpuz_x32.sys File not found
DRV - (catchme) -- C:\Users\Josh\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (silabser) -- C:\Windows\System32\drivers\silabser.sys (Silicon Laboratories)
DRV - (silabenm) -- C:\Windows\System32\drivers\silabenm.sys (Silicon Laboratories)
DRV - (cpuz135) -- C:\Windows\System32\drivers\cpuz135_x32.sys (CPUID)
DRV - (RivaTuner32) -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys ()
DRV - (JL2005C) -- C:\Windows\System32\drivers\jl2005c.sys (Windows (R) 2000 DDK provider)
DRV - (RsFx0103) -- C:\Windows\System32\drivers\RsFx0103.sys (Microsoft Corporation)
DRV - (motccgpfl) -- C:\Windows\System32\drivers\motccgpfl.sys (Motorola)
DRV - (motccgp) -- C:\Windows\System32\drivers\motccgp.sys (Motorola)
DRV - (DS1410D) -- C:\Windows\System32\drivers\DS1410D.sys (Dallas Semiconductor MAXIM)
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (cvintdrv) -- C:\Windows\System32\drivers\cvintdrv.sys ()
DRV - (motport) -- C:\Windows\System32\drivers\motport.sys (Motorola)
DRV - (motmodem) -- C:\Windows\System32\drivers\motmodem.sys (Motorola)
DRV - (Ser2pl) -- C:\Windows\System32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (CommSB96) -- C:\Windows\System32\drivers\COMMSB96.sys (Motorola)
DRV - (CommSBEP) -- C:\Windows\System32\drivers\COMMSBEP.sys (Motorola)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\..\SearchScopes\{BC364A77-1EA2-BC9C-F6F5-CC73E1D83A10}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z133&form=ZGAIDF&install_date=20111227&iesrc={referrer:source}
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\..\SearchScopes\{CE3A3FD1-0A27-07DC-3FED-9D0FBEBC1CD0}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z131&form=ZGAIDF&install_date=20111227&iesrc={referrer:source}
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3950573694-155688357-640864980-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledAddons: links@freeworkz.com:1.0.0
FF - prefs.js..extensions.enabledAddons: smartlinks@getsmartlinks.com:1.0.35
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.12
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.MyFunCards_5m.com/Plugin: C:\Program Files\MyFunCards_5mEI\Installr\1.bin\NP5mEISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@ei.MyScrapNook_12.com/Plugin: C:\Program Files\MyScrapNook_12EI\Installr\1.bin\NP12EISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@ei.Webfetti_52.com/Plugin: C:\Program Files\Webfetti_52EI\Installr\1.bin\NP52EISB.dll (Webfetti)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Josh\AppData\Local\Roblox\Versions\version-7f608c9e01fb44d4\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Josh\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Josh\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Josh\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Josh\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}: C:\Program Files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/27 18:07:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/04 10:34:07 | 000,000,000 | ---D | M]

[2012/11/10 18:56:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\Extensions
[2012/12/14 00:07:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions
[2012/11/21 12:32:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/04/26 20:25:35 | 000,000,000 | ---D | M] (FreeWorkz) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\links@freeworkz.com
[2011/08/20 18:44:53 | 000,000,000 | ---D | M] (BetterLinks) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\smartlinks@getsmartlinks.com
[2012/11/10 18:56:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/07 16:18:56 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/06/11 02:01:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/10/27 18:07:37 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/09 16:09:28 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2007/07/24 18:03:42 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv85win32.dll
[2012/08/29 10:25:52 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2012/10/20 11:48:09 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-3950573694-155688357-640864980-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3950573694-155688357-640864980-1000..\Run: [DriverFinder] C:\Program Files\DriverFinder\DriverFinder.exe File not found
O4 - HKU\S-1-5-21-3950573694-155688357-640864980-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3950573694-155688357-640864980-1000..\Run: [SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe (Uniblue Systems Ltd)
O4 - Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7DB7E52-DF48-40EA-91EA-FFD8BD9E7E98}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/05/10 18:31:28 | 000,000,139 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/14 00:03:57 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/12/14 00:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/12/14 00:02:25 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/12/14 00:01:53 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Josh\Desktop\erunt-setup.exe
[2012/12/13 08:43:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Josh\Desktop\OTL.exe
[2012/12/13 08:39:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/12/13 01:08:23 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/12/13 01:08:23 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\temp
[2012/12/12 23:33:55 | 000,000,000 | --SD | C] -- C:\Vageta1258V
[2012/12/10 09:41:13 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\PSREdit
[2012/12/10 09:40:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSREdit
[2012/12/10 09:40:59 | 000,000,000 | ---D | C] -- C:\Program Files\PSREdit
[2012/12/10 09:40:19 | 005,504,197 | ---- | C] (PSREdit Software) -- C:\Users\Josh\Desktop\PSREdit500_Setup_1.93R3.exe
[2012/12/10 09:27:58 | 000,000,000 | ---D | C] -- C:\Users\Josh\Desktop\Win500
[2012/12/04 00:43:42 | 000,000,000 | ---D | C] -- C:\Vageta11310V
[2012/12/04 00:43:24 | 000,000,000 | ---D | C] -- C:\Vageta4155V
[2012/12/04 00:42:26 | 000,000,000 | ---D | C] -- C:\Vageta17506V
[2012/12/04 00:42:25 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2012/12/04 00:41:28 | 000,000,000 | ---D | C] -- C:\Vageta
[2012/12/03 23:47:27 | 000,000,000 | ---D | C] -- C:\Users\Josh\Desktop\BurnCDCC
[2012/12/03 23:31:24 | 000,000,000 | ---D | C] -- C:\Users\Josh\Desktop\grub4dos
[2012/12/03 18:42:06 | 005,011,070 | R--- | C] (Swearware) -- C:\Users\Josh\Desktop\Vageta.com
[2012/12/03 14:41:28 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\Google
[2012/12/01 09:20:38 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Josh\Desktop\dds.scr
[2012/12/01 07:49:32 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/12/01 07:49:32 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Roaming\Malwarebytes
[2012/12/01 07:49:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/12/01 07:49:24 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/12/01 07:49:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/12/01 07:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/28 07:12:11 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\ESN
[2012/11/27 21:30:57 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\Origin
[2012/11/27 21:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012/11/21 22:48:59 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Roaming\dvdcss
[2012/11/21 22:47:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
[2012/11/21 22:47:50 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Roaming\Digiarty
[2012/11/21 22:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\Digiarty
[2007/10/04 10:03:02 | 000,942,080 | ---- | C] (Motorola Inc.) -- C:\Users\Josh\PPS
[2007/10/04 10:03:02 | 000,942,080 | ---- | C] (Motorola Inc.) -- C:\Users\Josh\minpps2.exe

========== Files - Modified Within 30 Days ==========

[2012/12/14 00:38:55 | 000,714,488 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/14 00:38:55 | 000,147,088 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/14 00:32:46 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/14 00:32:46 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\PCConfidential.job
[2012/12/14 00:32:46 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC.job
[2012/12/14 00:32:39 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/14 00:32:39 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/14 00:32:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/14 00:32:35 | 3488,735,232 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/14 00:24:27 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/14 00:18:59 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3950573694-155688357-640864980-1000UA.job
[2012/12/14 00:14:32 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/14 00:02:28 | 000,000,913 | ---- | M] () -- C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/12/14 00:02:25 | 000,000,733 | ---- | M] () -- C:\Users\Josh\Desktop\NTREGOPT.lnk
[2012/12/14 00:02:25 | 000,000,714 | ---- | M] () -- C:\Users\Josh\Desktop\ERUNT.lnk
[2012/12/14 00:01:54 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Josh\Desktop\erunt-setup.exe
[2012/12/13 13:04:26 | 000,281,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012/12/13 08:43:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Josh\Desktop\OTL.exe
[2012/12/13 01:19:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3950573694-155688357-640864980-1000Core.job
[2012/12/12 23:32:32 | 005,011,070 | R--- | M] (Swearware) -- C:\Users\Josh\Desktop\Vageta.com
[2012/12/12 23:06:09 | 000,138,056 | ---- | M] () -- C:\Users\Josh\AppData\Roaming\PnkBstrK.sys
[2012/12/11 20:05:11 | 000,000,939 | ---- | M] () -- C:\Users\Josh\Desktop\ROBLOX Studio.lnk
[2012/12/11 20:05:10 | 000,001,152 | ---- | M] () -- C:\Users\Josh\Desktop\ROBLOX Player.lnk
[2012/12/11 20:05:10 | 000,000,959 | ---- | M] () -- C:\Users\Josh\Desktop\Alone!!!!.lnk
[2012/12/10 11:57:46 | 000,067,452 | ---- | M] () -- C:\Users\Josh\Documents\dec10.bin
[2012/12/10 09:41:00 | 000,001,836 | ---- | M] () -- C:\Users\Public\Desktop\PSREdit500.lnk
[2012/12/10 09:40:34 | 005,504,197 | ---- | M] (PSREdit Software) -- C:\Users\Josh\Desktop\PSREdit500_Setup_1.93R3.exe
[2012/12/09 16:27:42 | 000,158,208 | ---- | M] () -- C:\Users\Josh\Documents\WLFD buisness.pub
[2012/12/09 16:21:23 | 000,002,619 | ---- | M] () -- C:\Users\Josh\Desktop\Microsoft Publisher 2010.lnk
[2012/12/08 17:21:03 | 000,000,024 | ---- | M] () -- C:\Users\Josh\random.dat
[2012/12/08 17:19:14 | 000,000,023 | ---- | M] () -- C:\Users\Josh\jagexappletviewer.preferences
[2012/12/08 17:09:59 | 000,000,032 | ---- | M] () -- C:\Users\Josh\jagex_cl_runescape_LIVE.dat
[2012/12/04 12:56:33 | 001,041,952 | ---- | M] () -- C:\Users\Josh\Desktop\white_level_mini_boards.jpg
[2012/12/04 00:42:59 | 000,002,855 | ---- | M] () -- C:\Users\Josh\Desktop\Vageta.PIF
[2012/12/01 10:22:39 | 000,015,517 | ---- | M] () -- C:\Users\Josh\Desktop\pbgame.htm
[2012/12/01 10:09:37 | 000,007,591 | ---- | M] () -- C:\Users\Josh\Desktop\attach.zip
[2012/12/01 09:20:42 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Josh\Desktop\dds.scr
[2012/12/01 09:12:20 | 000,001,356 | ---- | M] () -- C:\Users\Josh\AppData\Local\d3d9caps.dat
[2012/12/01 07:50:02 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/12/01 07:49:25 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/27 21:20:45 | 000,000,776 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/11/23 19:00:56 | 000,002,613 | ---- | M] () -- C:\Users\Josh\Desktop\Microsoft Word 2010.lnk

========== Files Created - No Company Name ==========

[2012/12/14 00:02:28 | 000,000,913 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/12/14 00:02:25 | 000,000,733 | ---- | C] () -- C:\Users\Josh\Desktop\NTREGOPT.lnk
[2012/12/14 00:02:25 | 000,000,714 | ---- | C] () -- C:\Users\Josh\Desktop\ERUNT.lnk
[2012/12/10 10:21:05 | 000,067,452 | ---- | C] () -- C:\Users\Josh\Documents\dec10.bin
[2012/12/10 09:41:00 | 000,001,836 | ---- | C] () -- C:\Users\Public\Desktop\PSREdit500.lnk
[2012/12/09 16:25:41 | 000,158,208 | ---- | C] () -- C:\Users\Josh\Documents\WLFD buisness.pub
[2012/12/08 00:38:09 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012/12/08 00:38:07 | 002,580,552 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2012/12/08 00:38:07 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012/12/04 12:56:31 | 001,041,952 | ---- | C] () -- C:\Users\Josh\Desktop\white_level_mini_boards.jpg
[2012/12/04 00:44:52 | 3488,735,232 | -HS- | C] () -- C:\hiberfil.sys
[2012/12/04 00:42:59 | 000,002,855 | ---- | C] () -- C:\Users\Josh\Desktop\Vageta.PIF
[2012/12/01 10:22:39 | 000,015,517 | ---- | C] () -- C:\Users\Josh\Desktop\pbgame.htm
[2012/12/01 10:22:14 | 002,211,840 | ---- | C] () -- C:\Users\Josh\Desktop\pbsetup.exe
[2012/12/01 10:09:37 | 000,007,591 | ---- | C] () -- C:\Users\Josh\Desktop\attach.zip
[2012/12/01 09:21:48 | 000,302,592 | ---- | C] () -- C:\Users\Josh\Desktop\gmer.exe
[2012/12/01 07:49:25 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/27 21:20:45 | 000,000,776 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/10/13 01:06:47 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/10/13 01:06:47 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/10/13 01:06:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/10/13 01:06:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/10/13 01:06:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/31 09:08:32 | 000,001,456 | ---- | C] () -- C:\Users\Josh\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/08/28 09:41:03 | 000,000,132 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2012/08/28 08:34:06 | 000,000,132 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012/07/06 11:12:45 | 000,000,048 | ---- | C] () -- C:\Users\Josh\jagex_cl_runescape_LIVE_BETA.dat
[2012/07/06 11:12:45 | 000,000,024 | ---- | C] () -- C:\Users\Josh\random.dat
[2012/05/02 09:38:27 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012/02/29 12:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012/02/28 06:53:49 | 000,000,004 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\steam_md4.dat
[2012/02/03 04:29:56 | 000,042,392 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2011/12/22 17:54:18 | 000,815,741 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\UserTile.png
[2011/12/10 23:05:00 | 000,049,152 | R--- | C] () -- C:\Windows\System32\PatComm10.dll
[2011/12/10 23:05:00 | 000,049,152 | R--- | C] () -- C:\Windows\System32\fudally_usb.dll
[2011/12/10 23:05:00 | 000,028,672 | R--- | C] () -- C:\Windows\System32\PNWatcherApp.dll
[2011/12/10 23:05:00 | 000,024,576 | R--- | C] () -- C:\Windows\System32\OtapRWCDTimer.dll
[2011/12/10 23:04:58 | 000,241,664 | R--- | C] () -- C:\Windows\System32\NextGen10.dll
[2011/12/10 23:04:29 | 000,032,768 | R--- | C] ( ) -- C:\Windows\System32\Interop.NEXTGENLib.dll
[2011/11/25 14:17:23 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2011/11/03 19:36:14 | 000,000,044 | ---- | C] () -- C:\Users\Josh\jagex_cl_runescape_LIVE1.dat
[2011/10/25 15:43:59 | 000,000,032 | ---- | C] () -- C:\Users\Josh\jagex_cl_runescape_LIVE.dat
[2011/10/18 10:03:46 | 000,000,132 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/10/04 00:50:20 | 000,138,056 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\PnkBstrK.sys
[2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/09/26 21:42:47 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/09/26 21:42:18 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/09/26 21:42:18 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/09/26 17:05:43 | 000,110,592 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll
[2011/09/13 17:41:07 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/07/20 10:40:41 | 000,148,920 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011/07/20 10:40:35 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2011/07/07 11:30:21 | 000,000,397 | ---- | C] () -- C:\Windows\CoDUO.INI
[2011/07/01 18:25:12 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2011/07/01 18:24:47 | 000,000,492 | ---- | C] () -- C:\Windows\hegames.ini
[2011/07/01 12:14:31 | 000,000,588 | ---- | C] () -- C:\Windows\EReg515.dat
[2011/07/01 12:12:46 | 000,000,999 | ---- | C] () -- C:\Windows\disney.ini
[2011/07/01 12:12:43 | 000,000,175 | ---- | C] () -- C:\Windows\disneysy.ini
[2011/07/01 12:09:51 | 000,001,984 | ---- | C] () -- C:\Windows\System32\drivers\papycpu.sys
[2011/07/01 12:09:27 | 000,000,178 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011/07/01 11:59:45 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2011/07/01 11:59:45 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2011/07/01 11:59:45 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2011/07/01 11:53:40 | 000,002,016 | ---- | C] () -- C:\Windows\System32\drivers\papycpu2.sys
[2011/07/01 11:53:40 | 000,001,888 | ---- | C] () -- C:\Windows\System32\drivers\papyjoy.sys
[2011/06/24 20:09:22 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2011/06/09 10:56:40 | 000,000,129 | ---- | C] () -- C:\Users\Josh\jagex_runescape_preferences2.dat
[2011/06/09 10:55:22 | 000,000,035 | ---- | C] () -- C:\Users\Josh\jagex_runescape_preferences.dat
[2011/06/09 10:55:10 | 000,000,023 | ---- | C] () -- C:\Users\Josh\jagexappletviewer.preferences
[2011/06/09 10:29:15 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2011/06/09 10:29:15 | 000,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2011/06/09 10:14:30 | 000,001,356 | ---- | C] () -- C:\Users\Josh\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/04/02 15:17:50 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Audacity
[2012/05/03 15:17:25 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\BitTorrent
[2011/12/09 18:15:41 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\butel
[2011/12/09 18:20:14 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\butelsoap
[2011/12/09 16:09:28 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Catalina Marketing Corp
[2012/05/14 20:47:55 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/10/06 09:56:07 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/07/03 08:32:32 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\CompanionLink
[2011/12/21 01:26:04 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Cyberduck
[2012/05/08 18:02:34 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\DAEMON Tools Lite
[2012/11/21 22:48:03 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Digiarty
[2011/12/17 12:31:04 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\DispatchSMS
[2011/09/26 17:41:44 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\DriverFinder
[2012/12/14 00:33:53 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Dropbox
[2011/08/08 21:56:34 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\GameRanger
[2012/01/15 19:33:45 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Hasbro
[2012/10/08 21:19:56 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Image Zone Express
[2012/05/30 22:52:26 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\libimobiledevice
[2011/06/12 18:26:01 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\OpenOffice.org
[2012/12/01 21:28:58 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Origin
[2011/07/20 10:57:43 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Printer Info Cache
[2011/12/09 18:13:23 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Radioshack
[2011/12/20 23:00:06 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\redsn0w
[2012/05/14 12:41:16 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/09/23 14:58:12 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\SystemRequirementsLab
[2012/04/12 09:45:07 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\TaxCut
[2011/12/20 23:08:28 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\TightVNC
[2012/05/25 17:25:25 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\TS3Client
[2012/07/30 16:27:09 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Uniblue
[2012/05/26 06:48:33 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\wargaming.net
[2011/12/20 23:27:23 | 000,000,000 | -HSD | M] -- C:\Users\Josh\AppData\Roaming\wyUpdate AU

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:55643C1C
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:EDB71CBA
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:E0163B06
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:C0789917

< End of report >

jeffce · Dec 14, 2012

and let me know how your system is running now

Jtsou · Dec 14, 2012

Better, the ads seem to be gone now.

The main thing I am trying to fix is outlined here:

http://www.techsupportforum.com/forums/f59/punkbuster-problems-678077.html

The research I've done leads to rootkit problems, thats the main reason I am here.

jeffce · Dec 14, 2012

I am not seeing any rootkits on your system with the logs that you have supplied which is good.
---------

I see that your Java software is out of date. Please go to Start >> Control Panel >> Programs and Features >> uninstall all versions of Java.

Now download and install the newest version from here >> Download Free Java Software
-------------

Clear Java Cache

See this page for instructions on how to clear java's cache.

Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)

Under Temporary Internet Files, click the Delete Files button.
There are three options in the window to clear the cache - Leave ALL 3 Checked
- Downloaded Applets
  Downloaded Applications
  Other Files
Click OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
Click OK to leave the Java Control Panel.

----------

Malwarebytes

Please open Malwarebytes, update it and then run a Quick Scan. Save the log that is created for your next reply.
----------

ESET Online Scanner

Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
Wait for the scan to finish
When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
Close the ESET online scan, and let me know how things are now.

----------

Jtsou · Dec 15, 2012

MBAM will not run.

It runs for about 5-10 minutes before freezing on a file.

It says it found 5 infections before it freezes.

Working on ESET now.

jeffce · Dec 15, 2012

When you get ESET post that.

Jtsou · Dec 15, 2012

I had the ESET running for 12 hours or so, and it was at 99% when my brother closed it out....:facepalm:

It had found 70 threats or so when I last looked.

I will run it again tonight.

jeffce · Dec 15, 2012

I had the ESET running for 12 hours or so, and it was at 99% when my brother closed it out

:facepalm: LOL Ok thats fine. Just post it when you get it.

Jtsou · Dec 16, 2012

:\ it is now saying I am only allowed 1 free scan.

At this point I am considering buying a new HD and reinstalling windows. I need to save my pictures/documents on this drive so I cant do a fresh install.

jeffce · Dec 17, 2012

At this point I am considering buying a new HD and reinstalling windows. I need to save my pictures/documents on this drive so I cant do a fresh install.

Is that what you are going to do?

Jtsou · Dec 17, 2012

Unless you have anything further since the ESET is out of the question.

jeffce · Dec 17, 2012

I certainly would not format my system due to ESET not running. :smile: A lot of those entries you said ESET found could have already been quarantined anyway.

Do an online scan with BitDefender QuickScan.
Please be patient as scanning may take some time. If you have problem running the scan, you might want to disable any real time protection that you have.

Click here to go to BitDefender QuickScan page.
For Firefox users:
- Click on Free Scan Now. You will be prompted to install a plug-in. Please Allow. In case you get stuck, please refresh the page to try again.
- A Software Installation window will appear. Click Install Now and the plugin will be installed as an Add-on.
- Restart Firefox when done. Go back to the BitDefender QuickScan page again and click on Free Scan Now and proceed accordingly.
For Internet Explorer users:
- Click on Free Scan Now. You will be prompted to install an ActiveX control. Please install.
- The page will refresh. Click on Free Scan Now again and proceed accordingly.
When scan has completed, click on View report and a Notepad log shall open.
If there are any infections found, you will get a warning and the link to the report will be displayed as the number of infections. Click on it.
Post back the contents of this report. It can also be found at C:\Documents and Settings\<username>\Application Data\QuickScan, <username> is the Windows log-in name.

Jtsou · Dec 17, 2012

That was almost too quick

QuickScan 32-bit v0.9.9.118
---------------------------
Scan date: Mon Dec 17 00:00:16 2012
Machine ID: B8F973B7

Found 1 infected file!
----------------------

C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\links@freeworkz.com\components\FreeWorkzFirefox.dll --> Adware.Generic.237469
--> Process firefox.exe (2656)

Processes
---------
Bonjour 1540 C:\Program Files\Bonjour\mDNSResponder.exe
Firefox 2656 C:\Program Files\Mozilla Firefox\firefox.exe
Firefox 5432 C:\Program Files\Mozilla Firefox\plugin-container.exe
LKADS 1752 C:\Windows\System32\lkads.exe
LKTSRV 1808 C:\Windows\System32\lktsrv.exe
Microsoft SQL Server 2556 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
Microsoft SQL Server 612 C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
Microsoft® Windows Live ID 2668 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
Microsoft® Windows Live ID 3172 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
Microsoft® Windows® Operating System 3896 C:\Program Files\Windows Sidebar\sidebar.exe
Microsoft® Windows® Operating System 2508 C:\Program Files\Windows Sidebar\sidebar.exe
Microsoft® Windows® Operating System 5576 C:\Windows\explorer.exe
Microsoft® Windows® Operating System 524 C:\Windows\System32\csrss.exe
Microsoft® Windows® Operating System 588 C:\Windows\System32\csrss.exe
Microsoft® Windows® Operating System 636 C:\Windows\System32\lsass.exe
Microsoft® Windows® Operating System 5944 C:\Windows\System32\sdclt.exe
Microsoft® Windows® Operating System 620 C:\Windows\System32\services.exe
Microsoft® Windows® Operating System 1220 C:\Windows\System32\SLsvc.exe
Microsoft® Windows® Operating System 392 C:\Windows\System32\smss.exe
Microsoft® Windows® Operating System 1864 C:\Windows\System32\spoolsv.exe
Microsoft® Windows® Operating System 592 C:\Windows\System32\taskeng.exe
Microsoft® Windows® Operating System 5136 C:\Windows\System32\taskeng.exe
Microsoft® Windows® Operating System 2916 C:\Windows\System32\taskeng.exe
Microsoft® Windows® Operating System 4360 C:\Windows\System32\wbem\unsecapp.exe
Microsoft® Windows® Operating System 4428 C:\Windows\System32\wbem\WmiPrvSE.exe
Microsoft® Windows® Operating System 576 C:\Windows\System32\wininit.exe
Microsoft® Windows® Operating System 800 C:\Windows\System32\winlogon.exe
Microsoft® Windows® Operating System 6100 C:\Windows\System32\wuauclt.exe
Microsoft® Windows® Operating System 2928 C:\Windows\System32\WUDFHost.exe
MobileDeviceService 1468 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
National Instruments Logos 1688 C:\Windows\System32\lkcitdl.exe
National Instruments Service Locator 2096 C:\Windows\System32\nisvcloc.exe
NIDMSRV 2076 C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
NIPALSM 1536 C:\Program Files\National Instruments\MAX\nimxs.exe
PnkBstrA.exe 2272 C:\Windows\System32\PnkBstrA.exe
RtlService Application 2520 C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlService.exe
RtWLan Application 3872 C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
Shockwave Flash 272 C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
Shockwave Flash 5404 C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
Steam 4064 C:\Program Files\Steam\Steam.exe
Steam Client Service 2472 C:\Program Files\Common Files\Steam\SteamService.exe
Stereo Vision Control Panel API Server 884 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
TAGSRV 2120 C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
TightVNC 2600 C:\Program Files\TightVNC\tvnserver.exe
Windows® Internet Explorer 3832 C:\Program Files\Internet Explorer\iexplore.exe
Windows® Internet Explorer 5204 C:\Program Files\Internet Explorer\iexplore.exe
Windows® Internet Explorer 5548 C:\Program Files\Internet Explorer\iexplore.exe
Windows® Search 4384 C:\Windows\System32\SearchFilterHost.exe
Windows® Search 1928 C:\Windows\System32\SearchProtocolHost.exe
(verified) Microsoft® Windows® Operating System 4044 C:\Program Files\Windows Media Player\wmpnetwk.exe
(verified) Microsoft® Windows® Operating System 3944 C:\Program Files\Windows Media Player\wmpnscfg.exe
(verified) Microsoft® Windows® Operating System 3988 C:\Windows\ehome\ehmsas.exe
(verified) Microsoft® Windows® Operating System 3924 C:\Windows\ehome\ehtray.exe
(verified) Microsoft® Windows® Operating System 3684 C:\Windows\System32\dwm.exe
(verified) Microsoft® Windows® Operating System 644 C:\Windows\System32\lsm.exe
(verified) Microsoft® Windows® Operating System 1256 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 824 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 2236 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 2060 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 2576 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 2640 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 1200 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 2296 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 2860 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 1100 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 1052 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 1888 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 1672 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 964 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 2976 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 920 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 1428 C:\Windows\System32\svchost.exe
(verified) Microsoft® Windows® Operating System 4396 C:\Windows\System32\svchost.exe
(verified) Windows® Search 2740 C:\Windows\System32\SearchIndexer.exe

Network activity
----------------
Process firefox.exe (2656) connected on port 80 (HTTP) --> 174.129.78.173
Process firefox.exe (2656) connected on port 80 (HTTP) --> 174.129.78.173
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.252.191
Process firefox.exe (2656) connected on port 80 (HTTP) --> 216.52.92.23
Process firefox.exe (2656) connected on port 80 (HTTP) --> 174.129.78.173
Process firefox.exe (2656) connected on port 80 (HTTP) --> 173.194.37.45
Process firefox.exe (2656) connected on port 80 (HTTP) --> 174.129.78.173
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.252.210
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.252.210
Process firefox.exe (2656) connected on port 80 (HTTP) --> 173.194.37.59
Process firefox.exe (2656) connected on port 80 (HTTP) --> 74.125.130.155
Process firefox.exe (2656) connected on port 80 (HTTP) --> 74.125.130.155
Process firefox.exe (2656) connected on port 80 (HTTP) --> 74.125.130.155
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.131.146
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.131.146
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.131.146
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.131.146
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.131.146
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.168.74
Process firefox.exe (2656) connected on port 443 (HTTP over SSL) --> 184.84.131.146
Process firefox.exe (2656) connected on port 80 (HTTP) --> 173.194.37.59
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.252.216
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.252.234
Process firefox.exe (2656) connected on port 80 (HTTP) --> 216.137.33.49
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.132.46
Process firefox.exe (2656) connected on port 80 (HTTP) --> 64.13.137.78
Process firefox.exe (2656) connected on port 80 (HTTP) --> 74.121.134.156
Process firefox.exe (2656) connected on port 80 (HTTP) --> 74.121.134.156
Process firefox.exe (2656) connected on port 80 (HTTP) --> 74.125.130.156
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.252.64
Process firefox.exe (2656) connected on port 80 (HTTP) --> 199.7.51.72
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.252.193
Process firefox.exe (2656) connected on port 443 (HTTP over SSL) --> 184.87.196.66
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.87.197.13
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.87.197.13
Process firefox.exe (2656) connected on port 80 (HTTP) --> 23.1.63.8
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.252.216
Process firefox.exe (2656) connected on port 80 (HTTP) --> 173.194.37.58
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.252.247
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.252.209
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.252.209
Process firefox.exe (2656) connected on port 80 (HTTP) --> 31.13.73.7
Process firefox.exe (2656) connected on port 80 (HTTP) --> 8.19.18.41
Process firefox.exe (2656) connected on port 80 (HTTP) --> 184.84.252.43
Process iexplore.exe (3832) connected on port 80 (HTTP) --> 54.243.76.81
Process iexplore.exe (3832) connected on port 80 (HTTP) --> 54.243.76.81
Process iexplore.exe (3832) connected on port 80 (HTTP) --> 184.84.143.139
Process iexplore.exe (3832) connected on port 80 (HTTP) --> 173.194.37.58
Process iexplore.exe (3832) connected on port 80 (HTTP) --> 173.194.37.58
Process iexplore.exe (3832) connected on port 80 (HTTP) --> 72.21.81.253
Process iexplore.exe (3832) connected on port 80 (HTTP) --> 173.194.37.39
Process iexplore.exe (3832) connected on port 80 (HTTP) --> 173.194.37.39
Process iexplore.exe (3832) connected on port 80 (HTTP) --> 173.194.37.58
Process iexplore.exe (3832) connected on port 80 (HTTP) --> 173.194.37.58
Process iexplore.exe (3832) connected on port 80 (HTTP) --> 74.125.130.147
Process iexplore.exe (3832) connected on port 80 (HTTP) --> 74.125.130.147
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.125.130.147
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.125.130.147
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.125.130.147
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.125.130.147
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.125.134.95
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.125.134.95
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.125.134.95
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.125.130.156
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 67.223.104.26
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 67.223.104.26
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.125.130.156
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.86.115.198
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.86.115.198
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.125.134.95
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.250
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.250
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.57
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.57
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.39
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.39
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.43
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.43
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.125.130.155
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.125.130.155
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 108.161.188.192
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.58
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.58
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 199.16.173.24
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 23.21.122.140
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 23.21.122.140
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 50.18.110.215
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 50.18.110.215
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 174.129.78.173
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.57
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.57
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.218
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.218
Process iexplore.exe (5548) connected on port 443 (HTTP over SSL) --> 173.194.37.58
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 208.93.140.130
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 208.93.140.130
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.168.74
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.168.74
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.47
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.47
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.47
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.185
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.87.197.231
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.87.197.231
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.59
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.59
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 204.11.109.64
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 204.11.109.62
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 204.11.109.62
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.239
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.239
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.250
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.250
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.72.62.116
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.72.62.116
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 216.137.33.19
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 54.243.76.81
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 54.243.76.81
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 208.93.140.130
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 208.93.140.130
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 208.93.140.130
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 208.93.140.130
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 54.243.104.231
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 54.243.104.231
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.73.196.165
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.73.196.165
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 216.52.121.177
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.173.189.191
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.173.189.191
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 50.116.194.23
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 205.188.93.194
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 107.23.123.115
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.184
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 107.23.123.115
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.184
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 50.18.52.57
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 50.18.52.57
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 72.21.91.33
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.86.64.103
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.217.78.184
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.217.78.184
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 74.217.78.184
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 70.33.182.202
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 176.34.185.188
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 176.34.185.188
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.73.184.228
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.73.184.228
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 199.127.204.105
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.58
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 173.194.37.58
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 176.32.100.72
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 176.32.100.72
Process iexplore.exe (5548) connected on port 443 (HTTP over SSL) --> 70.33.182.200
Process iexplore.exe (5548) connected on port 443 (HTTP over SSL) --> 70.33.182.200
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.209
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.209
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 64.13.137.78
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 64.13.137.78
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 184.84.252.64
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 199.7.57.72
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 199.7.57.72
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 216.137.33.176
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 216.52.92.23
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 69.20.31.45
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 54.243.99.190
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 54.243.99.190
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 69.20.31.45
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 216.52.92.23
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 23.23.137.238
Process iexplore.exe (5548) connected on port 80 (HTTP) --> 23.23.137.238

Process wininit.exe (576) listens on ports: 49152 (RPC)
Process services.exe (620) listens on ports: 49162 (RPC)
Process lsass.exe (636) listens on ports: 49156 (RPC)
Process svchost.exe (920) listens on ports: 135 (RPC)
Process svchost.exe (964) listens on ports: 49153 (RPC)
Process svchost.exe (1100) listens on ports: 49154 (RPC)
Process spoolsv.exe (1864) listens on ports: 49155 (RPC)
Process nisvcloc.exe (2096) listens on ports: 3580
Process tagsrv.exe (2120) listens on ports: 59110
Process tvnserver.exe (2600) listens on ports: 5800 (VNC over HTTP), 5900 (VNC Server)
Process wmpnetwk.exe (4044) listens on ports: 554 (RTSP)

Autoruns and critical files
---------------------------
Adobe® Flash® Player Update Service C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
AUTOBACK.EXE C:\Program Files\ERUNT\AUTOBACK.EXE
Dropbox C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe
iCloud C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
Java(TM) Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Microsoft® Windows® Operating System C:\Program Files\Windows Sidebar\sidebar.exe
Microsoft® Windows® Operating System C:\Windows\system32\BROWSEUI.dll
MobileMe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
OTL C:\Users\Josh\Desktop\OTL.exe
SBSV 2010/02/19-11:02:07 C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SpeedUpMyPC Monitor C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe
Uniblue Launcher C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe
Windows® Internet Explorer c:\windows\system32\webcheck.dll
(verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
(verified) Microsoft® Windows® Operating System C:\Program Files\Windows Media Player\wmpnscfg.exe
(verified) Microsoft® Windows® Operating System C:\Windows\ehome\ehtray.exe
(verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe

Browser plugins
---------------
AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Bitdefender QuickScan C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
Bitdefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
CouponNetwork Coupon Activator Netscape C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
ESN Launch Mozilla Plugin C:\Program Files\Battlelog Web Plugins\2.1.2\npesnlaunch.dll
ESN Sonar API C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
Flash® Player Installer/Uninstaller C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
FreeWorkzFirefox.dll C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\links@freeworkz.com\components\FreeWorkzFirefox.dll
Google Earth Plugin C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
Google Talk Plugin C:\Users\Josh\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
Google Talk Plugin Video Accelerator C:\Users\Josh\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
Google Update C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
Java Deployment Toolkit 7.0.90.5 C:\Windows\system32\npDeployJava1.dll
Java(TM) Platform SE 7 U9 C:\Program Files\Java\jre7\bin\jp2ssv.dll
Java(TM) Platform SE 7 U9 C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
Java(TM) Platform SE 7 U9 C:\Program Files\Java\jre7\bin\ssv.dll
LabVIEW 8.5 OCX C:\Program Files\Internet Explorer\plugins\LV85ActiveXControl.dll
Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL
Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL
Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
Microsoft® Windows Live ID c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
National Instruments LabVIEW 8.5 Netsca C:\Program Files\Mozilla Firefox\plugins\nplv85win32.dll
npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32_11_4_402_287.dll C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
NVIDIA 3D Vision C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
NVIDIA 3D VISION C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
Roblox Launcher Plugin C:\Users\Josh\AppData\Local\Roblox\Versions\version-5acc042b77fe4879\\NPRobloxProxy.dll
Shockwave for Director C:\Windows\system32\Adobe\Director\np32dsw.dll
Silverlight Plug-In c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
Skype Toolbars C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Webfetti Installer Plugin Stub C:\Program Files\Webfetti_52EI\Installr\1.bin\NP52EISB.dll
Windows Presentation Foundation c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\Windows\system32\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll

Missing files
-------------
File not found: C:\Program Files\DriverFinder\DriverFinder.exe
--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"DriverFinder"

Scan
----
MD5: e72a9fbaa2ac6b6bdc8d4d6ce4e38b06 C:\Program Files\Battlelog Web Plugins\2.1.2\npesnlaunch.dll
MD5: b83062f5bffaf797dca67464b58970d5 C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: db5bea73edaf19ac68b2c0fad0f92b1a C:\Program Files\Bonjour\mDNSResponder.exe
MD5: 3cdea45c32aa24f161c55fa4b33cc063 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MD5: f31208835709a62ecc5d45211d89c772 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
MD5: f577910a133a592234ebaad3f3afa258 C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MD5: 60c079cb2150760263d1fe5ff6218961 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
MD5: 24aa9776d6ab032071b61c88089aea59 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MD5: e53b389aabc47a86a41884e94c9a3012 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: 5f3347eba403ee64780980a5baf10304 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: 09b7e7cd6f202247b3cf2306108589c2 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: fd86c605fd7ad4a41c01ec7a4a1e1c5d C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: a3609397ef273b03295dbb10274be12c C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 18301b40411b2108076ab685b4e4b6dc C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 26655ca3645c49da4a79ac18fe84ee11 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
MD5: df1c1cd0c7ee95cc00d71e9e415e7bcd C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: c28fd3b37b6f18751c99e6022a2a9782 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: d339d7f6e52aecca9c0898cb547b2902 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
MD5: a56ccbbfccedce2fd9c69fed24e035e3 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 19be881a9cc0a9cc5e6bba43202a41aa C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
MD5: a782c81615108cb5a7a8d826d11005c6 C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll
MD5: a5299d04ed225d64cf07a568a3e1bf8c C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: 4e4edf9ca82e95bab2977dd9f21b00f6 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
MD5: 3417e5691ac9e5b6c3176d2b66dae82d C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MD5: 299a9db999da008414e7e1ceddab610a C:\Program Files\Common Files\Apple\Mobile Device Support\LIBEAY32.dll
MD5: 0e1b02c9cc352a1f61703b7d1a8a2c45 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
MD5: 0871b70c2bc83d3d71789d73f0b6d738 C:\Program Files\Common Files\Apple\Mobile Device Support\SSLEAY32.dll
MD5: 12916e0642e92561c98b18a2a2d01b14 C:\Program Files\Common Files\Java\Java Update\jusched.exe
MD5: 938acf2a4f7fdaff322fd36f0b14d45a C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
MD5: 5eb87ba0b93ca7e894fc8002e3ce4c2a C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
MD5: 1861146a294d61e64b4d9fd057194811 C:\Program Files\Common Files\Steam\SteamService.exe
MD5: e00de20f0f6bed5cd2160247ddc9443b C:\Program Files\ERUNT\AUTOBACK.EXE
MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files\FreeTime\FormatFactory\MSVCR100.dll
MD5: c6c4405d9d1fb3f16475db6e3795803c C:\Program Files\FreeTime\FormatFactory\ShellEx_100.dll
MD5: 2437be68d5a37a75fad51c5f0e9a03ed C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
MD5: 586fdc4e02623ee228ec35b9604ae5f2 C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
MD5: a6b389fd3d8fd81b709124a05ae3806d C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll
MD5: 1f7a482c45c33671dbea67ceb5c1d101 C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll
MD5: fcb563b0a23643e5f80b6ff1e60f610f c:\program files\hp\digital imaging\bin\hpqcxs08.dll
MD5: 818e33ac9b6ccb0cc3bba6ccf155e243 c:\program files\hp\digital imaging\bin\hpqddcmn.dll
MD5: 25e443e27165c652723a92d9bdfd4649 c:\program files\hp\digital imaging\bin\hpqddsvc.dll
MD5: 5e4ff36923c37c80b537dce6caa755f9 C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 2dad4b6b659f7e5dfbcb6d2c634fa6f3 C:\Program Files\Internet Explorer\IEShims.dll
MD5: 22cc6cdba678790046693654c3b212e4 C:\Program Files\Internet Explorer\iexplore.exe
MD5: f4e48f1570f0cf605116545b1a4305dc C:\Program Files\Internet Explorer\plugins\LV85ActiveXControl.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: bc0ea61246f8d940fbc5f652d337d6bd C:\Program Files\iPod\bin\iPodService.exe
MD5: c1680c34de8a405c8829ab93236576fd C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: eb47e405a9222ca595e5e763b4156529 C:\Program Files\Java\jre7\bin\jp2ssv.dll
MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files\Java\jre7\bin\msvcr100.dll
MD5: c04fcb7eebeb5097b30468828f20fb9e C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
MD5: a7a6954e500715117b64b414ab81cb44 C:\Program Files\Java\jre7\bin\ssv.dll
MD5: e0ae8fddfb86ba5db783db8ef70a79ca C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
MD5: 47fc5a4a45e883a36aff884b3e6073b1 C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL
MD5: a5d08b86e8a437aa6deaf7a187bf6ca5 C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
MD5: 711a2e6a55ec7bfd59b5f649d58b704b c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
MD5: e31e4e9f644fbfe79dca532d9781f71d c:\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll
MD5: f1761c8fb2b25a32c6d63e36bb88c3ae c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
MD5: 637a0f23f9012358e92e6f99835494d1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
MD5: d1b61e151f6d0077e42e9521869f352f c:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
MD5: 0fb5aa33d26f7212963d832083cd0c5c c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\BatchParser.dll
MD5: b88613be5b9939bd5dd63f9e196413ad c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\opends60.dll
MD5: 11123d8cac3e659c4c9d88526dc57e42 c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\Resources\1033\sqlevn70.rll
MD5: 32c940d6baad78cc236bf8832d1ad9b7 c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlos.dll
MD5: 520b9ef148145fde39e4fb77e0c7fc48 C:\Program Files\Mozilla Firefox\components\browsercomps.dll
MD5: 5744fff8e72d105c138dae9e17bb29fe C:\Program Files\Mozilla Firefox\firefox.exe
MD5: d9fa57cba32aba63d5c30b854f660f07 C:\Program Files\Mozilla Firefox\freebl3.dll
MD5: a38b82a306cdda0bb141225f92fc9f85 C:\Program Files\Mozilla Firefox\gkmedias.dll
MD5: 52652560bce03f232ce6af381d82ce5f C:\Program Files\Mozilla Firefox\mozalloc.dll
MD5: c2efe31691b0220ba2d366f6ecd9eebc C:\Program Files\Mozilla Firefox\mozglue.dll
MD5: 2d64a5315260aad1d6beee65d2681db3 C:\Program Files\Mozilla Firefox\mozjs.dll
MD5: 3d2706e87d3e4433db929b86207ca928 C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MD5: 03e9314004f504a14a61c3d364b62f66 C:\Program Files\Mozilla Firefox\MSVCP100.dll
MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files\Mozilla Firefox\MSVCR100.dll
MD5: 4d8cae21d3617dbc539f0a7aceb66fad C:\Program Files\Mozilla Firefox\nspr4.dll
MD5: 0206166f245be09dc9c1550afb2c0b8d C:\Program Files\Mozilla Firefox\nss3.dll
MD5: 2944201bcd2bcc92897551a95757ddbe C:\Program Files\Mozilla Firefox\nssckbi.dll
MD5: cf7c83513ad0f22070b6795590f6ba68 C:\Program Files\Mozilla Firefox\nssdbm3.dll
MD5: 15a9691c1f00631bc5475ceef9a6ea62 C:\Program Files\Mozilla Firefox\nssutil3.dll
MD5: 6f255f96534fcf5ff4b611b52c1ab813 C:\Program Files\Mozilla Firefox\plc4.dll
MD5: 6b85d6adef244f9077bd7874610574a9 C:\Program Files\Mozilla Firefox\plds4.dll
MD5: c142445b59c1daba31f6397a34c42c74 C:\Program Files\Mozilla Firefox\plugin-container.exe
MD5: ae5e8753ddfd97c7b15bb542a431f396 C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
MD5: ff71cb58169e1c546a98c5da4e5d1a45 C:\Program Files\Mozilla Firefox\plugins\nplv85win32.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
MD5: 9f135327116e63d522bfef39f37cb2e6 C:\Program Files\Mozilla Firefox\smime3.dll
MD5: 9662e514a77389eb6f7e846db8b44c4d C:\Program Files\Mozilla Firefox\softokn3.dll
MD5: f5720ed4eea3d62a3c9af0950f2b7d23 C:\Program Files\Mozilla Firefox\ssl3.dll
MD5: 4d774b94671141d491cfcb4ca3650ebf C:\Program Files\Mozilla Firefox\xpcom.dll
MD5: 4c44a99bb7584d6b70507987be786259 C:\Program Files\Mozilla Firefox\xul.dll
MD5: 8c7336950f1e69cdfd811cbbd9cf00a2 C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
MD5: 584bb324d4c72d8e5934c9868188ccfe C:\Program Files\National Instruments\MAX\Data Dictionaries\mxsdd.dll
MD5: a70796308d07756fcbb0503abe7932cf C:\Program Files\National Instruments\MAX\Data Dictionaries\TgrDD.dll
MD5: 178aa42899874054f66dbdd60046aec6 C:\Program Files\National Instruments\MAX\mxs.dll
MD5: 749e16652880ce8ed654a47323caf8dc C:\Program Files\National Instruments\MAX\mxsdb.dll
MD5: da5eb3ae9e6c1273c3cbd103d665510d C:\Program Files\National Instruments\MAX\mxsin.dll
MD5: 26ad0e76450a69e18ef2119ec1a13690 C:\Program Files\National Instruments\MAX\mxsout.dll
MD5: 95708f8bc747bc0a7e402b52a5b10ff8 C:\Program Files\National Instruments\MAX\mxssvr.dll
MD5: bdb8395e2e48f2564af1dba7e162cbe1 C:\Program Files\National Instruments\MAX\mxsutils.dll
MD5: a3ba8a14490fdbf106939c37a125e82c C:\Program Files\National Instruments\MAX\nimxs.exe
MD5: 849ef14058a332b73cb30aa6867569d5 C:\Program Files\National Instruments\MAX\nimxsimp.dll
MD5: b17093b9a2c5f874975c732c1a8ba771 C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
MD5: 8dc9fa692ed35791f90a8c3bd771c346 C:\Program Files\National Instruments\Shared\LogosXT\nilxtcor.dll
MD5: 1ef1a0ca41c7cd4347e3e7c2fb919743 C:\Program Files\National Instruments\Shared\LogosXT\nipspxts.dll
MD5: 9c65067a2888dd12ba4447fc50e1fd18 C:\Program Files\National Instruments\Shared\Security\nidm_client_thinauth.dll
MD5: 3b1439a956f872f36f0e8190f64ec9f9 C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
MD5: 8c4b89aa3d1c46d0a4bc552a8c859d02 C:\Program Files\National Instruments\Shared\Tagger\ni_tagger_plugin_LogosRTClient.dll
MD5: 120073126bbc78c166c1981429e5521a C:\Program Files\National Instruments\Shared\Tagger\ni_tagger_plugin_LogosRTServer.dll
MD5: 3a1ac8364019a04e4ca6df9c0c30fddd C:\Program Files\National Instruments\Shared\Tagger\ni_tagger_plugin_mxs.dll
MD5: db266efa2361555808a8d348cd74dbae C:\Program Files\National Instruments\Shared\Tagger\ni_tagger_plugin_OPCServer.dll
MD5: c2d751f9bf1c6360bc7fa86dcbae474a C:\Program Files\National Instruments\Shared\Tagger\tag.mnd
MD5: a4dc5a09020d665b59ca4da846b5133c C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
MD5: 052db5027eae1ae6fbf02e347aaf1cd7 C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
MD5: 5373b9ac92779ce4b6ff9051c3516989 C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
MD5: d8d4957aab4bd861f6b9a89e0359eddf C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MD5: 39fec70ec5a92087d0a3977b80316e00 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
MD5: fc0a58529a02b1eed55ddc58696b7908 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
MD5: 94be31cd7fdbc1bf680dafa8b865186e C:\Program Files\NVIDIA Corporation\3D Vision\nvStereoApiI.dll
MD5: 94142d05f00ec6601a4ea9939de49c98 C:\Program Files\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
MD5: 7c02774740b2ea1f5237808b1a363d34 C:\Program Files\Realtek\11n USB Wireless LAN Utility\IpLib.dll
MD5: f1ed09f4f1fe819031f9140b76f20395 C:\Program Files\Realtek\11n USB Wireless LAN Utility\LIBEAY32.dll
MD5: 29064e69158ecf8ee9d9c4f6c9f1beba C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlICS.dll
MD5: c7b6009d1b6a9485cf7380dc142557ff C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlIhvOid.dll
MD5: 923da0afdd901c39a54e832d530f76bc C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlLib.dll
MD5: ea569d48b2e755af6d96f03f3335d98a C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlService.exe
MD5: 9c32939b75035b85aeb1baa82295a51e C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
MD5: c0c8909be3ecc9df8089112bf9be954e C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys
MD5: ce92b6fa711f20cfa6270af628c50529 C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
MD5: 8cb997fc270d18415c98277c2cc86e95 C:\Program Files\Skype\Toolbars\Shared\SkypeBrowserOptions.dll
MD5: 299ff8bf6fa2458ca5f674a54ebf1592 C:\Program Files\Skype\Toolbars\Shared\SkypePnr.dll
MD5: f07af60b152221472fbdb2fecec4896d C:\Program Files\Skype\Updater\Updater.exe
MD5: 3a9dea24fc669c84eee6702c9d530f42 C:\Program Files\Steam\bin\audio.dll
MD5: bba1fe328cea501fcce1e5df16276439 C:\Program Files\Steam\bin\avcodec-53.dll
MD5: c5ccb86cd745746b9908031a54315f90 C:\Program Files\Steam\bin\avformat-53.dll
MD5: 2a8b8a15a58edf3b443083ec29894e54 C:\Program Files\Steam\bin\avutil-51.dll
MD5: 18e2d9bae7504a1fa28b5f9338f318f4 C:\Program Files\Steam\bin\chromehtml.dll
MD5: c98f72ad86881081ed73217eebd78dbf C:\Program Files\Steam\bin\filesystem_steam.dll
MD5: d6715dc4f8d9771007e94b85839d8c32 c:\program files\steam\bin\friendsui.dll
MD5: 045d0f4f41ca53d4cb22bdc814a22b64 C:\Program Files\Steam\bin\icudt.dll
MD5: 60be2cec0d95bb135d4452f39aac6805 C:\Program Files\Steam\bin\libcef.dll
MD5: 11fe0ee3fef8e29a2089169517e3bb2b C:\Program Files\Steam\bin\mssdsp.flt
MD5: 70466a5ecf2a20894b5f99450459aac3 C:\Program Files\Steam\bin\mssmp3.asi
MD5: b6bcba8dff46272b218dae0a93ffeb0b C:\Program Files\Steam\bin\mssvoice.asi
MD5: 37a81bf4727c5a1f819ecd384fd62d1e c:\program files\steam\bin\serverbrowser.dll
MD5: 3d5ffdf5f8f5b9096053e2dd90787e16 C:\Program Files\Steam\bin\SteamService.dll
MD5: 680cb6d91914e7722af9f47c05b46085 C:\Program Files\Steam\bin\vgui2_s.dll
MD5: c1d1a067613eb3b066bcc3c6965506c5 C:\Program Files\Steam\crashhandler.dll
MD5: 173c217e677c4b0c4f8a6d54ba13bf9b C:\Program Files\Steam\CSERHelper.dll
MD5: a7532e66ea2f168a0970e829d8986423 C:\Program Files\Steam\dbghelp.dll
MD5: aa791614482f7afbd79b0647784f8986 C:\Program Files\Steam\SDL.dll
MD5: df9d2aafc0ba8bb30266a1eaeb7aa929 C:\Program Files\Steam\Steam.dll
MD5: e3cd0a561f3aabe8607bf1474f4ae1dd C:\Program Files\Steam\Steam.exe
MD5: d7d1dc01d6adcacea51017391363f84a C:\Program Files\Steam\steamclient.dll
MD5: 9f2271a32b03f13e22c0c1940edb6fbd C:\Program Files\Steam\SteamUI.dll
MD5: 90ce686a96b2f808f2fbee6ab877a737 C:\Program Files\Steam\tier0_s.dll
MD5: 668b41fc2df98b7b817877ffa506194d C:\Program Files\Steam\vstdlib_s.dll
MD5: aaf458cc200326bef602b5339400bf86 C:\Program Files\TightVNC\tvnserver.exe
MD5: ed5e0af8bdfb99d1a9676d08ec0f7201 C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe
MD5: c7184795a66da8ed6125576f1e8ce033 C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe
MD5: 87b5939ef17944eedd42b88d372908a5 C:\Program Files\Webfetti_52EI\Installr\1.bin\NP52EISB.dll
MD5: b7dc98f6f4e7611a9c0849945fb28fb9 C:\Program Files\Windows Defender\MpOav.dll
MD5: 7d1f2afe12bafc4c18c5a0e3c6866e38 c:\program files\windows defender\mprtplug.dll
MD5: 31170caf2b2ff87be9a4d5f53444d166 C:\Program Files\Windows Sidebar\wlsrvc.dll
MD5: 835b8f5523f2dc6b3f09b52dea5b7623 C:\Program Files\WinRAR\rarext.dll
MD5: 70b253713fc33cc7dbe304693c4fe9a3 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9DAEE3E2-B5B6-46DB-BB2E-C8FC78381405}\mpengine.dll
MD5: bdfe6811ed3d861406ce22c99306ecec C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv01.key
MD5: 69dec8b64b32b47bc259286dfd71c9a8 C:\Users\Josh\AppData\Local\Roblox\Versions\version-5acc042b77fe4879\\NPRobloxProxy.dll
MD5: 51464b6c373cd07e7d4a6cc9294ed67c C:\Users\Josh\AppData\Roaming\Dropbox\bin\Dropbox.exe
MD5: 6d74290856347cf8682277a54b433d4b C:\Users\Josh\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
MD5: f10f87e3d0cc393e28b02acac2cf34fd C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\links@freeworkz.com\components\FreeWorkzFirefox.dll
MD5: c9e3864fb9cbfa93d9010bcfe18a5697 C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
MD5: e54631b36db25082b7998ae7538ba8c8 C:\Users\Josh\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
MD5: 9b301b3fae10015350b96b58ab24f046 C:\Users\Josh\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
MD5: 4adcfee16ee9978f06157634669d36fb C:\Users\Josh\Desktop\OTL.exe
MD5: 789e50b5a5d602bc141a3725ae22adcf C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
MD5: 56940b50ab0e5923822f47b0e4463885 C:\Windows\Downloaded Program Files\qsax.dll
MD5: 219af0f9a54ebeeb3e7e20025d801034 C:\Windows\Microsoft.NET\Framework\v2.0.50727\culture.dll
MD5: 5ed379a5831f6e19d26cc1ae5798a323 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: f5df6846f30e9f54ea60ccaeb3fb2055 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: 09c91e1f199c53e1114396b59b3b4d9e C:\Windows\system32\ACLUI.dll
MD5: b6a800d881a0176c544988870861e798 C:\Windows\system32\Adobe\Director\np32dsw.dll
MD5: e9b9c1b98c8d6d48407e1c1203eac659 C:\Windows\System32\adsldpc.dll
MD5: f31eebc1a1c81fd04005489cc3dcdfe7 C:\Windows\system32\basesrv.dll
MD5: f21f255b91ca4f04e4250decd2067cbb c:\windows\system32\bitsperf.dll
MD5: d333058925ce305e39de8d5ad2b52a46 C:\Windows\system32\CLUSAPI.DLL
MD5: 74f26fc01b180d4a99a168ed69c30a53 C:\Windows\system32\cmd.exe
MD5: 7f15b4953378c8b5161d65c26d5fed4d C:\Windows\system32\cngaudit.dll
MD5: 93e317d7ad783d8eaee2e3500bfe889d C:\Windows\System32\credui.dll
MD5: b0f9073be86c6d4edd4eba674251e699 C:\Windows\system32\CRYPT32.dll
MD5: 09469b8edd2755143fda06867aad7e73 C:\Windows\system32\cryptnet.dll
MD5: f1e8c34892336d33eddcdfe44e474f64 c:\windows\system32\cryptsvc.dll
MD5: 187076dd5d8d4d5d23079d0741195ead C:\Windows\system32\CSRSRV.dll
MD5: abca209eba02cb59233614db83b4f50d C:\Windows\System32\csrss.exe
MD5: e9b39c81c87e5b790fce121da9e02701 C:\Windows\system32\d2d1.dll
MD5: 8b02d2ecc7ef6e1f6af08459e3f741f6 C:\Windows\system32\d3d10.dll
MD5: 5256383d1d266a9eefcdb270340c0e5c C:\Windows\system32\d3d10_1.dll
MD5: a441f5b43eaf4bd4e3acfbe38841b46b C:\Windows\system32\d3d10_1core.dll
MD5: 9c7094f537782a82b6a29b4a7172e180 C:\Windows\system32\d3d10core.dll
MD5: 4a4c71376eca305d6dea021f1a44816d C:\Windows\system32\D3D10Warp.dll
MD5: 30a742ffcea6661e501c44dc273c77b1 C:\Windows\System32\dinput8.dll
MD5: 85e861d0b88db2b54acb0839654c09f7 C:\Windows\system32\DNSAPI.dll
MD5: 57d762f6f5974af0da2be88a3349baaa c:\windows\system32\dnsrslvr.dll
MD5: 062373995eae5f0eac9eaa9192136bfb C:\Windows\system32\dnssd.dll
MD5: 3911b972b55fea0478476b2e777b29fa C:\Windows\system32\drivers\afd.sys
MD5: dcdaab8697a47894a554050ce18d0b56 C:\Windows\system32\DRIVERS\ASACPI.sys
MD5: 2b4e66fac6503494a2c6f32bb6ab3826 C:\Windows\system32\drivers\AsIO.sys
MD5: 35f376253f687bde63976ccb3f2108ca C:\Windows\system32\DRIVERS\bowser.sys
MD5: 82b8c91d327cfecf76cb58716f7d4997 C:\Windows\system32\drivers\compbatt.sys
MD5: c2eb4539a4f6ab6edd01bdc191619975 C:\Windows\system32\drivers\cpuz135_x32.sys
MD5: 622c41a07ca7e6dd91770f50d532cb6c C:\Windows\System32\Drivers\dfsc.sys
MD5: 4f59c172c094e1a1d46463a8dc061cbd C:\Windows\system32\DRIVERS\Dot4.sys
MD5: 80bf3ba09f6f2523c8f6b7cc6dbf7bd5 C:\Windows\system32\DRIVERS\Dot4Prt.sys
MD5: c55004ca6b419b6695970dfe849b122f C:\Windows\system32\DRIVERS\dot4usb.sys
MD5: c68ac676b0ef30cfbb1080adce49eb1f C:\Windows\System32\drivers\dxgkrnl.sys
MD5: 185ada973b5020655cee342059a86cbb C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
MD5: 97469037714070e45194ed318d636401 C:\Windows\system32\drivers\intelide.sys
MD5: a7b973de438a6b98ca7f365837d2f548 C:\Windows\System32\Drivers\jl2005c.sys
MD5: d2600cb17b7408b4a83f231dc9a11ac3 C:\Windows\system32\drivers\kbdhid.sys
MD5: 4a1445efa932a3baf5bdb02d7131ee20 C:\Windows\System32\Drivers\ksecdd.sys
MD5: 0db7527db188c7d967a37bb51bbf3963 C:\Windows\system32\drivers\mbamswissarmy.sys
MD5: 201bfc4ef8b33d02d133fbf6535e515b C:\Windows\system32\DRIVERS\motccgp.sys
MD5: d0242a3832eb7c97801bb25889561e23 C:\Windows\system32\DRIVERS\motccgpfl.sys
MD5: fe80c18ba448ddd76b7bead9eb203d37 C:\Windows\system32\DRIVERS\motmodem.sys
MD5: fe80c18ba448ddd76b7bead9eb203d37 C:\Windows\system32\DRIVERS\motport.sys
MD5: 1e94971c4b446ab2290deb71d01cf0c2 C:\Windows\system32\DRIVERS\mrxsmb.sys
MD5: 4fccb34d793b116423209c0f8b7a3b03 C:\Windows\system32\DRIVERS\mrxsmb10.sys
MD5: c3cb1b40ad4a0124d617a1199b0b9d7c C:\Windows\system32\DRIVERS\mrxsmb20.sys
MD5: 3d7fb57354703809b5f0c23287fac1d6 C:\Windows\system32\drivers\nvhda32v.sys
MD5: e891b3979f0cf2740c1b073f834221fe C:\Windows\system32\DRIVERS\nvlddmkm.sys
MD5: b9c2b89f08670e159f7181891e449cd9 C:\Windows\System32\drivers\partmgr.sys
MD5: 1636d43f10416aeb483bc6001097b26c C:\Windows\system32\drivers\pciide.sys
MD5: f17713d108aca124a139fde877eef68a C:\Windows\System32\Drivers\RimUsb.sys
MD5: 01ff41745935058519062c7ea4c74366 C:\Windows\system32\DRIVERS\RTL8192cu.sys
MD5: 0828e50e85307e1f82fbd46917650854 C:\Windows\system32\DRIVERS\ser2pl.sys
MD5: ce9ec966638ef0b10b864ddedf62a099 C:\Windows\system32\DRIVERS\serenum.sys
MD5: 6d663022db3e7058907784ae14b69898 C:\Windows\system32\DRIVERS\serial.sys
MD5: 103b79418da647736ee95645f305f68a C:\Windows\system32\drivers\sffdisk.sys
MD5: 9cfa05fcfcb7124e69cfc812b72f9614 C:\Windows\system32\drivers\sffp_sd.sys
MD5: 3ead8e1668ce42a0afe41d56e7157bcf C:\Windows\system32\DRIVERS\silabenm.sys
MD5: 177d3ebf3e236a272d769c14f73ecc3e C:\Windows\system32\DRIVERS\silabser.sys
MD5: 41987f9fc0e61adf54f581e15029ad91 C:\Windows\System32\DRIVERS\srv.sys
MD5: ff33aff99564b1aa534f58868cbe41ef C:\Windows\System32\DRIVERS\srv2.sys
MD5: 7605c0e1d01a08f3ecd743f38b834a44 C:\Windows\System32\DRIVERS\srvnet.sys
MD5: 27d470dabc77bc60d0a3b0e4deb6cb91 C:\Windows\System32\drivers\tcpip.sys
MD5: 119a487b94fcb54d5154ebfbfa124755 C:\Windows\System32\drivers\UMDF\WpdFs.dll
MD5: 83cafcb53201bbac04d822f32438e244 C:\Windows\System32\Drivers\usbaapl.sys
MD5: 701a9f884a294327e9141d73746ee279 C:\Windows\system32\drivers\wmiacpi.sys
MD5: 04e268adfc81964c49dc0c082d520f7e C:\Windows\system32\DRIVERS\yk60x86.sys
MD5: cabd1b34bd05c986b4dbc18bc0e947ee C:\Windows\system32\DWrite.dll
MD5: aaae543c535ed596ecad2ab8761c2c6f C:\Windows\system32\dxgi.dll
MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\system32\Dxtmsft.dll
MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\system32\Dxtrans.dll
MD5: b8a21907fe2f1a113f3487d9ab60bef9 C:\Windows\system32\en-us\tQuery.dll.mui
MD5: abaeaee763e287bdd39094c4165e1f3f C:\Windows\system32\fdproxy.dll
MD5: 8ce364388c8eca59b14b539179276d44 c:\windows\system32\fntcache.dll
MD5: 9a75518600fba10980ee94267ca98489 C:\Windows\System32\gameux.dll
MD5: 7a137514f4e48ecdbdd1f29cf7e8d5a4 C:\Windows\system32\GLU32.dll
MD5: b4b59ac042ee3733a862f26cbc0b17fc C:\Windows\system32\hidphone.tsp
MD5: e6f1b2c97d6e21b51a7cc18e48a689d8 C:\Windows\System32\hpinksts8911LM.dll
MD5: e93e0dc52e049bb31f89b6eb6089fbd0 C:\Windows\system32\HPScanMiniDrv_DJ1050_J410.dll
MD5: 6fe5c4b61ec85d746adfa9fff8c2ac58 C:\Windows\System32\hpz3llhn.dll
MD5: 51c6d8bfbd4ea5b62a1ba7f4469250d3 c:\windows\system32\hpzinw12.dll
MD5: 79834aa2fbf9fe81eebb229024f6f7fc c:\windows\system32\hpzipm12.dll
MD5: 0c84b6affa7486422235584110d7176f c:\windows\system32\ICAAPI.dll
MD5: 0ba3f31e2b4d8d99df8dd19e81155374 C:\Windows\system32\ieframe.dll
MD5: eb8a00e8e9931a7ec04f920b09d880d8 C:\Windows\system32\iertutil.dll
MD5: cc0713b192bf47a124168957acd75cc1 C:\Windows\system32\IEUI.dll
MD5: eb49faa5ebbc06356fb12476438781b9 C:\Windows\system32\imagehlp.dll
MD5: 394373142655accf49d64aad466c86ff C:\Windows\System32\jscript9.dll
MD5: 574b473facaa0e91702b86578440b525 C:\Windows\system32\kernel32.dll
MD5: 74c2f29cc612b2b34231bebd824d2fb2 C:\Windows\system32\keyiso.dll
MD5: 953193a9dea40348c1086d171f6440ae C:\Windows\system32\kmddsp.tsp
MD5: ca0b849566776a17f35f0339be17dfd9 c:\windows\system32\ktmw32.dll
MD5: 19ffad68a02af1bf0bc336ee26cd6767 c:\windows\system32\l2gpstore.dll
MD5: 16a17d015c4576486ff39ee350035712 C:\Windows\System32\lkads.exe
MD5: 20cdb07017497c94a0bad253c4bafcbc C:\Windows\System32\lkcitdl.exe
MD5: 172e9f4875f2547ed5c13c40475180cd C:\Windows\system32\LKDYNAM.dll
MD5: 4bf33e6e049a51427f0bf6a5624a537d C:\Windows\system32\LKOBENV.dll
MD5: 979fd0ffcc062d2ee86d0352ed46b70a C:\Windows\system32\LKPROC.dll
MD5: 9f1a642b791541823f31861118dfb6ab C:\Windows\system32\LKREALT.dll
MD5: f2794dda0860c1b3d38a9dd3361a1dac C:\Windows\system32\LKSEC.dll
MD5: 935c43c30a1817f511cc97c0261cbcee C:\Windows\system32\LKSOCK.dll
MD5: 5763a9534464ee899659141e2688c974 C:\Windows\system32\LKSTIME.dll
MD5: 372099ecc46225acdc4b4e4010d70329 C:\Windows\System32\lktsrv.exe
MD5: 35d40113e4a5b961b6ce5c5857702518 c:\windows\system32\lmhsvc.dll
MD5: 63396cbb1365769d520e0fd89c2419f2 C:\Windows\System32\localspl.dll
MD5: 178fac2b7c66e9a4400ce7ac37623e3f C:\Windows\system32\LSASRV.dll
MD5: a3e186b4b935905b829219502557314e C:\Windows\System32\lsass.exe
MD5: 8b1e277f554228a84126402bbbdc32f4 C:\Windows\system32\Macromed\Flash\Flash32_11_4_402_287.ocx
MD5: 3a93e2d1cd533b894b834db23db044a6 C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
MD5: 44c00a385ca9dbc1d5cf3781f8c26aea C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: e7bc792810ec02dd1f7ed25d830e9324 C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
MD5: 67d16247c56c26a4f0d79d1a7f272b8f C:\Windows\system32\MF.dll
MD5: ef24642d5fb52a1eef56de9e47cbb993 C:\Windows\system32\MFC42.DLL
MD5: bf142d4f8c61ed3629a9cdd7ba867900 C:\Windows\System32\mfplat.dll
MD5: b4f5de3dad8e6b97272f45db97674878 C:\Windows\System32\mgmtapi.dll
MD5: 56e315acfb08a177b4d01e42b9044db5 C:\Windows\System32\MPRAPI.dll
MD5: bb197f54a8f69eea8356b7f70e6d3a20 C:\Windows\system32\mshtml.dll
MD5: aab5feaabf4cb6f76d794203831c8d94 C:\Windows\system32\Msidle.dll
MD5: 35aae2e841aa1a949775168e119482c9 C:\Windows\system32\msls31.dll
MD5: 5e41139ec6efbcaffd96d46925e544ab c:\windows\system32\mspatcha.dll
MD5: abe9eea1eabea0711610a637a7b1c25d C:\Windows\system32\msprivs.dll
MD5: 0b8fe658bd033ec8b1f6fbc305cc65e7 C:\Windows\system32\MSRATING.dll
MD5: ff41e1ac301f51e16f61ad7c0f45467c C:\Windows\System32\msshsq.dll
MD5: 2310a32bb0164552a311bfa02102a3d6 C:\Windows\system32\MSVCP60.dll
MD5: 17af64d727545f2804f6e6d998327e3f C:\Windows\system32\msvcrt.dll
MD5: 6abd253226770eae1292b4c945ed4b4b C:\Windows\System32\msxml3.dll
MD5: 024528e25bbe8768536861ea09be1672 C:\Windows\System32\msxml6.dll
MD5: 2fa16465f64db54b1f7f511395eb4fd7 C:\Windows\system32\NCObjAPI.DLL
MD5: 188cc19108b0ebd6332d6628d4ede469 C:\Windows\system32\ncrypt.dll
MD5: f4d9ed6bd74ad7cc0bec83c43a1cb76b c:\windows\system32\ncsi.dll
MD5: 2f6776acefe41ee889c464ea407918f2 C:\Windows\system32\ndptsp.tsp
MD5: 98b656eaf128cd06f625b09c84d959e1 C:\Windows\system32\NETAPI32.dll
MD5: 6bc5fcef351e4cb5a269c1e84b5a06da C:\Windows\system32\netcfgx.dll
MD5: 95daecf0fb120a7b5da679cc54e37dde C:\Windows\system32\netlogon.dll
MD5: 4bf053944e973c073339be841c9ecf28 C:\Windows\system32\NETRAP.dll
MD5: b131cc20af2b1dda0353ccef89b7d614 C:\Windows\system32\nidscmem.dll
MD5: fc83c4b730ba9de7d2d8f3a6fb852548 C:\Windows\system32\nirpc.dll
MD5: 96ef2d1e7b8f40e442ffd1cbca0930f4 C:\Windows\system32\nismslu.dll
MD5: f93499f2153bee1aa3fffa6b8c53dda5 C:\Windows\system32\nisvcloc.dll
MD5: 97eeb04a61350f370f6737cdfa3c303e C:\Windows\System32\nisvcloc.exe
MD5: 2c82d753ef779945977c82a3908da20a C:\Windows\system32\npDeployJava1.dll
MD5: 8bb86f0c7eea2bded6fe095d0b4ca9bd c:\windows\system32\nsisvc.dll
MD5: dda770bbd7c2ed024d6f50e279d90e5b C:\Windows\system32\ntdll.dll
MD5: 31b1403af2020640d5f3d88a6ad18583 C:\Windows\system32\nvapi.dll
MD5: 01996db308521c0725fb0c2f6de05770 C:\Windows\system32\nvd3dum.dll
MD5: ae2de8e165dcb93a66b21748e6f913df C:\Windows\system32\nvvsvc.exe
MD5: 5680cb6a4cfa61fa2df21f1b5c490225 C:\Windows\system32\nvwgf2um.dll
MD5: 862363973dcbcc31dd161ef41a69153c C:\Windows\system32\ODBC32.dll
MD5: 9586e7cb2255a8b097a7e4538202585e C:\Windows\system32\ole32.dll
MD5: dc15ab7168c0309d8f04fd95b6240422 C:\Windows\system32\OLEACC.dll
MD5: b218342214d9bba0f54ea12ba2e9278c C:\Windows\system32\OLEAUT32.dll
MD5: eae6208900e2986f66f68b30aef86e4d C:\Windows\system32\OpcEnum.exe
MD5: b55e77bb01e85d2ca2c4b8424e1df345 C:\Windows\system32\OPENGL32.dll
MD5: f0062778f50838145ac46b384ffb4fa3 C:\Windows\system32\pcadm.dll
MD5: 3a2bdd76e7d2a5f40a7174793d1ba794 C:\Windows\System32\PnkBstrA.exe
MD5: b2b117bd8d1ea80536cdd91797ef4a0a C:\Windows\System32\portabledeviceclassextension.dll
MD5: b288ff7c1987a736726e87c79148c360 C:\Windows\system32\PortableDeviceWiaCompat.dll
MD5: e340845c8e96d107c36420065d7a5733 C:\Windows\system32\printcom.dll
MD5: 801f1e963f7eeffda3f9ef89db3ef133 C:\Windows\system32\radardt.dll
MD5: 7812ecff8fe0ed653716570c157f7b7c C:\Windows\system32\radarrs.dll
MD5: 2dd6af8e97f59c9d39329bbc2a81f13f C:\Windows\System32\RASDLG.dll
MD5: 88225070dd2f7b0b2ed51e7935078641 C:\Windows\system32\RASQEC.DLL
MD5: b9f3ff52b84fd9e3cafb29b8ee385e5b C:\Windows\system32\RESUTILS.DLL
MD5: 928060167f0eb1b4f605327db66cb0c7 C:\Windows\system32\RstrtMgr.DLL
MD5: 50e3e76b0901bb4fc029bb88bfa5ce79 C:\Windows\system32\schannel.dll
MD5: 1a58069db21d05eb2ab58ee5753ebe8d c:\windows\system32\schedsvc.dll
MD5: a623666c8a8ec9a57dca07915a3f1ec6 C:\Windows\System32\sdclt.exe
MD5: 572573590924b261a33ba2b7e9229968 C:\Windows\system32\sdengin2.dll
MD5: d602fedbd9155fc2ded6863fb60c950f C:\Windows\system32\Secur32.dll
MD5: 0a990afb9f2726323d61c8ecb8b70b17 C:\Windows\system32\security.dll
MD5: 167ac31450c0c53a01fa1491e94d7678 C:\Windows\system32\shdocvw.dll
MD5: aaf101900a23d75ae1ae00840fa6f3b8 C:\Windows\system32\SHELL32.dll
MD5: 9176285122b7b849fec2aa1b72a8f7a8 C:\Windows\system32\SHLWAPI.dll
MD5: c7230fbee14437716701c15be02c27b8 C:\Windows\system32\SHSVCS.dll
MD5: 801decf3a583c270e5c398fcd082e3dd C:\Windows\system32\spool\PRTPROCS\W32X86\hpzpplhn.dll
MD5: 8554097e5136c3bf9f69fe578a1b35f4 C:\Windows\System32\spoolsv.exe
MD5: 43aef7355d24090ca7c24c83846bd981 c:\windows\system32\SPP.dll
MD5: bf7e4d6f60a6d9e866432855c6f8c262 c:\windows\system32\sqmapi.dll
MD5: 1bf5eebfd518dd7298434d8c862f825d c:\windows\system32\srvsvc.dll
MD5: 452341e471d2d961229dfe0842957272 C:\Windows\system32\SSCORE.DLL
MD5: b5950df243837d8217f4e597919b224a C:\Windows\system32\stobject.dll
MD5: 80c97417cce0c1e1fbc09894c55cc231 C:\Windows\system32\sxproxy.dll
MD5: 71f5a7104fdf16c0ac5283a6ce666553 C:\Windows\system32\SYSNTFY.dll
MD5: 2a6a2c09ecc2cb495628e45f1379ece8 C:\Windows\system32\taskcomp.dll
MD5: 3d50c4b10352367d5cb20ed1f50f8da2 C:\Windows\System32\taskeng.exe
MD5: 52e129522c1775dbb8cc252e7a0655c7 C:\Windows\system32\taskschd.dll
MD5: 5091452dc719281cf1dd69367e13b494 C:\Windows\System32\tcpmib.dll
MD5: 8a38b5e8493a9d103083b8620ac5f3a1 C:\Windows\System32\tdh.dll
MD5: f8873d15018f411588bec02c1725bada C:\Windows\system32\tspkg.dll
MD5: e45051c374f845edf3db02a35ba13193 C:\Windows\system32\umb.dll
MD5: dfbaadf1b624dc71e88d34d86b3595be C:\Windows\system32\uniplat.dll
MD5: 9fac0f6d5f3d922db294e30cd3f62369 C:\Windows\system32\urlmon.dll
MD5: 0bf0bb276f17b6ad61a8694d2551ec28 C:\Windows\System32\usbmon.dll
MD5: 80fff14f1757b9af8be9d314fc1ae88b C:\Windows\system32\USP10.dll
MD5: af25ecaa3d7f85dc13e348a6f79ad40d C:\Windows\system32\vss_ps.dll
MD5: dc3ae9f1554dcd97f90983ddbdacd83d C:\Windows\system32\vsstrace.dll
MD5: 2c3b09e586bda2cc49a292be7badc589 C:\Windows\system32\wbem\wmiutils.dll
MD5: e7d0f91e44d9d3b2116fa549bdcdb756 c:\windows\system32\WDSCORE.dll
MD5: 5193de33f3284c447e0d31dafbf92570 c:\windows\system32\webcheck.dll
MD5: 0745d6ead386710110817fbec03f5161 C:\Windows\system32\wfapigp.dll
MD5: 73fe2e5fa55088a241aa2732f5d387d6 C:\Windows\system32\wiarpc.dll
MD5: dbd02e3e6f061ebbbf9b99a9d7cba30b C:\Windows\System32\WINHTTP.dll
MD5: 5553611e2f9ea6f613079177f1233068 C:\Windows\system32\WININET.dll
MD5: 101ba3ea053480bb5d957ef37c06b5ed C:\Windows\System32\wininit.exe
MD5: 14ff750efe13b0c21e5a06507c3a97b1 C:\Windows\system32\WINMM.dll
MD5: 5ec8fb83f31aa2d6f421f02c3f4f4475 C:\Windows\system32\WINSPOOL.DRV
MD5: d2293b069e4b63dc17b2f08d45e71124 C:\Windows\system32\winsrv.dll
MD5: b2e569ef26dac9d6994a2aff4f601b7a C:\Windows\system32\WINTRUST.dll
MD5: 92283d9e33ec5f41ecc0b430b7459241 C:\Windows\system32\wls0wndh.dll
MD5: 0727200f10320a6ba7e59433094fbba7 C:\Windows\system32\WMALFXGFXDSP.dll
MD5: f1ecec53b9ffc30e123d14e087c49111 C:\Windows\system32\wmdrmdev.dll
MD5: d571295b71c60a67f6f2ea987e5cc3b0 C:\Windows\system32\wmdrmnet.dll
MD5: 87cdffcbd09c1ca03a068343d5d93250 C:\Windows\system32\WMI.dll
MD5: 015e99a7634b93e8bb0380c70f3d2cc3 C:\Windows\system32\wmp.dll
MD5: 9441a231c0aa0712f7cf3b10d9cfcf76 C:\Windows\system32\wmploc.dll
MD5: 648ab74d9c104fb500b6c4eedc6a8772 C:\Windows\system32\wmpmde.dll
MD5: 617f9a5813e69f6e9ed94b811ec75396 C:\Windows\System32\wmpps.dll
MD5: f0321da5203f1e71917f3b7a13dc4912 C:\Windows\system32\WMsgAPI.dll
MD5: a9662bcf218bc76869a8d91635d5f93a C:\Windows\System32\Wpc.dll
MD5: 1a617835452eee5060976c9b9f5fe635 C:\Windows\system32\wuapi.dll
MD5: 2e0b0a051ffaa86e358465bb0880d453 C:\Windows\System32\wuauclt.exe
MD5: fc3ec24fce372c89423e015a2ac1a31e c:\windows\system32\wuaueng.dll
MD5: 285c594c4913fa9dc7bb6ba3ad6f101a C:\Windows\system32\wucltux.dll
MD5: 09c7859269563c240ab2aaab574483dd C:\Windows\System32\WUDFHost.exe
MD5: 399bb52ad0668472717498e97cf28341 c:\windows\system32\WUDFPlatform.dll
MD5: 4b72b5b342ada4de8deea39cce465b58 C:\Windows\system32\WUDFx.dll
MD5: 3458eda96e30fbd0477a2800d3fb1909 C:\Windows\System32\wups.dll
MD5: bdc0c99e472176c8c2c853a68adc5073 C:\Windows\System32\wups2.dll
MD5: cc8de25ad6cba4416ba9e309cc3c1dd2 C:\Windows\system32\xactsrv.dll
MD5: 77f595dee5ffacea72b135b1fce1312e C:\Windows\system32\XInput1_3.dll
MD5: 1908cc7673f72601affdca022689cedf C:\Windows\system32\XmlLite.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
MD5: 35acd5ea63d75e97dd0e9a1629e582b2 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll
MD5: be3c082837866c4c291adaf163c10ea6 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MD5: 76eaef4ddebbc7c38853f586c0e91dce C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll

No file uploaded.

Scan finished - communication took 2 sec
Total traffic - 0.02 MB sent, 1.99 KB recvd
Scanned 973 files and modules - 128 seconds

==============================================================================

Jtsou · Dec 17, 2012

Also I tried to use ESET on IE instead of firefox, and it is letting me scan again. I will let it run again.

jeffce · Dec 17, 2012

Also I tried to use ESET on IE instead of firefox, and it is letting me scan again. I will let it run again.

Great!!

Jtsou · Dec 18, 2012

After 19 hours and 3319038 files, ESET is complete:

C:\Documents and Settings\Default\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@freeworkz.com\components\FreeWorkzFirefox.dll a variant of Win32/Adware.Gamevance.BZ application
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\37822-15[2].js HTML/ScrInject.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\akoCAF6ESNR.js HTML/ScrInject.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\akoCAHUGNBS.js HTML/ScrInject.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\akoCAJ0ZO09.js HTML/ScrInject.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\akoCAJ6OHVI.js HTML/ScrInject.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\akoCAO41BMC.js HTML/ScrInject.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\akoCATA17UQ.js HTML/ScrInject.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\iframe3CA7L02CZ.htm HTML/ScrInject.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\impCACHKX6Y.js HTML/Iframe.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\impCAFB99RZ.js HTML/Iframe.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\impCAJQQ2I4.js HTML/Iframe.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\impCAOECIF2.js HTML/Iframe.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\impCARBM63N.js HTML/Iframe.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\impCAUO1FAC.js HTML/Iframe.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\PortalServe[6] HTML/Iframe.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\submit-a-video[1].htm HTML/ScrInject.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JIA0WWL2\hungry-cat[1].htm HTML/ScrInject.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LZ3IPTEJ\cat-hug[1].htm HTML/ScrInject.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LZ3IPTEJ\favorites[1].htm HTML/ScrInject.B.Gen virus
C:\Documents and Settings\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4QVK3ZP\the-talented-mr-kitty[1].htm HTML/ScrInject.B.Gen virus
C:\Documents and Settings\Josh\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@freeworkz.com\components\FreeWorkzFirefox.dll a variant of Win32/Adware.Gamevance.BZ application
C:\Documents and Settings\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\links@freeworkz.com\components\FreeWorkzFirefox.dll a variant of Win32/Adware.Gamevance.BZ application
C:\Documents and Settings\Josh\Downloads\7zipap_718.exe a variant of Win32/InstallIQ application
C:\Documents and Settings\Josh\Downloads\ADLSoft_UnCompressor(1).exe a variant of Win32/InstallCore.Q application
C:\Documents and Settings\Josh\Downloads\ADLSoft_UnCompressor.exe a variant of Win32/InstallCore.Q application
C:\Documents and Settings\Josh\Downloads\ADLSoft_UnCompressor_1.exe a variant of Win32/InstallCore.Q application
C:\Documents and Settings\Josh\Downloads\DTLite4451-0236.exe Win32/OpenCandy application
C:\Documents and Settings\Josh\Downloads\eurotrucksimulator-setup.exe Win32/DownloadAdmin.A.Gen application
C:\Documents and Settings\Josh\Downloads\External Hack By Qu40(1).rar probably a variant of Win32/Agent.MJDVTVA trojan
C:\Documents and Settings\Josh\Downloads\External Hack By Qu40(2).rar probably a variant of Win32/Agent.MJDVTVA trojan
C:\Documents and Settings\Josh\Downloads\External Hack By Qu40.rar probably a variant of Win32/Agent.MJDVTVA trojan
C:\Documents and Settings\Josh\Downloads\gts_setup_1_32-dm(1).exe a variant of Win32/Adware.Trymedia.A application
C:\Documents and Settings\Josh\Downloads\gts_setup_1_32-dm(2).exe a variant of Win32/Adware.Trymedia.A application
C:\Documents and Settings\Josh\Downloads\gts_setup_1_32-dm(3).exe a variant of Win32/Adware.Trymedia.A application
C:\Documents and Settings\Josh\Downloads\gts_setup_1_32-dm.exe a variant of Win32/Adware.Trymedia.A application
C:\Documents and Settings\Josh\Downloads\iLividSetup.exe Win32/Toolbar.SearchSuite application
C:\Documents and Settings\Josh\Downloads\iLividSetupV1(1).exe Win32/Toolbar.SearchSuite application
C:\Documents and Settings\Josh\Downloads\iLividSetupV1(2).exe Win32/Toolbar.SearchSuite application
C:\Documents and Settings\Josh\Downloads\iLividSetupV1.exe Win32/Toolbar.SearchSuite application
C:\Documents and Settings\Josh\Downloads\installer_cheat_engine.exe Win32/Toggle application
C:\Documents and Settings\Josh\Downloads\Just Cause 2.exe a variant of MSIL/Solimba.C application
C:\Documents and Settings\Josh\Downloads\siw-setup.exe Win32/OpenCandy application
C:\Documents and Settings\Josh\Downloads\Call of duty 4 [PC-DVD] [English] [www.topetorrent.com]\crack\rzr-cod4.exe Win32/Keygen.DK application
C:\Documents and Settings\Josh\Downloads\External Hack By Qu40\Hack v2.3.exe probably a variant of Win32/Agent.MJDVTVA trojan
C:\Documents and Settings\Josh\Downloads\Need.for.Speed.Hot.Pursuit-RELOADED\rld-nshp\rld-nshp.iso a variant of Win32/Packed.VMProtect.AAD trojan
C:\Program Files\Cheat Engine 6.1\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB application
C:\Program Files\FreeWorkz\Uninstaller.exe a variant of Win32/Adware.Gamevance.CC application
C:\Program Files\Search Results Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application
C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe a variant of Win32/Toolbar.SearchSuite.A application
C:\Program Files\Search Results Toolbar\Datamngr\DnsBHO.dll a variant of Win32/Toolbar.SearchSuite application
C:\Program Files\Search Results Toolbar\Datamngr\IEBHO.dll a variant of Win32/Toolbar.SearchSuite application
C:\Program Files\Uncompressor\Uninstall\Uninstall.exe a variant of Win32/InstallCore.Q application
C:\Program Files\Webfetti_52EI\Installr\1.bin\52EIPlug.dll a variant of Win32/Toolbar.MyWebSearch application
C:\Program Files\Webfetti_52EI\Installr\1.bin\52EZSETP.dll a variant of Win32/Toolbar.MyWebSearch.Q application
C:\Qoobox\Quarantine\C\$Recycle.Bin\S-1-5-21-3950573694-155688357-640864980-1000\$e7503ca092ad325aee0cee0fd47827b9\n.vir a variant of Win32/Kryptik.ALNV trojan
C:\Qoobox\Quarantine\C\$Recycle.Bin\S-1-5-21-3950573694-155688357-640864980-1000\$e7503ca092ad325aee0cee0fd47827b9\U\00000004.@.vir Win32/Conedex.D trojan
C:\Qoobox\Quarantine\C\$Recycle.Bin\S-1-5-21-3950573694-155688357-640864980-1000\$e7503ca092ad325aee0cee0fd47827b9\U\00000008.@.vir Win32/Sirefef.FG trojan
C:\Qoobox\Quarantine\C\$Recycle.Bin\S-1-5-21-3950573694-155688357-640864980-1000\$e7503ca092ad325aee0cee0fd47827b9\U\000000cb.@.vir Win32/Conedex.E trojan
C:\Qoobox\Quarantine\C\$Recycle.Bin\S-1-5-21-3950573694-155688357-640864980-1000\$e7503ca092ad325aee0cee0fd47827b9\U\80000000.@.vir a variant of Win32/Sirefef.FA trojan
C:\Qoobox\Quarantine\C\$Recycle.Bin\S-1-5-21-3950573694-155688357-640864980-1000\$e7503ca092ad325aee0cee0fd47827b9\U\80000032.@.vir Win32/Sirefef.FD trojan
C:\Qoobox\Quarantine\C\Program Files\MyFunCards_5mEI\Installr\1.bin\5mEIPlug.dll.vir a variant of Win32/Toolbar.MyWebSearch application
C:\Qoobox\Quarantine\C\Program Files\MyFunCards_5mEI\Installr\1.bin\5mEZSETP.dll.vir a variant of Win32/Toolbar.MyWebSearch.Q application
C:\Qoobox\Quarantine\C\Program Files\MyScrapNook_12EI\Installr\1.bin\12EIPlug.dll.vir Win32/Toolbar.MyWebSearch application
C:\Qoobox\Quarantine\C\Program Files\MyScrapNook_12EI\Installr\1.bin\12EZSETP.dll.vir Win32/Toolbar.MyWebSearch.Q application
C:\Qoobox\Quarantine\C\Program Files\MyScrapNook_12EI\Installr\1.bin\NP12EISb.dll.vir Win32/Toolbar.MyWebSearch application
C:\Qoobox\Quarantine\C\Users\Josh\AppData\Local\fflibqyfdl.exe.vir a variant of Win32/Kryptik.ALPQ trojan
C:\Qoobox\Quarantine\C\Users\Josh\AppData\Roaming\userinit.exe.vir Win32/Spatet.I trojan
C:\Users\Default\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@freeworkz.com\components\FreeWorkzFirefox.dll a variant of Win32/Adware.Gamevance.BZ application
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\37822-15[2].js HTML/ScrInject.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\akoCAF6ESNR.js HTML/ScrInject.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\akoCAHUGNBS.js HTML/ScrInject.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\akoCAJ0ZO09.js HTML/ScrInject.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\akoCAJ6OHVI.js HTML/ScrInject.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\akoCAO41BMC.js HTML/ScrInject.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\akoCATA17UQ.js HTML/ScrInject.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\iframe3CA7L02CZ.htm HTML/ScrInject.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\impCACHKX6Y.js HTML/Iframe.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\impCAFB99RZ.js HTML/Iframe.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\impCAJQQ2I4.js HTML/Iframe.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\impCAOECIF2.js HTML/Iframe.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\impCARBM63N.js HTML/Iframe.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\impCAUO1FAC.js HTML/Iframe.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\PortalServe[6] HTML/Iframe.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J5NL12TV\submit-a-video[1].htm HTML/ScrInject.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JIA0WWL2\hungry-cat[1].htm HTML/ScrInject.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LZ3IPTEJ\cat-hug[1].htm HTML/ScrInject.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LZ3IPTEJ\favorites[1].htm HTML/ScrInject.B.Gen virus
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4QVK3ZP\the-talented-mr-kitty[1].htm HTML/ScrInject.B.Gen virus
C:\Users\Josh\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@freeworkz.com\components\FreeWorkzFirefox.dll a variant of Win32/Adware.Gamevance.BZ application
C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\3rdwtslb.default\extensions\links@freeworkz.com\components\FreeWorkzFirefox.dll a variant of Win32/Adware.Gamevance.BZ application
C:\Users\Josh\Downloads\7zipap_718.exe a variant of Win32/InstallIQ application
C:\Users\Josh\Downloads\ADLSoft_UnCompressor(1).exe a variant of Win32/InstallCore.Q application
C:\Users\Josh\Downloads\ADLSoft_UnCompressor.exe a variant of Win32/InstallCore.Q application
C:\Users\Josh\Downloads\ADLSoft_UnCompressor_1.exe a variant of Win32/InstallCore.Q application
C:\Users\Josh\Downloads\DTLite4451-0236.exe Win32/OpenCandy application
C:\Users\Josh\Downloads\eurotrucksimulator-setup.exe Win32/DownloadAdmin.A.Gen application
C:\Users\Josh\Downloads\External Hack By Qu40(1).rar probably a variant of Win32/Agent.MJDVTVA trojan
C:\Users\Josh\Downloads\External Hack By Qu40(2).rar probably a variant of Win32/Agent.MJDVTVA trojan
C:\Users\Josh\Downloads\External Hack By Qu40.rar probably a variant of Win32/Agent.MJDVTVA trojan
C:\Users\Josh\Downloads\gts_setup_1_32-dm(1).exe a variant of Win32/Adware.Trymedia.A application
C:\Users\Josh\Downloads\gts_setup_1_32-dm(2).exe a variant of Win32/Adware.Trymedia.A application
C:\Users\Josh\Downloads\gts_setup_1_32-dm(3).exe a variant of Win32/Adware.Trymedia.A application
C:\Users\Josh\Downloads\gts_setup_1_32-dm.exe a variant of Win32/Adware.Trymedia.A application
C:\Users\Josh\Downloads\iLividSetup.exe Win32/Toolbar.SearchSuite application
C:\Users\Josh\Downloads\iLividSetupV1(1).exe Win32/Toolbar.SearchSuite application
C:\Users\Josh\Downloads\iLividSetupV1(2).exe Win32/Toolbar.SearchSuite application
C:\Users\Josh\Downloads\iLividSetupV1.exe Win32/Toolbar.SearchSuite application
C:\Users\Josh\Downloads\installer_cheat_engine.exe Win32/Toggle application
C:\Users\Josh\Downloads\Just Cause 2.exe a variant of MSIL/Solimba.C application
C:\Users\Josh\Downloads\siw-setup.exe Win32/OpenCandy application
C:\Users\Josh\Downloads\Call of duty 4 [PC-DVD] [English] [www.topetorrent.com]\crack\rzr-cod4.exe Win32/Keygen.DK application
C:\Users\Josh\Downloads\External Hack By Qu40\Hack v2.3.exe probably a variant of Win32/Agent.MJDVTVA trojan
C:\Users\Josh\Downloads\Need.for.Speed.Hot.Pursuit-RELOADED\rld-nshp\rld-nshp.iso a variant of Win32/Packed.VMProtect.AAD trojan
C:\_OTL\MovedFiles\12142012_000357\C_Program Files\FreeWorkz\FreeWorkzIE.dll a variant of Win32/Adware.Gamevance.CD application

jeffce · Dec 18, 2012

Good job! I know that ESET can take forever to finish :laugh:

Download CKScanner by askey127 from Here & save it to your Desktop.

Right-click and Run as Administrator CKScanner.exe then click Search For Files
When the cursor hourglass disappears, click Save List To File
A message box will verify the file saved
Double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply

----------

Problems

Jtsou

Jtsou

jeffce

Jtsou

jeffce

Jtsou

jeffce

Jtsou

jeffce

Jtsou

jeffce

Jtsou

jeffce

Jtsou

jeffce

Jtsou

Jtsou

jeffce

Jtsou

jeffce

Top Contributors this Month

Recommended Communities