Solved Survey POPup in Firefox

Barry · 2013/08/13

Let me know if you are working on this or have gone to sleep. I'm not a night owl, but I'll stay with you if you are working on this.

broni · 2013/08/13

Please do not bump.
I'm just a volunteer and I do sleep and I do work

Combofix log looks good.

Running from: d:\documents and settings\Owner\My Documents\Downloads\Programs\ComboFix.exe
Click to expand...

Please move Combofix file to proper location (Desktop).

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.

Double click on adwcleaner.exe to run the tool.

Click on Delete.

Confirm each time with Ok.

Your computer will be rebooted automatically. A text file will open after the restart.

Please post the contents of that logfile with your next reply.

You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator ".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

Click the Scan All Users checkbox.

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Barry · 2013/08/13

Broni, sorry for the perceived bump. The site showed you still online, and I felt it would be disrespectful to head to bed if you were still working on my problem. I understand your need to sleep and work. I just got home from work, myself. I do appreciate your help. I'll download the new programs and post. I understand I'm to turn off my firewall and antivirus before running the junkware removal tool. I'm on it now.

AdwCleaner only shows options of clean or uninstall, not delete. I'll click on clean. Let me know if you want me to run it again clicking uninstall.

broni · 2013/08/13

Clean is fine.

broni · 2013/08/13

There is definitely "Delete" button there:

Barry · 2013/08/13

This program may have solved the problem, as I didn't get a popup when I logged into windowsbbs. I'll continue, but I'm also not seeing the blue highlighted words linked to ads. Here is the log:

# AdwCleaner v3.000 - Report created13/08/2013at20:39:52
# Updated 13/08/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - GIGABYTE790XTA
# Running from : D:\Documents and Settings\Owner\Desktop\adwcleaner.exe

***** [ Services ] *****

[#] Service Deleted : BCUService

***** [ Files / Folders ] *****

Folder Deleted : D:\Program Files\DeviceVM
Folder Deleted : D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\jetpack

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1B6BBC4B-B93C-4ABD-B4AE-FE1D3DAE4646}
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C6300794-F8E6-4805-9B53-E2DF4F09B33F}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\DeviceVM
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
Setting Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

-\\ Mozilla Firefox v23.0 (en-US)

File Deleted : D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\Extensions\hdvc@hdvc.com.xpi
File Deleted : D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\user.js

[ File : D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\prefs.js ]

[OK] No bad entry found.

-\\ Google Chrome v28.0.1500.95

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli

[ File : D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

[OK] No bad entry found.

*************************

AdwCleaner[0].txt - [2704 octets] - [13/08/2013 20:39:52]

########## EOF - D:\AdwCleaner\AdwCleaner[0].txt - [2763 octets] ##########

Barry · 2013/08/13

You have version 2.003, while I used 3.0, which only offers clean and uninstall.

broni · 2013/08/13

That's fine.
Go on...

Barry · 2013/08/13

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.4.5 (08.13.2013:1)
OS: Microsoft Windows XP x86
Ran by Owner on Tue 08/13/2013 at 20:56:28.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

~~~ Files

Successfully deleted: [File] "D:\WINDOWS\couponprinter.ocx "

~~~ Folders

Successfully deleted: [Folder] "D:\Program Files\coupons "

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 08/13/2013 at 20:58:27.32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Barry · 2013/08/13

OTL logfile created on: 8/13/2013 9:04:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.70 Gb Available Physical Memory | 83.26% Memory free
5.09 Gb Paging File | 4.76 Gb Available in Paging File | 93.55% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 3.90 Gb Total Space | 3.87 Gb Free Space | 99.23% Space Free | Partition Type: FAT32
Drive D: | 21.49 Gb Total Space | 4.19 Gb Free Space | 19.52% Space Free | Partition Type: NTFS
Drive E: | 102.60 Gb Total Space | 71.29 Gb Free Space | 69.49% Space Free | Partition Type: NTFS
Drive H: | 3.90 Gb Total Space | 3.70 Gb Free Space | 94.86% Space Free | Partition Type: FAT32
Drive I: | 3.73 Gb Total Space | 3.07 Gb Free Space | 82.41% Space Free | Partition Type: FAT32
Drive J: | 24.41 Gb Total Space | 13.67 Gb Free Space | 56.02% Space Free | Partition Type: NTFS
Drive K: | 120.73 Gb Total Space | 91.29 Gb Free Space | 75.61% Space Free | Partition Type: NTFS
Drive M: | 570.64 Gb Total Space | 553.91 Gb Free Space | 97.07% Space Free | Partition Type: NTFS

Computer Name: GIGABYTE790XTA | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/13 20:31:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2013/07/08 04:28:42 | 000,129,112 | ---- | M] (Sandboxie Holdings, LLC) -- E:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/06/20 17:25:44 | 000,995,176 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) -- D:\Program Files\Browny02\BrYNSvc.exe
PRC - [2010/08/13 18:01:56 | 000,660,576 | ---- | M] (Acronis) -- D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2010/03/25 01:45:44 | 000,495,616 | ---- | M] (Locktime Software) -- E:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
PRC - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- D:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2009/08/24 14:38:06 | 000,068,136 | ---- | M] () -- D:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2009/08/24 14:38:06 | 000,068,136 | ---- | M] () -- D:\Program Files\Gigabyte\EasySaver\essvr.exe
MOD - [2009/03/13 11:30:44 | 000,109,096 | ---- | M] () -- D:\Program Files\Gigabyte\EasySaver\ycc.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- D:\Program Files\Brother\BrUtilities\BrLogAPI.dll

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/08/06 22:18:49 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/11 21:13:10 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/08 04:28:42 | 000,129,112 | ---- | M] (Sandboxie Holdings, LLC) [On_Demand | Running] -- E:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- D:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2011/08/30 15:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- D:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/08/13 18:01:56 | 000,660,576 | ---- | M] (Acronis) [Auto | Running] -- D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/06/22 18:53:03 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/25 01:45:44 | 000,495,616 | ---- | M] (Locktime Software) [Auto | Running] -- E:\Program Files\NetLimiter 2 Monitor\nlsvc.exe -- (nlsvc)
SRV - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- D:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2009/08/24 14:38:06 | 000,068,136 | ---- | M] () [Auto | Running] -- D:\Program Files\Gigabyte\EasySaver\essvr.exe -- (ES lite Service)
SRV - [2007/07/18 15:26:22 | 000,157,000 | ---- | M] (Smith Micro Software, Inc.) [On_Demand | Stopped] -- E:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe -- (Stuffit Archive Name Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\Drivers\neokdss.sys -- (neokdss)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/08/13 19:57:40 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2013/07/08 04:28:40 | 000,159,208 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Running] -- E:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2013/06/27 16:08:43 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\etdrv.sys -- (etdrv)
DRV - [2013/06/27 02:57:42 | 000,118,344 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2012/12/29 13:59:38 | 000,024,184 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- D:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2012/07/31 04:57:15 | 000,078,960 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\BrSerIb.sys -- (BrSerIb)
DRV - [2012/06/21 19:00:20 | 000,018,800 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\BrUsbSib.sys -- (BrUsbSIb)
DRV - [2011/03/18 14:46:26 | 000,061,704 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2011/03/18 14:46:10 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2010/06/14 15:04:30 | 000,021,464 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\sbaphd.sys -- (sbaphd)
DRV - [2010/04/26 19:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/04/26 19:25:20 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2010/04/26 19:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010/04/26 19:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/03/30 23:38:26 | 000,020,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\cpuz133_x32.sys -- (cpuz133)
DRV - [2010/03/25 01:49:06 | 000,082,360 | ---- | M] (Locktime Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\nltdi.sys -- (nltdi)
DRV - [2010/03/12 05:35:48 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- D:\Program Files\Gigabyte\ET6\i386\AODDriver.sys -- (AODDriver)
DRV - [2009/11/20 04:15:18 | 000,137,728 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2009/11/20 04:15:16 | 000,058,880 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2009/11/17 16:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 16:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/10/07 04:26:18 | 000,099,440 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2009/07/28 01:55:00 | 000,143,360 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/04/08 14:46:22 | 000,189,968 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\ahcix86.sys -- (ahcix86)
DRV - [2007/04/16 21:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006/08/15 14:41:16 | 004,368,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2004/09/29 15:35:30 | 000,219,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/09/29 15:34:24 | 000,702,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/09/29 15:33:50 | 001,036,928 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/03/06 14:48:08 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2002/09/16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2001/12/03 12:55:14 | 000,155,264 | ---- | M] (Zoran Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nuvvid2.sys -- (NUVision)
DRV - [2001/12/03 12:55:12 | 000,026,560 | ---- | M] (Zoran Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nuvaud2.sys -- (nuvaud2)
DRV - [2001/08/17 06:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001/08/17 06:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001/08/17 06:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001/08/17 06:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001/08/17 06:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001/08/17 06:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001/08/17 06:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001/08/17 06:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001/08/17 06:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001/02/18 10:09:56 | 000,009,312 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\hp4200c.sys -- (hp4200c)
DRV - [1996/04/03 12:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{671F44B3-CCC7-4285-88E2-C4FA6BD248CC}: "URL" = http://u-search.net/?a=1&e=1&q={searchTerms}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=en
IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\..\SearchScopes\{76AFA6EC-E4D3-42b5-B0F1-26CB69473AF9}: "URL" = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=en&q={searchTerms}
IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\..\SearchScopes\{DBED8560-F5DF-432c-9E70-E61034C0E763}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig?hl=en "
FF - prefs.js..extensions.enabledAddons: %7B1BC9BA34-1EED-42ca-A505-6D2F1A935BBB%7D:4.12.22.2
FF - prefs.js..extensions.enabledAddons: %7BD249FD00-4DF9-11D9-9FDC-0080481ADA61%7D:1.6.3
FF - prefs.js..extensions.enabledAddons: tineye%40ideeinc.com:1.1
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.57
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: E:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: E:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: D:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2013/06/27 13:54:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2013/06/28 19:01:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2013/06/27 13:54:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: D:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: D:\Documents and Settings\Owner\Application Data\IDM\idmmzcc5 [2013/08/12 06:25:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: D:\Documents and Settings\Owner\Application Data\IDM\idmmzcc5 [2013/08/12 06:25:32 | 000,000,000 | ---D | M]

[2010/04/25 19:06:39 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/04/25 19:06:39 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/08/13 20:42:16 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions
[2013/05/19 09:32:15 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2013/07/31 14:48:34 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\trash
[2013/06/24 10:33:42 | 000,126,976 | ---- | M] () (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\elemhidehelper@adblockplus.org.xpi
[2013/06/24 10:33:42 | 000,008,192 | ---- | M] () (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\tineye@ideeinc.com.xpi
[2013/05/19 09:31:35 | 000,021,093 | ---- | M] () (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/07/31 06:37:05 | 000,824,302 | ---- | M] () (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/06/24 10:33:42 | 000,065,536 | ---- | M] () (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}.xpi
[2013/06/27 13:02:00 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2013/06/25 09:31:22 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\browser\extensions
[2013/08/06 22:18:50 | 000,000,000 | ---D | M] (Default) -- D:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/12 06:25:32 | 000,000,000 | ---D | M] (IDM CC) -- D:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\IDM\IDMMZCC5

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/ig
CHR - plugin: Shockwave Flash (Enabled) = D:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = D:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.5 (Enabled) = D:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = D:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = D:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_161.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = E:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: DivX Web Player (Enabled) = E:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: VLC Web Plugin (Enabled) = E:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - Extension: Google Docs = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.3_0\
CHR - Extension: Google Search = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: IDM Integration Module = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_0\
CHR - Extension: NotScripts = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\
CHR - Extension: Gmail = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/08/12 22:17:24 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - D:\Program Files\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [36X Raid Configurer] D:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] D:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [adm_tray.exe] E:\Program Files\Acronis\DriveMonitor\adm_tray.exe (Acronis)
O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrStsMon00] D:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] D:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [hplampc] D:\WINDOWS\system32\hplampc.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IndexSearch] D:\Program Files\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] D:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [MSC] D:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] D:\Program Files\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF5 Registry Controller] D:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] D:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort12reminder] D:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003..\Run: [IDMan] E:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003..\Run: [ISUSPM] D:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003..\Run: [SandboxieControl] E:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] D:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] D:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - Startup: D:\Documents and Settings\Owner\Start Menu\Programs\Startup\Shortcut to speedfan.lnk = E:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append to existing PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Download all links with IDM - E:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - E:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - E:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Open with PDF Viewer Plus - D:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O12 - Plugin for: .spop - D:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1368249840718 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 1.7.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 1.7.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.102.192.10 66.102.193.10 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BEE16D84-509F-44B4-9624-96D26C8510B4}: DhcpNameServer = 66.102.192.10 66.102.193.10 192.168.1.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - D:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - D:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/24 23:55:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2007/07/01 18:32:40 | 000,000,000 | ---- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/13 20:56:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERUNT
[2013/08/13 20:35:14 | 000,000,000 | ---D | C] -- D:\AdwCleaner
[2013/08/13 20:31:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/08/13 20:30:45 | 001,158,897 | ---- | C] (Thisisu) -- D:\Documents and Settings\Owner\Desktop\JRT.exe
[2013/08/13 06:22:28 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Desktop\Malware Fix
[2013/08/12 22:23:33 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2013/08/12 21:25:07 | 000,518,144 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWREG.exe
[2013/08/12 21:25:07 | 000,406,528 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWSC.exe
[2013/08/12 21:25:07 | 000,212,480 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWXCACLS.exe
[2013/08/12 21:25:07 | 000,060,416 | ---- | C] (NirSoft) -- D:\WINDOWS\NIRCMD.exe
[2013/08/12 21:25:00 | 000,000,000 | ---D | C] -- D:\Qoobox
[2013/08/12 21:24:52 | 000,000,000 | ---D | C] -- D:\WINDOWS\erdnt
[2013/08/12 20:37:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
[2013/08/12 16:16:33 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\MRT
[2013/08/12 06:36:36 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Owner\Recent
[2013/08/05 16:56:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Application Data\Zeon
[2013/07/24 23:13:35 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Owner\Application Data\Brother
[2013/07/24 22:53:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\My Documents\My PaperPort Documents
[2013/07/24 22:47:13 | 000,078,960 | R--- | C] (Brother Industries Ltd.) -- D:\WINDOWS\System32\drivers\BrSerIb.sys
[2013/07/24 22:47:13 | 000,018,800 | R--- | C] (Brother Industries Ltd.) -- D:\WINDOWS\System32\drivers\BrUsbSib.sys
[2013/07/24 22:44:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Application Data\ControlCenter4
[2013/07/24 22:35:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Brother
[2013/07/24 22:35:14 | 000,000,000 | ---D | C] -- D:\Brother
[2013/07/24 22:35:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\ControlCenter4
[2013/07/24 22:35:10 | 000,000,000 | ---D | C] -- D:\Program Files\Browny02
[2013/07/24 22:35:03 | 000,225,280 | ---- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BrfxD05c.dll
[2013/07/24 22:34:45 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- D:\WINDOWS\System32\BrDctF2.dll
[2013/07/24 22:34:45 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- D:\WINDOWS\System32\BrDctF2S.dll
[2013/07/24 22:34:45 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- D:\WINDOWS\System32\BrDctF2L.dll
[2013/07/24 22:34:41 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BROSNMP.DLL
[2013/07/24 22:30:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Application Data\InstallShield
[2013/07/24 22:29:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\zeon
[2013/07/24 22:29:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Nuance PaperPort 12
[2013/07/24 22:28:51 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ScanSoft Shared
[2013/07/24 22:28:50 | 000,000,000 | ---D | C] -- D:\Program Files\Nuance
[2013/07/24 22:28:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\My Documents\MyWebPages
[2013/07/24 22:20:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Application Data\FLEXnet
[2013/07/24 22:15:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Documents\BrFaxRx
[2013/07/24 22:14:52 | 000,000,000 | ---D | C] -- D:\Program Files\ControlCenter4
[2013/07/24 22:14:50 | 000,180,224 | R--- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BrMuSNMP.dll
[2013/07/24 22:14:50 | 000,075,264 | R--- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BrNetSti.dll
[2013/07/24 22:14:50 | 000,074,752 | R--- | C] (Brother Industries,Ltd.) -- D:\WINDOWS\System32\BrWiaNCp.dll
[2013/07/24 22:14:50 | 000,051,200 | R--- | C] (Brother Industries,Ltd) -- D:\WINDOWS\System32\Brnsplg.dll
[2013/07/24 22:14:45 | 001,481,216 | ---- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BrWia11a.dll
[2013/07/24 22:14:44 | 000,217,088 | ---- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BrJDec.dll
[2013/07/24 22:14:37 | 000,103,792 | ---- | C] (Brother Industries Ltd) -- D:\WINDOWS\System32\BRRBI100.EXE
[2013/07/24 22:14:37 | 000,050,176 | ---- | C] (Brother Industries Ltd.) -- D:\WINDOWS\System32\BRPRTINK.DLL
[2013/07/24 22:14:36 | 000,077,824 | ---- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BRLMW03A.DLL
[2013/07/24 22:14:36 | 000,025,299 | ---- | C] (Brother Industries, Ltd) -- D:\WINDOWS\System32\BRLM03A.DLL
[2013/07/24 22:14:32 | 000,245,760 | ---- | C] (brother) -- D:\WINDOWS\System32\NSSearch.dll
[2013/07/24 22:14:32 | 000,000,000 | ---D | C] -- D:\Program Files\Brother
[2013/07/24 22:10:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Application Data\Nuance
[2013/07/24 22:10:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\ScanSoft
[2013/07/24 22:09:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Nuance
[2013/07/24 22:08:37 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Brother
[2013/07/17 10:54:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\BurnAware Free
[2013/07/17 08:33:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Application Data\ImgBurn
[2013/07/17 08:22:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\ImgBurn
[2013/07/17 07:53:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Active@ DVD Eraser
[2013/07/14 22:04:58 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DESIGNER
[2013/07/14 22:04:32 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Visual Studio
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/13 20:31:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/08/13 20:31:07 | 001,158,897 | ---- | M] (Thisisu) -- D:\Documents and Settings\Owner\Desktop\JRT.exe
[2013/08/13 20:30:12 | 000,800,594 | ---- | M] () -- D:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/08/13 20:28:02 | 000,000,884 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/13 20:17:15 | 000,000,830 | ---- | M] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/08/13 20:07:32 | 000,000,384 | -H-- | M] () -- D:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/08/13 20:07:26 | 000,000,366 | -H-- | M] () -- D:\WINDOWS\tasks\MpIdleTask.job
[2013/08/13 19:57:35 | 000,000,880 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/13 19:57:28 | 000,013,646 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2013/08/13 19:57:20 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2013/08/12 22:17:24 | 000,000,027 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2013/08/12 17:50:28 | 000,112,640 | ---- | M] () -- D:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/12 16:16:25 | 000,001,945 | ---- | M] () -- D:\WINDOWS\epplauncher.mif
[2013/08/12 06:36:00 | 000,000,045 | ---- | M] () -- D:\WINDOWS\System32\initdebug.nfo
[2013/08/11 07:12:51 | 000,000,691 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/08/08 21:18:35 | 000,000,516 | ---- | M] () -- D:\Documents and Settings\Owner\Desktop\Shortcut to Eviction.lnk
[2013/08/06 22:41:22 | 000,000,116 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2013/08/05 19:48:16 | 000,000,129 | ---- | M] () -- D:\WINDOWS\Brfaxrx.ini
[2013/08/04 05:33:32 | 000,066,968 | ---- | M] () -- D:\Documents and Settings\Owner\Desktop\FideltityStatement07312013.pdf
[2013/08/04 05:32:47 | 000,062,243 | ---- | M] () -- D:\Documents and Settings\Owner\Desktop\Roth Statement06282013.pdf
[2013/08/04 05:23:07 | 000,002,080 | ---- | M] () -- D:\WINDOWS\Sandboxie.ini
[2013/08/03 16:42:40 | 000,000,762 | ---- | M] () -- D:\Documents and Settings\Owner\Application Data\burnaware.ini
[2013/08/01 20:30:22 | 000,001,822 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/07/31 20:40:23 | 000,213,877 | ---- | M] () -- D:\Documents and Settings\Owner\Desktop\ud116.pdf
[2013/07/24 22:57:33 | 000,000,035 | ---- | M] () -- D:\WINDOWS\InfModM.ini
[2013/07/24 22:49:41 | 000,000,156 | ---- | M] () -- D:\WINDOWS\Twunk001.MTX
[2013/07/24 22:49:41 | 000,000,003 | ---- | M] () -- D:\WINDOWS\Twain001.Mtx
[2013/07/24 22:43:45 | 001,585,016 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/24 22:35:47 | 000,000,248 | ---- | M] () -- D:\WINDOWS\Brpfx04a.ini
[2013/07/24 22:35:47 | 000,000,064 | ---- | M] () -- D:\WINDOWS\brpcfx.ini
[2013/07/24 22:35:46 | 000,005,897 | ---- | M] () -- D:\WINDOWS\BRPARAM.INI
[2013/07/24 22:20:27 | 000,000,000 | ---- | M] () -- D:\WINDOWS\Twunk002.MTX
[2013/07/18 20:14:35 | 000,000,522 | ---- | M] () -- D:\Documents and Settings\Owner\Desktop\Shortcut to New Office.lnk
[2013/07/17 08:22:49 | 000,000,649 | ---- | M] () -- D:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2013/07/15 06:37:37 | 000,000,647 | ---- | M] () -- D:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2013/07/15 06:37:33 | 000,477,204 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2013/07/15 06:37:33 | 000,077,568 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/13 20:29:57 | 000,800,594 | ---- | C] () -- D:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/08/12 21:25:07 | 000,256,000 | ---- | C] () -- D:\WINDOWS\PEV.exe
[2013/08/12 21:25:07 | 000,208,896 | ---- | C] () -- D:\WINDOWS\MBR.exe
[2013/08/12 21:25:07 | 000,098,816 | ---- | C] () -- D:\WINDOWS\sed.exe
[2013/08/12 21:25:07 | 000,080,412 | ---- | C] () -- D:\WINDOWS\grep.exe
[2013/08/12 21:25:07 | 000,068,096 | ---- | C] () -- D:\WINDOWS\zip.exe
[2013/08/12 16:26:16 | 000,000,384 | -H-- | C] () -- D:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/08/12 16:26:10 | 000,000,366 | -H-- | C] () -- D:\WINDOWS\tasks\MpIdleTask.job
[2013/08/08 21:18:35 | 000,000,516 | ---- | C] () -- D:\Documents and Settings\Owner\Desktop\Shortcut to Eviction.lnk
[2013/08/04 05:33:31 | 000,066,968 | ---- | C] () -- D:\Documents and Settings\Owner\Desktop\FideltityStatement07312013.pdf
[2013/08/04 05:32:47 | 000,062,243 | ---- | C] () -- D:\Documents and Settings\Owner\Desktop\Roth Statement06282013.pdf
[2013/07/31 20:40:23 | 000,213,877 | ---- | C] () -- D:\Documents and Settings\Owner\Desktop\ud116.pdf
[2013/07/24 22:35:04 | 000,000,129 | ---- | C] () -- D:\WINDOWS\Brfaxrx.ini
[2013/07/24 22:35:03 | 000,000,000 | ---- | C] () -- D:\WINDOWS\brdfxspd.dat
[2013/07/24 22:20:27 | 000,000,156 | ---- | C] () -- D:\WINDOWS\Twunk001.MTX
[2013/07/24 22:20:27 | 000,000,003 | ---- | C] () -- D:\WINDOWS\Twain001.Mtx
[2013/07/24 22:20:27 | 000,000,000 | ---- | C] () -- D:\WINDOWS\Twunk002.MTX
[2013/07/24 22:15:30 | 000,000,248 | ---- | C] () -- D:\WINDOWS\Brpfx04a.ini
[2013/07/24 22:15:30 | 000,000,064 | ---- | C] () -- D:\WINDOWS\brpcfx.ini
[2013/07/24 22:15:23 | 000,005,897 | ---- | C] () -- D:\WINDOWS\BRPARAM.INI
[2013/07/24 22:14:38 | 000,045,056 | ---- | C] () -- D:\WINDOWS\System32\BRTCPCON.DLL
[2013/07/24 22:14:36 | 000,000,114 | ---- | C] () -- D:\WINDOWS\System32\BRLMW03A.INI
[2013/07/18 20:14:35 | 000,000,522 | ---- | C] () -- D:\Documents and Settings\Owner\Desktop\Shortcut to New Office.lnk
[2013/07/17 10:55:39 | 000,000,762 | ---- | C] () -- D:\Documents and Settings\Owner\Application Data\burnaware.ini
[2013/07/17 08:22:49 | 000,000,649 | ---- | C] () -- D:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2013/07/15 06:37:37 | 000,000,647 | ---- | C] () -- D:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2013/05/26 23:21:30 | 000,005,632 | ---- | C] () -- D:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/09 13:56:43 | 000,003,072 | ---- | C] () -- D:\WINDOWS\System32\iacenc.dll
[2013/01/20 08:51:12 | 000,046,456 | R--- | C] () -- D:\WINDOWS\System32\exitwx.exe
[2012/08/24 16:34:19 | 000,000,000 | ---- | C] () -- D:\WINDOWS\AudioCleaning.INI
[2012/08/24 13:45:18 | 000,010,240 | ---- | C] () -- D:\WINDOWS\System32\vidx16.dll
[2012/08/24 13:42:35 | 000,000,097 | ---- | C] () -- D:\WINDOWS\magix.ini
[2012/08/24 13:42:34 | 000,000,730 | ---- | C] () -- D:\WINDOWS\mgxoschk.ini
[2011/10/12 21:44:28 | 000,000,090 | ---- | C] () -- D:\WINDOWS\System32\ftm31.dat
[2011/08/31 22:35:14 | 001,652,927 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1993962763-1708537768-839522115-1003-0.dat
[2011/08/31 22:35:14 | 000,364,354 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/05/01 17:45:03 | 000,112,640 | ---- | C] () -- D:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2010/04/25 10:10:43 | 000,000,227 | RHS- | M] () -- D:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
" " = %SystemRoot%\system32\shdocvw.dll -- [2010/09/09 07:16:30 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
" " = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
" " = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/09/27 11:46:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Acronis
[2012/10/07 21:27:49 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/10/07 21:34:01 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonIJScan
[2012/10/07 21:27:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2013/05/10 22:02:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Cisco Systems
[2013/07/24 22:35:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ControlCenter4
[2013/06/13 05:04:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Firetrust
[2013/05/23 09:21:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\IDM
[2012/12/25 14:07:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Locktime
[2013/07/24 22:30:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Nuance
[2011/02/11 20:19:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Samsung
[2013/07/24 22:29:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/04/25 09:55:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\SMSI
[2011/02/11 20:23:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\V CAST Media Manager
[2013/07/24 22:29:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\zeon

Barry · 2013/08/13

OTL logfile created on: 8/13/2013 9:04:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.70 Gb Available Physical Memory | 83.26% Memory free
5.09 Gb Paging File | 4.76 Gb Available in Paging File | 93.55% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 3.90 Gb Total Space | 3.87 Gb Free Space | 99.23% Space Free | Partition Type: FAT32
Drive D: | 21.49 Gb Total Space | 4.19 Gb Free Space | 19.52% Space Free | Partition Type: NTFS
Drive E: | 102.60 Gb Total Space | 71.29 Gb Free Space | 69.49% Space Free | Partition Type: NTFS
Drive H: | 3.90 Gb Total Space | 3.70 Gb Free Space | 94.86% Space Free | Partition Type: FAT32
Drive I: | 3.73 Gb Total Space | 3.07 Gb Free Space | 82.41% Space Free | Partition Type: FAT32
Drive J: | 24.41 Gb Total Space | 13.67 Gb Free Space | 56.02% Space Free | Partition Type: NTFS
Drive K: | 120.73 Gb Total Space | 91.29 Gb Free Space | 75.61% Space Free | Partition Type: NTFS
Drive M: | 570.64 Gb Total Space | 553.91 Gb Free Space | 97.07% Space Free | Partition Type: NTFS

Computer Name: GIGABYTE790XTA | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/13 20:31:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2013/07/08 04:28:42 | 000,129,112 | ---- | M] (Sandboxie Holdings, LLC) -- E:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/06/20 17:25:44 | 000,995,176 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) -- D:\Program Files\Browny02\BrYNSvc.exe
PRC - [2010/08/13 18:01:56 | 000,660,576 | ---- | M] (Acronis) -- D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2010/03/25 01:45:44 | 000,495,616 | ---- | M] (Locktime Software) -- E:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
PRC - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- D:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2009/08/24 14:38:06 | 000,068,136 | ---- | M] () -- D:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2009/08/24 14:38:06 | 000,068,136 | ---- | M] () -- D:\Program Files\Gigabyte\EasySaver\essvr.exe
MOD - [2009/03/13 11:30:44 | 000,109,096 | ---- | M] () -- D:\Program Files\Gigabyte\EasySaver\ycc.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- D:\Program Files\Brother\BrUtilities\BrLogAPI.dll

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/08/06 22:18:49 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/11 21:13:10 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/08 04:28:42 | 000,129,112 | ---- | M] (Sandboxie Holdings, LLC) [On_Demand | Running] -- E:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- D:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2011/08/30 15:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- D:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/08/13 18:01:56 | 000,660,576 | ---- | M] (Acronis) [Auto | Running] -- D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/06/22 18:53:03 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/25 01:45:44 | 000,495,616 | ---- | M] (Locktime Software) [Auto | Running] -- E:\Program Files\NetLimiter 2 Monitor\nlsvc.exe -- (nlsvc)
SRV - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- D:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2009/08/24 14:38:06 | 000,068,136 | ---- | M] () [Auto | Running] -- D:\Program Files\Gigabyte\EasySaver\essvr.exe -- (ES lite Service)
SRV - [2007/07/18 15:26:22 | 000,157,000 | ---- | M] (Smith Micro Software, Inc.) [On_Demand | Stopped] -- E:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe -- (Stuffit Archive Name Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\Drivers\neokdss.sys -- (neokdss)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/08/13 19:57:40 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2013/07/08 04:28:40 | 000,159,208 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Running] -- E:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2013/06/27 16:08:43 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\etdrv.sys -- (etdrv)
DRV - [2013/06/27 02:57:42 | 000,118,344 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2012/12/29 13:59:38 | 000,024,184 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- D:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2012/07/31 04:57:15 | 000,078,960 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\BrSerIb.sys -- (BrSerIb)
DRV - [2012/06/21 19:00:20 | 000,018,800 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\BrUsbSib.sys -- (BrUsbSIb)
DRV - [2011/03/18 14:46:26 | 000,061,704 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2011/03/18 14:46:10 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2010/06/14 15:04:30 | 000,021,464 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\sbaphd.sys -- (sbaphd)
DRV - [2010/04/26 19:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/04/26 19:25:20 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2010/04/26 19:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010/04/26 19:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/03/30 23:38:26 | 000,020,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\cpuz133_x32.sys -- (cpuz133)
DRV - [2010/03/25 01:49:06 | 000,082,360 | ---- | M] (Locktime Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\nltdi.sys -- (nltdi)
DRV - [2010/03/12 05:35:48 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- D:\Program Files\Gigabyte\ET6\i386\AODDriver.sys -- (AODDriver)
DRV - [2009/11/20 04:15:18 | 000,137,728 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2009/11/20 04:15:16 | 000,058,880 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2009/11/17 16:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 16:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/10/07 04:26:18 | 000,099,440 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2009/07/28 01:55:00 | 000,143,360 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/04/08 14:46:22 | 000,189,968 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\ahcix86.sys -- (ahcix86)
DRV - [2007/04/16 21:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006/08/15 14:41:16 | 004,368,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2004/09/29 15:35:30 | 000,219,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/09/29 15:34:24 | 000,702,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/09/29 15:33:50 | 001,036,928 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/03/06 14:48:08 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2002/09/16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2001/12/03 12:55:14 | 000,155,264 | ---- | M] (Zoran Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nuvvid2.sys -- (NUVision)
DRV - [2001/12/03 12:55:12 | 000,026,560 | ---- | M] (Zoran Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nuvaud2.sys -- (nuvaud2)
DRV - [2001/08/17 06:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001/08/17 06:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001/08/17 06:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001/08/17 06:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001/08/17 06:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001/08/17 06:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001/08/17 06:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001/08/17 06:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001/08/17 06:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001/02/18 10:09:56 | 000,009,312 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\hp4200c.sys -- (hp4200c)
DRV - [1996/04/03 12:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{671F44B3-CCC7-4285-88E2-C4FA6BD248CC}: "URL" = http://u-search.net/?a=1&e=1&q={searchTerms}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=en
IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\..\SearchScopes\{76AFA6EC-E4D3-42b5-B0F1-26CB69473AF9}: "URL" = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=en&q={searchTerms}
IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\..\SearchScopes\{DBED8560-F5DF-432c-9E70-E61034C0E763}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig?hl=en "
FF - prefs.js..extensions.enabledAddons: %7B1BC9BA34-1EED-42ca-A505-6D2F1A935BBB%7D:4.12.22.2
FF - prefs.js..extensions.enabledAddons: %7BD249FD00-4DF9-11D9-9FDC-0080481ADA61%7D:1.6.3
FF - prefs.js..extensions.enabledAddons: tineye%40ideeinc.com:1.1
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.57
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: E:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: E:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: D:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2013/06/27 13:54:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2013/06/28 19:01:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2013/06/27 13:54:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: D:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: D:\Documents and Settings\Owner\Application Data\IDM\idmmzcc5 [2013/08/12 06:25:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: D:\Documents and Settings\Owner\Application Data\IDM\idmmzcc5 [2013/08/12 06:25:32 | 000,000,000 | ---D | M]

[2010/04/25 19:06:39 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/04/25 19:06:39 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/08/13 20:42:16 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions
[2013/05/19 09:32:15 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2013/07/31 14:48:34 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\trash
[2013/06/24 10:33:42 | 000,126,976 | ---- | M] () (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\elemhidehelper@adblockplus.org.xpi
[2013/06/24 10:33:42 | 000,008,192 | ---- | M] () (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\tineye@ideeinc.com.xpi
[2013/05/19 09:31:35 | 000,021,093 | ---- | M] () (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/07/31 06:37:05 | 000,824,302 | ---- | M] () (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/06/24 10:33:42 | 000,065,536 | ---- | M] () (No name found) -- D:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\aznaz484.default-1368980305000\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}.xpi
[2013/06/27 13:02:00 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2013/06/25 09:31:22 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\browser\extensions
[2013/08/06 22:18:50 | 000,000,000 | ---D | M] (Default) -- D:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/12 06:25:32 | 000,000,000 | ---D | M] (IDM CC) -- D:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\IDM\IDMMZCC5

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/ig
CHR - plugin: Shockwave Flash (Enabled) = D:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = D:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.5 (Enabled) = D:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = D:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = D:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = D:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_161.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = E:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: DivX Web Player (Enabled) = E:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: VLC Web Plugin (Enabled) = E:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - Extension: Google Docs = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.3_0\
CHR - Extension: Google Search = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: IDM Integration Module = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_0\
CHR - Extension: NotScripts = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\
CHR - Extension: Gmail = D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/08/12 22:17:24 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - D:\Program Files\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [36X Raid Configurer] D:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] D:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [adm_tray.exe] E:\Program Files\Acronis\DriveMonitor\adm_tray.exe (Acronis)
O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrStsMon00] D:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] D:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [hplampc] D:\WINDOWS\system32\hplampc.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IndexSearch] D:\Program Files\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] D:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [MSC] D:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] D:\Program Files\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF5 Registry Controller] D:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] D:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort12reminder] D:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003..\Run: [IDMan] E:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003..\Run: [ISUSPM] D:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003..\Run: [SandboxieControl] E:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] D:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] D:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - Startup: D:\Documents and Settings\Owner\Start Menu\Programs\Startup\Shortcut to speedfan.lnk = E:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1993962763-1708537768-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append to existing PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Download all links with IDM - E:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - E:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - E:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Open with PDF Viewer Plus - D:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O12 - Plugin for: .spop - D:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1368249840718 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 1.7.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 1.7.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.102.192.10 66.102.193.10 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BEE16D84-509F-44B4-9624-96D26C8510B4}: DhcpNameServer = 66.102.192.10 66.102.193.10 192.168.1.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - D:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - D:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/24 23:55:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2007/07/01 18:32:40 | 000,000,000 | ---- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/13 20:56:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERUNT
[2013/08/13 20:35:14 | 000,000,000 | ---D | C] -- D:\AdwCleaner
[2013/08/13 20:31:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/08/13 20:30:45 | 001,158,897 | ---- | C] (Thisisu) -- D:\Documents and Settings\Owner\Desktop\JRT.exe
[2013/08/13 06:22:28 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Desktop\Malware Fix
[2013/08/12 22:23:33 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2013/08/12 21:25:07 | 000,518,144 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWREG.exe
[2013/08/12 21:25:07 | 000,406,528 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWSC.exe
[2013/08/12 21:25:07 | 000,212,480 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWXCACLS.exe
[2013/08/12 21:25:07 | 000,060,416 | ---- | C] (NirSoft) -- D:\WINDOWS\NIRCMD.exe
[2013/08/12 21:25:00 | 000,000,000 | ---D | C] -- D:\Qoobox
[2013/08/12 21:24:52 | 000,000,000 | ---D | C] -- D:\WINDOWS\erdnt
[2013/08/12 20:37:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
[2013/08/12 16:16:33 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\MRT
[2013/08/12 06:36:36 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Owner\Recent
[2013/08/05 16:56:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Application Data\Zeon
[2013/07/24 23:13:35 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Owner\Application Data\Brother
[2013/07/24 22:53:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\My Documents\My PaperPort Documents
[2013/07/24 22:47:13 | 000,078,960 | R--- | C] (Brother Industries Ltd.) -- D:\WINDOWS\System32\drivers\BrSerIb.sys
[2013/07/24 22:47:13 | 000,018,800 | R--- | C] (Brother Industries Ltd.) -- D:\WINDOWS\System32\drivers\BrUsbSib.sys
[2013/07/24 22:44:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Application Data\ControlCenter4
[2013/07/24 22:35:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Brother
[2013/07/24 22:35:14 | 000,000,000 | ---D | C] -- D:\Brother
[2013/07/24 22:35:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\ControlCenter4
[2013/07/24 22:35:10 | 000,000,000 | ---D | C] -- D:\Program Files\Browny02
[2013/07/24 22:35:03 | 000,225,280 | ---- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BrfxD05c.dll
[2013/07/24 22:34:45 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- D:\WINDOWS\System32\BrDctF2.dll
[2013/07/24 22:34:45 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- D:\WINDOWS\System32\BrDctF2S.dll
[2013/07/24 22:34:45 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- D:\WINDOWS\System32\BrDctF2L.dll
[2013/07/24 22:34:41 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BROSNMP.DLL
[2013/07/24 22:30:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Application Data\InstallShield
[2013/07/24 22:29:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\zeon
[2013/07/24 22:29:21 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Nuance PaperPort 12
[2013/07/24 22:28:51 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ScanSoft Shared
[2013/07/24 22:28:50 | 000,000,000 | ---D | C] -- D:\Program Files\Nuance
[2013/07/24 22:28:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\My Documents\MyWebPages
[2013/07/24 22:20:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Application Data\FLEXnet
[2013/07/24 22:15:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Documents\BrFaxRx
[2013/07/24 22:14:52 | 000,000,000 | ---D | C] -- D:\Program Files\ControlCenter4
[2013/07/24 22:14:50 | 000,180,224 | R--- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BrMuSNMP.dll
[2013/07/24 22:14:50 | 000,075,264 | R--- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BrNetSti.dll
[2013/07/24 22:14:50 | 000,074,752 | R--- | C] (Brother Industries,Ltd.) -- D:\WINDOWS\System32\BrWiaNCp.dll
[2013/07/24 22:14:50 | 000,051,200 | R--- | C] (Brother Industries,Ltd) -- D:\WINDOWS\System32\Brnsplg.dll
[2013/07/24 22:14:45 | 001,481,216 | ---- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BrWia11a.dll
[2013/07/24 22:14:44 | 000,217,088 | ---- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BrJDec.dll
[2013/07/24 22:14:37 | 000,103,792 | ---- | C] (Brother Industries Ltd) -- D:\WINDOWS\System32\BRRBI100.EXE
[2013/07/24 22:14:37 | 000,050,176 | ---- | C] (Brother Industries Ltd.) -- D:\WINDOWS\System32\BRPRTINK.DLL
[2013/07/24 22:14:36 | 000,077,824 | ---- | C] (Brother Industries, Ltd.) -- D:\WINDOWS\System32\BRLMW03A.DLL
[2013/07/24 22:14:36 | 000,025,299 | ---- | C] (Brother Industries, Ltd) -- D:\WINDOWS\System32\BRLM03A.DLL
[2013/07/24 22:14:32 | 000,245,760 | ---- | C] (brother) -- D:\WINDOWS\System32\NSSearch.dll
[2013/07/24 22:14:32 | 000,000,000 | ---D | C] -- D:\Program Files\Brother
[2013/07/24 22:10:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Application Data\Nuance
[2013/07/24 22:10:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\ScanSoft
[2013/07/24 22:09:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Nuance
[2013/07/24 22:08:37 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Brother
[2013/07/17 10:54:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\BurnAware Free
[2013/07/17 08:33:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Owner\Application Data\ImgBurn
[2013/07/17 08:22:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\ImgBurn
[2013/07/17 07:53:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Active@ DVD Eraser
[2013/07/14 22:04:58 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DESIGNER
[2013/07/14 22:04:32 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Visual Studio
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/13 20:31:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/08/13 20:31:07 | 001,158,897 | ---- | M] (Thisisu) -- D:\Documents and Settings\Owner\Desktop\JRT.exe
[2013/08/13 20:30:12 | 000,800,594 | ---- | M] () -- D:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/08/13 20:28:02 | 000,000,884 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/13 20:17:15 | 000,000,830 | ---- | M] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/08/13 20:07:32 | 000,000,384 | -H-- | M] () -- D:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/08/13 20:07:26 | 000,000,366 | -H-- | M] () -- D:\WINDOWS\tasks\MpIdleTask.job
[2013/08/13 19:57:35 | 000,000,880 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/13 19:57:28 | 000,013,646 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2013/08/13 19:57:20 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2013/08/12 22:17:24 | 000,000,027 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2013/08/12 17:50:28 | 000,112,640 | ---- | M] () -- D:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/12 16:16:25 | 000,001,945 | ---- | M] () -- D:\WINDOWS\epplauncher.mif
[2013/08/12 06:36:00 | 000,000,045 | ---- | M] () -- D:\WINDOWS\System32\initdebug.nfo
[2013/08/11 07:12:51 | 000,000,691 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/08/08 21:18:35 | 000,000,516 | ---- | M] () -- D:\Documents and Settings\Owner\Desktop\Shortcut to Eviction.lnk
[2013/08/06 22:41:22 | 000,000,116 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2013/08/05 19:48:16 | 000,000,129 | ---- | M] () -- D:\WINDOWS\Brfaxrx.ini
[2013/08/04 05:33:32 | 000,066,968 | ---- | M] () -- D:\Documents and Settings\Owner\Desktop\FideltityStatement07312013.pdf
[2013/08/04 05:32:47 | 000,062,243 | ---- | M] () -- D:\Documents and Settings\Owner\Desktop\Roth Statement06282013.pdf
[2013/08/04 05:23:07 | 000,002,080 | ---- | M] () -- D:\WINDOWS\Sandboxie.ini
[2013/08/03 16:42:40 | 000,000,762 | ---- | M] () -- D:\Documents and Settings\Owner\Application Data\burnaware.ini
[2013/08/01 20:30:22 | 000,001,822 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/07/31 20:40:23 | 000,213,877 | ---- | M] () -- D:\Documents and Settings\Owner\Desktop\ud116.pdf
[2013/07/24 22:57:33 | 000,000,035 | ---- | M] () -- D:\WINDOWS\InfModM.ini
[2013/07/24 22:49:41 | 000,000,156 | ---- | M] () -- D:\WINDOWS\Twunk001.MTX
[2013/07/24 22:49:41 | 000,000,003 | ---- | M] () -- D:\WINDOWS\Twain001.Mtx
[2013/07/24 22:43:45 | 001,585,016 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/24 22:35:47 | 000,000,248 | ---- | M] () -- D:\WINDOWS\Brpfx04a.ini
[2013/07/24 22:35:47 | 000,000,064 | ---- | M] () -- D:\WINDOWS\brpcfx.ini
[2013/07/24 22:35:46 | 000,005,897 | ---- | M] () -- D:\WINDOWS\BRPARAM.INI
[2013/07/24 22:20:27 | 000,000,000 | ---- | M] () -- D:\WINDOWS\Twunk002.MTX
[2013/07/18 20:14:35 | 000,000,522 | ---- | M] () -- D:\Documents and Settings\Owner\Desktop\Shortcut to New Office.lnk
[2013/07/17 08:22:49 | 000,000,649 | ---- | M] () -- D:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2013/07/15 06:37:37 | 000,000,647 | ---- | M] () -- D:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2013/07/15 06:37:33 | 000,477,204 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2013/07/15 06:37:33 | 000,077,568 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/13 20:29:57 | 000,800,594 | ---- | C] () -- D:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/08/12 21:25:07 | 000,256,000 | ---- | C] () -- D:\WINDOWS\PEV.exe
[2013/08/12 21:25:07 | 000,208,896 | ---- | C] () -- D:\WINDOWS\MBR.exe
[2013/08/12 21:25:07 | 000,098,816 | ---- | C] () -- D:\WINDOWS\sed.exe
[2013/08/12 21:25:07 | 000,080,412 | ---- | C] () -- D:\WINDOWS\grep.exe
[2013/08/12 21:25:07 | 000,068,096 | ---- | C] () -- D:\WINDOWS\zip.exe
[2013/08/12 16:26:16 | 000,000,384 | -H-- | C] () -- D:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/08/12 16:26:10 | 000,000,366 | -H-- | C] () -- D:\WINDOWS\tasks\MpIdleTask.job
[2013/08/08 21:18:35 | 000,000,516 | ---- | C] () -- D:\Documents and Settings\Owner\Desktop\Shortcut to Eviction.lnk
[2013/08/04 05:33:31 | 000,066,968 | ---- | C] () -- D:\Documents and Settings\Owner\Desktop\FideltityStatement07312013.pdf
[2013/08/04 05:32:47 | 000,062,243 | ---- | C] () -- D:\Documents and Settings\Owner\Desktop\Roth Statement06282013.pdf
[2013/07/31 20:40:23 | 000,213,877 | ---- | C] () -- D:\Documents and Settings\Owner\Desktop\ud116.pdf
[2013/07/24 22:35:04 | 000,000,129 | ---- | C] () -- D:\WINDOWS\Brfaxrx.ini
[2013/07/24 22:35:03 | 000,000,000 | ---- | C] () -- D:\WINDOWS\brdfxspd.dat
[2013/07/24 22:20:27 | 000,000,156 | ---- | C] () -- D:\WINDOWS\Twunk001.MTX
[2013/07/24 22:20:27 | 000,000,003 | ---- | C] () -- D:\WINDOWS\Twain001.Mtx
[2013/07/24 22:20:27 | 000,000,000 | ---- | C] () -- D:\WINDOWS\Twunk002.MTX
[2013/07/24 22:15:30 | 000,000,248 | ---- | C] () -- D:\WINDOWS\Brpfx04a.ini
[2013/07/24 22:15:30 | 000,000,064 | ---- | C] () -- D:\WINDOWS\brpcfx.ini
[2013/07/24 22:15:23 | 000,005,897 | ---- | C] () -- D:\WINDOWS\BRPARAM.INI
[2013/07/24 22:14:38 | 000,045,056 | ---- | C] () -- D:\WINDOWS\System32\BRTCPCON.DLL
[2013/07/24 22:14:36 | 000,000,114 | ---- | C] () -- D:\WINDOWS\System32\BRLMW03A.INI
[2013/07/18 20:14:35 | 000,000,522 | ---- | C] () -- D:\Documents and Settings\Owner\Desktop\Shortcut to New Office.lnk
[2013/07/17 10:55:39 | 000,000,762 | ---- | C] () -- D:\Documents and Settings\Owner\Application Data\burnaware.ini
[2013/07/17 08:22:49 | 000,000,649 | ---- | C] () -- D:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2013/07/15 06:37:37 | 000,000,647 | ---- | C] () -- D:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2013/05/26 23:21:30 | 000,005,632 | ---- | C] () -- D:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/09 13:56:43 | 000,003,072 | ---- | C] () -- D:\WINDOWS\System32\iacenc.dll
[2013/01/20 08:51:12 | 000,046,456 | R--- | C] () -- D:\WINDOWS\System32\exitwx.exe
[2012/08/24 16:34:19 | 000,000,000 | ---- | C] () -- D:\WINDOWS\AudioCleaning.INI
[2012/08/24 13:45:18 | 000,010,240 | ---- | C] () -- D:\WINDOWS\System32\vidx16.dll
[2012/08/24 13:42:35 | 000,000,097 | ---- | C] () -- D:\WINDOWS\magix.ini
[2012/08/24 13:42:34 | 000,000,730 | ---- | C] () -- D:\WINDOWS\mgxoschk.ini
[2011/10/12 21:44:28 | 000,000,090 | ---- | C] () -- D:\WINDOWS\System32\ftm31.dat
[2011/08/31 22:35:14 | 001,652,927 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1993962763-1708537768-839522115-1003-0.dat
[2011/08/31 22:35:14 | 000,364,354 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/05/01 17:45:03 | 000,112,640 | ---- | C] () -- D:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2010/04/25 10:10:43 | 000,000,227 | RHS- | M] () -- D:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
" " = %SystemRoot%\system32\shdocvw.dll -- [2010/09/09 07:16:30 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
" " = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
" " = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/09/27 11:46:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Acronis
[2012/10/07 21:27:49 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/10/07 21:34:01 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonIJScan
[2012/10/07 21:27:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2013/05/10 22:02:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Cisco Systems
[2013/07/24 22:35:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ControlCenter4
[2013/06/13 05:04:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Firetrust
[2013/05/23 09:21:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\IDM
[2012/12/25 14:07:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Locktime
[2013/07/24 22:30:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Nuance
[2011/02/11 20:19:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Samsung
[2013/07/24 22:29:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/04/25 09:55:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\SMSI
[2011/02/11 20:23:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\V CAST Media Manager
[2013/07/24 22:29:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\zeon

Barry · 2013/08/13

[2012/09/03 07:35:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Audacity
[2012/10/07 21:34:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Canon
[2013/07/24 22:44:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\ControlCenter4
[2013/08/13 20:34:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\DMCache
[2011/08/31 21:36:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Firetrust
[2013/05/18 12:27:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Groovedown
[2013/05/18 12:27:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Groovedown_Uninstall
[2013/08/12 21:17:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\IDM
[2013/07/17 08:33:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\ImgBurn
[2010/04/27 16:43:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\InterTrust
[2013/06/25 08:41:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\JWrapper-Remote Support
[2012/12/25 23:25:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Locktime
[2013/06/10 06:25:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\MailWasherPro
[2013/07/24 22:53:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Nuance
[2012/01/08 15:03:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Opera
[2012/07/15 12:36:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\OverDrive
[2009/01/01 05:21:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Pointstone
[2010/10/20 23:10:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\SystemRequirementsLab
[2010/04/25 19:06:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Thunderbird
[2013/08/05 16:56:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Owner\Application Data\Zeon

========== Purity Check ==========

< End of report >

Barry · 2013/08/13

OTL Extras logfile created on: 8/13/2013 9:04:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.70 Gb Available Physical Memory | 83.26% Memory free
5.09 Gb Paging File | 4.76 Gb Available in Paging File | 93.55% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 3.90 Gb Total Space | 3.87 Gb Free Space | 99.23% Space Free | Partition Type: FAT32
Drive D: | 21.49 Gb Total Space | 4.19 Gb Free Space | 19.52% Space Free | Partition Type: NTFS
Drive E: | 102.60 Gb Total Space | 71.29 Gb Free Space | 69.49% Space Free | Partition Type: NTFS
Drive H: | 3.90 Gb Total Space | 3.70 Gb Free Space | 94.86% Space Free | Partition Type: FAT32
Drive I: | 3.73 Gb Total Space | 3.07 Gb Free Space | 82.41% Space Free | Partition Type: FAT32
Drive J: | 24.41 Gb Total Space | 13.67 Gb Free Space | 56.02% Space Free | Partition Type: NTFS
Drive K: | 120.73 Gb Total Space | 91.29 Gb Free Space | 75.61% Space Free | Partition Type: NTFS
Drive M: | 570.64 Gb Total Space | 553.91 Gb Free Space | 97.07% Space Free | Partition Type: NTFS

Computer Name: GIGABYTE790XTA | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1 ",%*
.html [@ = Opera.HTML] -- E:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1993962763-1708537768-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1 ",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "E:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"139:TCP" = 139:TCP:*:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabledxpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"139:TCP" = 139:TCP:LocalSubNet:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabledxpsp2res.dll,-22002
"54925:UDP" = 54925:UDP:*:Enabled:BrotherNetwork Scanner

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 -- (Microsoft Corporation)
"D:\Program Files\Bonjour\mDNSResponder.exe" = D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Computer, Inc.)
"E:\Program Files\Opera\opera.exe" = E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"D:\WINDOWS\system32\fxsclnt.exe" = D:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"E:\Program Files\VideoLAN\VLC\vlc.exe" = E:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player 2.0.6 -- (VideoLAN)
"D:\Program Files\Java\jre7\bin\javaw.exe" = D:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"D:\Program Files\Gigabyte\ET6\UpdExe.exe" = D:\Program Files\Gigabyte\ET6\UpdExe.exe:*isabled:Exe File -- (GIGABYTE)
"D:\Program Files\Gigabyte\ET6\GBTUpd.exe" = D:\Program Files\Gigabyte\ET6\GBTUpd.exe:*isabled:GBTUpd.exe -- (GIGABYTE)
"D:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = D:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"E:\Program Files\Brother\Brmfl11b\FAXRX.exe" = E:\Program Files\Brother\Brmfl11b\FAXRX.exe:*:Enabled:FAXRX.EXE -- (Brother Industries, Ltd.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.1214.1
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series" = Canon MG3100 series MP Drivers
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 25
"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{33C83A5F-7149-11D9-BB36-00105A20B8E2}" = Global Wizard
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37C39957-B0B3-40DC-8BA4-2363241159ED}" = LightScribe 1.4.44.1
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Cinfigurer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DADB23F-94E6-4E4D-AFE8-15DE4395E8F3}" = Microsoft Security Client
"{3EE1008C-11A1-4F4F-8DB7-27573924DE78}" = DMIView B8.0717.01
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B13.0509.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6657DA03-A39B-472C-8458-6292E128A3D9}" = MailWasherPro
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12
"{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}" = PaperPort Image Printer
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{706AE61D-40A4-4F50-8359-FE8F6F7FA461}" = Acronis Drive Monitor
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{830F55B6-4398-4B72-A0D8-66397B902C0E}" = Brother MFL-Pro Suite MFC-J5910DW
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8424EF22-44CF-4DD4-B702-FADA3998F4BA}" = StuffIt 11
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8718DC03-D066-4957-94E5-50C3C5042E8E}" = Adobe Creative Suite 3 Master Collection
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{99B98440-4A0D-11D5-8310-0050DABBB21D}" = DVC80
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C0ADF96-20E7-4671-88D2-39B5A307E2A2}" = Pinnacle USB device drivers
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F153AD3-3523-4542-818E-AE2F92249667}" = SAMSUNG USB Driver for Mobile Phones
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A42DF83C-B10C-11D9-BB3C-00105A20B8E2}" = Flash Wizard
"{A45C5EC7-F13E-4414-99BE-47373935C0FE}" = Eraser 6.0.10.2620
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{AE15D0F7-8C2E-4419-97B4-995ED16FBB4E}" = Art Explosion Greeting Card Factory
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D07205E7-F6D3-4333-AFCC-782A07685B72}" = OverDrive Media Console
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB5518BE-F40F-407A-B451-012625D4497B}" = hp deskjet 5600
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3436EE2-D5CB-4249-840B-3A0140CC34C3}" = Classic PhoneTools
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Active@ DVD Eraser v 1.1" = Active@ DVD Eraser v 1.1
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection
"Advanced PDF Repair v2.0" = Advanced PDF Repair v2.0
"All ATI Software" = ATI - Software Uninstall Utility
"Belarc Advisor 2.0" = Belarc Advisor 6.1
"BurnAware Free_is1" = BurnAware Free 6.4
"Canon MG3100 series User Registration" = Canon MG3100 series User Registration
"CCleaner" = CCleaner
"Cisco Connect" = Cisco Connect
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F30&SUBSYS_205514F1" = PCI SoftV92 Modem
"Coupon Printer for Windows5.0.0.3" = Coupon Printer for Windows
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.54
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.15
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]
"Google Chrome" = Google Chrome
"Groovedown" = Groovedown
"HP PrecisionScan LT Software" = HP PrecisionScan LT Software
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B13.0509.1
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"Internet Download Manager" = Internet Download Manager
"IrfanView" = IrfanView (remove only)
"LAME_is1" = LAME v3.99.3 (for Windows)
"MAGIX audio cleaning 3.0" = MAGIX audio cleaning 3.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 23.0 (x86 en-US)" = Mozilla Firefox 23.0 (x86 en-US)
"Mozilla Thunderbird 17.0.8 (x86 en-US)" = Mozilla Thunderbird 17.0.8 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NetLimiter 2 Monitor" = NetLimiter 2 Monitor (remove only)
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opera 12.13.1734" = Opera 12.13
"Precision" = EVGA Precision 1.9.4
"PROR" = Microsoft Office Professional 2007
"PS3 Media Server" = PS3 Media Server
"Sandboxie" = Sandboxie 4.04 (32-bit)
"SpeedFan" = SpeedFan (remove only)
"System Cleaner 5" = System Cleaner 5
"VLC media player" = VLC media player 2.0.7
"WebTime" = WebTime
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/12/2013 3:34:34 PM | Computer Name = GIGABYTE790XTA | Source = Brother BrLog | ID = 1001
Description = TWN BrtTWN: [2013/08/12 12:34:34.640]: [00003648]: Initialize TwdsMain
Class failed!

Error - 8/12/2013 3:36:52 PM | Computer Name = GIGABYTE790XTA | Source = Brother BrLog | ID = 1001
Description = TWN BrtTWN: [2013/08/12 12:36:52.390]: [00002608]: ##### Fatal ERROR!!
Create STI-device failed! #####

Error - 8/12/2013 3:36:52 PM | Computer Name = GIGABYTE790XTA | Source = Brother BrLog | ID = 1001
Description = TWN BrtTWN: [2013/08/12 12:36:52.390]: [00002608]: Initialize TwdsMain
Class failed!

Error - 8/13/2013 12:20:39 AM | Computer Name = GIGABYTE790XTA | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp,
P4 4.3.215.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10
NIL.

Error - 8/13/2013 12:32:27 AM | Computer Name = GIGABYTE790XTA | Source = Brother BrLog | ID = 1001
Description = TWN BrtTWN: [2013/08/12 21:32:27.375]: [00004060]: ##### Fatal ERROR!!
Create STI-device failed! #####

Error - 8/13/2013 12:32:27 AM | Computer Name = GIGABYTE790XTA | Source = Brother BrLog | ID = 1001
Description = TWN BrtTWN: [2013/08/12 21:32:27.375]: [00004060]: Initialize TwdsMain
Class failed!

Error - 8/13/2013 12:49:19 AM | Computer Name = GIGABYTE790XTA | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp,
P4 4.3.215.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10
NIL.

Error - 8/13/2013 5:18:07 PM | Computer Name = GIGABYTE790XTA | Source = Brother BrLog | ID = 1001
Description = TWN BrtTWN: [2013/08/13 14:18:07.859]: [00000176]: ##### Fatal ERROR!!
Create STI-device failed! #####

Error - 8/13/2013 5:18:07 PM | Computer Name = GIGABYTE790XTA | Source = Brother BrLog | ID = 1001
Description = TWN BrtTWN: [2013/08/13 14:18:07.859]: [00000176]: Initialize TwdsMain
Class failed!

Error - 8/13/2013 11:55:52 PM | Computer Name = GIGABYTE790XTA | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp,
P4 4.3.215.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10
NIL.

[ System Events ]
Error - 8/11/2013 11:40:34 AM | Computer Name = GIGABYTE790XTA | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume6'. It has stopped monitoring
the volume.

Error - 8/11/2013 11:41:00 AM | Computer Name = GIGABYTE790XTA | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ahcix86

Error - 8/13/2013 12:25:16 AM | Computer Name = GIGABYTE790XTA | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 8/13/2013 12:28:02 AM | Computer Name = GIGABYTE790XTA | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 8/13/2013 12:30:50 AM | Computer Name = GIGABYTE790XTA | Source = System Error | ID = 1003
Description = Error code 000000ca, parameter1 00000004, parameter2 8a458150, parameter3
00000000, parameter4 00000000.

Error - 8/13/2013 1:14:08 AM | Computer Name = GIGABYTE790XTA | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 8/13/2013 1:14:42 AM | Computer Name = GIGABYTE790XTA | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 8/13/2013 1:15:56 AM | Computer Name = GIGABYTE790XTA | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

< End of report >

broni · 2013/08/13

Run OTL

Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following
Code:
:OTL
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\Drivers\neokdss.sys -- (neokdss)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found


:Services

:Reg

:Files
C:\FRST

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
Then click the [color= "#FF0000"]Run Fix[/color] button at the top

Let the program run unhindered, reboot the PC when it is done

You will get a log that shows the results of the fix. Please post it.

NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.

Last scans....

Download Security Check from here or here and save it to your Desktop.

Double-click SecurityCheck.exe

Follow the onscreen instructions inside of the black box.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

Make sure the following options are checked:

Internet Services

Windows Firewall

System Restore

Security Center

Windows Update

Windows Defender

Other Services

Press "Scan ".

It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

Double click on TFC.exe to run the program.

Click on Start button to begin cleaning process.

TFC will close all running programs, and it may ask you to restart computer.

Please run a free online scan with the ESET Online Scanner

Disable your antivirus program

Tick the box next to YES, I accept the Terms of Use

Click Start

Accept any security warnings from your browser.

Check Scan archives

Click Start

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

When the scan completes, click on List of found threats

Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

NOTE. If Eset won't find any threats, it won't produce any log.

Barry · 2013/08/13

Before I post the log, I wanted to mention I've been having to log on twice each time I come on this site. The first time always shows this error:
Invalid Redirect URL (http://windowsbbs.com/)
It always loads fine when I log in again.

Here is the log:

All processes killed
Error: Unable to interpret <Code:> in the current context!
========== OTL ==========
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
File %SystemRoot%\System32\appmgmts.dll not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service neokdss stopped successfully!
Service neokdss deleted successfully!
File system32\Drivers\neokdss.sys not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service catchme stopped successfully!
Service catchme deleted successfully!
File D:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin\ deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File\Folder C:\FRST not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 9298 bytes
->Temporary Internet Files folder emptied: 49286 bytes

User: Owner
->Temp folder emptied: 2045476 bytes
->Temporary Internet Files folder emptied: 620635 bytes
->Java cache emptied: 1219541 bytes
->FireFox cache emptied: 18695694 bytes
->Google Chrome cache emptied: 10854945 bytes
->Opera cache emptied: 2268 bytes
->Flash cache emptied: 746 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 134651 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 32.00 mb

[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Owner
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Owner
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 08132013_215043

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Barry · 2013/08/14

Results of screen317's Security Check version 0.99.72
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Adobe After Effects CS3 Presets
Microsoft Security Essentials
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
System Cleaner 5
Java 7 Update 25
Adobe Flash Player 11.8.800.94
Adobe Reader 8 Adobe Reader out of Date!
Mozilla Firefox (23.0)
Mozilla Thunderbird (17.0.8)
Google Chrome 28.0.1500.72
Google Chrome 28.0.1500.95
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive D:: 8%
````````````````````End of Log``````````````````````

Barry · 2013/08/14

Farbar Service Scanner Version: 04-08-2013
Ran by Owner (administrator) on 13-08-2013 at 22:06:03
Running from "D:\Documents and Settings\Owner\My Documents\Downloads\Programs "
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

File Check:
========
D:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
D:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
D:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
D:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
D:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
D:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
D:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
D:\WINDOWS\system32\netman.dll => MD5 is legit
D:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
D:\WINDOWS\system32\srsvc.dll => MD5 is legit
D:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
D:\WINDOWS\system32\wscsvc.dll => MD5 is legit
D:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
D:\WINDOWS\system32\wuauserv.dll => MD5 is legit
D:\WINDOWS\system32\qmgr.dll => MD5 is legit
D:\WINDOWS\system32\es.dll => MD5 is legit
D:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
D:\WINDOWS\system32\svchost.exe => MD5 is legit
D:\WINDOWS\system32\rpcss.dll => MD5 is legit
D:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) nltdi(9) PSched(7) Tcpip(4)
0x0D0000000500000001000000020000000300000004000000090000000700000008000000060000000A0000000B0000000C0000000D000000
IpSec Tag value is correct.

**** End of log ****

Barry · 2013/08/14

All has been run, and there are no more logs to post. Let me know tomorrow if there is anything else to do.
Thank you.

broni · 2013/08/14

Eset?

I wanted to mention I've been having to log on twice each time I come on this site. The first time always shows this error:
Invalid Redirect URL (http://windowsbbs.com/)
It always loads fine when I log in again.
Click to expand...

Which browser?
Did you try another browser to see if same thing happens?

Uninstall System Cleaner 5.
Registry cleaners/optimizers are not recommended for several reasons:

Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.

Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry ". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.

Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.

Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.

The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results ".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.

Ed Bott's Webog: Why I don't use registry cleaners

Do I need a Registry Cleaner?

Update Adobe Reader

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB) and install one of two free alternatives:

- Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.

- PDF-XChange Viewer: http://www.tracker-software.com/product/pdf-xchange-viewer

Barry · 2013/08/14

Eset ran and found no problems.
I continue to only have that login problem with Firefox. It doesn't happen with IE or Chrome.
I have no problem uninstalling System Cleaner, as I primarily use Ccleaner. Ccleaner also has a registry cleaner. Is that a problem? Isn't it a good idea to clear uninstalled programs from the registry? Is registry cleaning just an issue for restarting the computer, or does it alter things that are there for a reason?
I generally use Adobe Acrobat 8 Professional for my pdf files. Do I even need Adobe Reader? Also, the Nuance software that came with my Brother MFC-J5910DW includes PDF Viewer Plus.

Log in or Sign up

Solved Survey POPup in Firefox

Barry Geek Member Thread Starter

broni Moderator Malware Analyst

Barry Geek Member Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

broni Moderator Malware Analyst

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

broni Moderator Malware Analyst

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

broni Moderator Malware Analyst

Barry Geek Member Thread Starter

Share This Page

Log in or Sign up

Solved Survey POPup in Firefox

Barry Geek Member Thread Starter

broni Moderator Malware Analyst

Barry Geek Member Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

broni Moderator Malware Analyst

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

broni Moderator Malware Analyst

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

Barry Geek Member Thread Starter

broni Moderator Malware Analyst

Barry Geek Member Thread Starter

Share This Page

Useful Searches