now all of my computers that were logged into chrome at the time are infected.
not sure the name of the trojan/malware but it has hijacked the home page/default search engine of all my browsers and to be honest i have no idea what else it is doing behind the scenes.
I was able to save IE, safari and opera but mozilla and chrome have been hacked and the home page keeps reverting back to btsearch.name custom search.
i have run superAntispyware, karpesky, anitmalerbytes, revo unistaller (to remove the youtube software), ccleaner, and hijack this, including a mcafee virus scan.
i thought i had removed it and saved my home pages, but both chrome and mozilla resort to this link as their home page
here is the OTL.txt log:
OTL logfile created on: 7/26/2012 1:26:34 PM - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Matt Lavine\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.75 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 30.34% Memory free
6.84 Gb Paging File | 1.41 Gb Available in Paging File | 20.57% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 582.97 Gb Total Space | 360.53 Gb Free Space | 61.84% Space Free | Partition Type: NTFS
Drive D: | 13.20 Gb Total Space | 1.81 Gb Free Space | 13.68% Space Free | Partition Type: NTFS
Drive F: | 7.40 Gb Total Space | 5.13 Gb Free Space | 69.34% Space Free | Partition Type: FAT32
Drive G: | 121.98 Mb Total Space | 121.98 Mb Free Space | 100.00% Space Free | Partition Type: FAT
Drive J: | 963.98 Mb Total Space | 903.24 Mb Free Space | 93.70% Space Free | Partition Type: FAT32
Drive K: | 1863.01 Gb Total Space | 543.58 Gb Free Space | 29.18% Space Free | Partition Type: NTFS
Computer Name: DESKNEW | User Name: Matt Lavine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Matt Lavine\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
PRC - C:\Users\Matt Lavine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
PRC - c:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE (Intuit Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Program Files (x86)\mSpot\mSpot\mSpot.exe (mSpot)
PRC - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe ()
PRC - C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe ()
PRC - C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe (Hewlett-Packard Co.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\Matt Lavine\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Matt Lavine\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll ()
MOD - C:\Users\Matt Lavine\AppData\Local\Google\Chrome\Application\20.0.1132.57\libglesv2.dll ()
MOD - C:\Users\Matt Lavine\AppData\Local\Google\Chrome\Application\20.0.1132.57\libegl.dll ()
MOD - C:\Users\Matt Lavine\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll ()
MOD - C:\Users\Matt Lavine\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll ()
MOD - C:\Users\Matt Lavine\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll ()
MOD - C:\Users\Matt Lavine\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\XobniStatistics\63437b37dd91c65e34455bc7c94fb0c8\XobniStatistics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\XobniFeeds\1856cfaf4394587e7876db307146f7f0\XobniFeeds.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Xobni.XMapiAccessor\23e1dbc1a6c81b80d7d18c7fd3b689eb\Xobni.XMapiAccessor.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\XobniPluginAPI\04c83aecdd094215f5cf18cc4da5bb52\XobniPluginAPI.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Utilities\a901ad8c589d35a83b36ba41b9fb2d78\Utilities.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json\b22a8251e2daabedb0b8fb8718f1b334\Newtonsoft.Json.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\dea30f3639ea0e8b2d863a7b936e5520\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\f4265fa5fc3c8a6c87e259436023ea1b\Microsoft.Office.Tools.Outlook.v9.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\899a519ccaf4583f0d88f36ab8fa6814\Microsoft.Office.Tools.Common.v9.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ac245c70eae9c0cd37f8d94a7106c31c\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\51ad304ce7ae5aa72a6afdbce7661195\Microsoft.Office.Tools.v9.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d7f1a24f4ab28ff9859120d65b72d688\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SQLite\83355cdb6536610dcffc083aa913f61b\System.Data.SQLite.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Antlr3.Runtime\30448782b37f6c797547df6eeaf8af89\Antlr3.Runtime.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\office\7c52336a3c131ed0205fd9c77e78fbe7\office.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\dfa88032c9038c1920bc19c83d47bff8\Microsoft.Office.Interop.Outlook.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\stdole\3a0c9c7c4cda95bcea8a2c54a7bc44d0\stdole.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.XobniRdo\a52fb10e6f801a2473bc489ad2b59796\Interop.XobniRdo.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.shdocvw\7ab95c4cdd8fce52814768f72c7367fc\Interop.shdocvw.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\64de6810023adccdc56ddae13bdd6b03\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\cbaa2c3a4e91129440a784827d1d26bb\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\2e2d6d0b6701f8e4fbc68cb9886893fa\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a53d1b5b3a7e93bc689b3608edf2b496\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0849dd848383994c63dc00278f64ddae\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9e09e3a2e9e298d1f4ac9b21d22d86e0\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6c7ccf3f7fa572b45a31097585b9be71\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8dca7c59eac234524898c293abc15952\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a3d7d37ccd26595b9858116ac8e78e42\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\783a4e24531ee190eb826509f8cc2a45\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f2274ef4317d5858acc8c24cc17a97d7\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9e572d1a5f468ae4226d9c74a54dbf5a\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f34410ab8e82063735d876533db26c49\System.AddIn.Contract.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\a90ec436f1d2c5cb0133a53c2e47d61a\System.AddIn.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll ()
MOD - C:\Program Files (x86)\Evernote\Evernote\libtidy.dll ()
MOD - C:\Program Files (x86)\Evernote\Evernote\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL ()
MOD - C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBMAPILibrary.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBCompressor.DLL ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\mbpopup.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\boost_serialization-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\boost_regex-vc90-mt-p-1_33.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\BackupLib.dll ()
MOD - C:\Program Files (x86)\Intuit\QuickBooks 2012\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\LogiShrd\SharedBin\LvApi11.dll ()
MOD - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
MOD - C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll ()
MOD - C:\Program Files (x86)\mSpot\mSpot\ariacoredll.dll ()
MOD - C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL ()
MOD - C:\Program Files (x86)\mSpot\mSpot\ct-libisomedia.dll ()
MOD - C:\Program Files (x86)\mSpot\mSpot\libFLAC.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\SDL.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll ()
MOD - C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll ()
MOD - C:\Windows\assembly\GAC_32\XobniCommon\1.8.3.9098__6298d2d1fcfb5d85\XobniCommon.dll ()
MOD - C:\Windows\assembly\GAC_32\Xobni.XMapiAccessor\1.0.3363.21656__6298d2d1fcfb5d85\Xobni.XMapiAccessor.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.63.0__db937bc2d44ff139\System.Data.SQLite.dll ()
MOD - C:\Windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\office.dll ()
MOD - C:\Windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Extensibility\7.0.3300.0__6298d2d1fcfb5d85\Extensibility.dll ()
MOD - C:\Program Files (x86)\Xobni\XobniMainConnector.dll ()
MOD - C:\Program Files (x86)\Xobni\XobniFailsafeUpdateChecker.dll ()
MOD - C:\Program Files (x86)\Xobni\WindowDriver.dll ()
MOD - C:\Program Files (x86)\Xobni\ManagedAggregator.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll ()
MOD - C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (WDBtnMgrSvc.exe) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe (WDC)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SplashtopRemoteService) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
SRV - (OnlineBackupSchedulerService) -- C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Scheduler\OnlineBackup.SchedulerService.exe ()
SRV - (FilesystemWatcher) -- C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe (DigiData Corp.)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (SSUService) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (QBCFMonitorService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (QBVSS) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.)
SRV - (QBFCService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (dsNcService) -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (XobniService) -- C:\Program Files (x86)\Xobni\XobniService.exe (Xobni Corporation)
SRV - (IntuitUpdateService) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (CLDTVHNService) -- C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ASKService) -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe ()
SRV - (ASKUpgrade) -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (SbieDrv) -- C:\Program Files\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV:64bit: - (dsNcAdpt) -- C:\Windows\SysNative\drivers\dsNcAdpt.sys (Juniper Networks)
DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (mfesmfk) -- C:\Windows\SysNative\drivers\mfesmfk.sys (McAfee, Inc.)
DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\drivers\ctxusbm.sys (Citrix Systems, Inc.)
DRV:64bit: - (mferkdk) -- C:\Windows\SysNative\drivers\mferkdk.sys (McAfee, Inc.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (Ser2pl64) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.)
DRV - (ntk_dtv) -- C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\ntk_dtv_64.sys (Cyberlink Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (Cyberlink Corp.)
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...ion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...ion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{66B45A38-B0CD-424C-888A-A8B8E724BEFE}: "URL" = http://search.live.c...amp;FORM=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...mp;sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{F7C9EB85-0A06-4625-BA1D-269BC3458025}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{66B45A38-B0CD-424C-888A-A8B8E724BEFE}: "URL" = http://search.live.c...amp;FORM=HPDTDF
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...mp;sourceid=ie7
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminen...q={searchTerms}
IE - HKLM\..\SearchScopes\{F7C9EB85-0A06-4625-BA1D-269BC3458025}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {F6AD5BCC-24EB-4236-8C80-D3DAE52E8FF7}
IE - HKCU\..\SearchScopes\{02A0F526-25CF-4FDC-8460-A97DC1C10269}: "URL" = http://search.condui...;ctid=CT2504091
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...amp;FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2A696BCE-44CF-45a4-B905-59CDFA08531A}: "URL" = http://del.icio.us/s...&...s}&type=all
IE - HKCU\..\SearchScopes\{66B45A38-B0CD-424C-888A-A8B8E724BEFE}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...mp;sourceid=ie7
IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminen...q={searchTerms}
IE - HKCU\..\SearchScopes\{c56b368a-69eb-48be-bbb0-c77a94181086}: "URL" = http://btsearch.name...q={searchTerms}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{F6AD5BCC-24EB-4236-8C80-D3DAE52E8FF7}: "URL" = http://www.google.co...m...tPage}&rlz=
IE - HKCU\..\SearchScopes\{F7C9EB85-0A06-4625-BA1D-269BC3458025}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Custom search"
FF - prefs.js..browser.search.selectedEngine: "Custom search"
FF - prefs.js..browser.startup.homepage: "http://btsearch.name"
FF - prefs.js..keyword.URL: "http://btsearch.name"
FF - user.js..browser.search.defaultenginename: "Custom search"
FF - user.js..browser.search.selectedEngine: "Custom search"
FF - user.js..keyword.URL: "http://btsearch.name"
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Matt Lavine\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@palmsource.com/installer,version=1.0: C:\PROGRA~2\Palm\PACKAG~1\NPInstal.dll ()
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Matt Lavine\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Matt Lavine\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Matt Lavine\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/05/14 18:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbphotozoom@installdaddy.com: C:\Program Files (x86)\fbphotozoom\fbphotozoom15.xpi [2012/03/27 15:56:41 | 000,102,423 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/06/22 18:24:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/23 00:11:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/17 17:21:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 3.5 Beta 4\components [2012/03/29 11:12:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 3.5 Beta 4\plugins [2012/06/10 17:54:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Matt Lavine\AppData\Roaming\Move Networks [2010/02/02 16:14:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\1PG4Z2o4@skywebsearch.com: C:\Program Files (x86)\A Youtube Downloader Free\A Youtube Downloader Free.xpi
[2010/02/02 16:14:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Extensions
[2010/02/02 16:14:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\extensions
[2010/02/02 16:14:30 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2012/07/25 01:05:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions
[2010/02/02 16:14:55 | 000,000,000 | ---D | M] (Clear Private Data... +) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{0dd39226-2650-404d-a43d-ffd906b35a9e}
[2010/02/02 16:14:55 | 000,000,000 | ---D | M] (PONG!) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{1368F36C-0370-419a-A408-28F94FD35974}
[2010/07/19 12:24:22 | 000,000,000 | ---D | M] (Googlepedia) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{1ABADB6E-DC4B-11DA-9F70-791A9CD9513E}
[2011/07/19 17:43:58 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2011/02/27 21:18:17 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010/02/02 16:14:58 | 000,000,000 | ---D | M] (Stealther) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{4776510a-a1f4-41f3-a3c8-35b474ecef23}
[2012/07/23 00:11:25 | 000,000,000 | ---D | M] (Personas Rotator) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}
[2010/04/30 15:33:14 | 000,000,000 | ---D | M] (EmailTheWeb.com) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{73c39a20-8768-4a82-8b43-fc9535715c5c}
[2012/06/19 03:17:10 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/05/04 13:53:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/07/22 13:26:27 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/01/14 14:19:24 | 000,000,000 | ---D | M] (Mouseless Browsing) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{c0bcf963-624b-47fe-aa78-8cc02434cf32}
[2011/06/21 15:30:47 | 000,000,000 | ---D | M] (Hebrew Calendar) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{C4A22BA1-6D61-45F1-82A9-140FD33F1110}
[2012/03/27 15:59:19 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2010/02/02 16:15:05 | 000,000,000 | ---D | M] (QuickProxy) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\{d5ea4520-61a1-11da-8cd6-0800200c9a66}
[2010/08/22 17:51:13 | 000,000,000 | ---D | M] (AnyColor) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\anycolor.pavlos256@gmail.com
[2010/06/02 15:28:09 | 000,000,000 | ---D | M] (BarTab) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\bartap@philikon.de
[2010/02/02 16:14:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\cards@clav.mozdev.org
[2010/11/10 14:10:23 | 000,000,000 | ---D | M] (ChaCha Guide App Toolbar) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\chachaguidebar@chacha.com
[2012/02/29 22:31:23 | 000,000,000 | ---D | M] (Click&Clean) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\clickclean@hotcleaner.com
[2011/10/17 11:18:56 | 000,000,000 | ---D | M] (Eraser) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\Eraser@vikram
[2012/07/12 01:18:33 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\firefox@ghostery.com
[2012/06/19 03:02:00 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\foxmarks@kei.com
[2012/06/19 03:17:03 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\foxyproxy@eric.h.jung
[2011/01/25 17:19:44 | 000,000,000 | ---D | M] ("Pacman") -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\pacman@oppermann.ch
[2012/04/28 11:06:04 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\piclens@cooliris.com
[2010/02/02 16:14:50 | 000,000,000 | ---D | M] (The Nethernet) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\pmog@gamelayers.com
[2010/03/04 14:44:47 | 000,000,000 | ---D | M] (Save Complete) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\savecomplete@perlprogrammer.com
[2010/02/02 16:14:51 | 000,000,000 | ---D | M] (Toggle Private Browsing) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\toggleprivatebrowsing@supernova00.biz
[2010/02/02 16:14:51 | 000,000,000 | ---D | M] ("Distrust") -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\trustme@gness.com
[2010/02/02 16:14:55 | 000,000,000 | ---D | M] (Viral Threat Level) -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\extensions\viralthreatlevel@serevinus.com
[2011/12/13 16:05:08 | 000,000,879 | ---- | M] () -- C:\Users\Matt Lavine\AppData\Roaming\Mozilla\Firefox\Profiles\791z1u9t.default\searchplugins\conduit.xml
[2012/02/29 22:27:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/22 18:24:58 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES (X86)\COMMON FILES\MCAFEE\SYSTEMCORE
[2012/05/14 18:14:15 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2011/08/12 02:55:56 | 000,021,093 | ---- | M] () (No name found) -- C:\USERS\MATT LAVINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\791Z1U9T.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}.XPI
[2011/06/29 12:17:05 | 000,031,123 | ---- | M] () (No name found) -- C:\USERS\MATT LAVINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\791Z1U9T.DEFAULT\EXTENSIONS\{2A1D5949-B519-4924-BF62-8522FE0D5274}.XPI
[2011/10/18 10:09:52 | 000,372,140 | ---- | M] () (No name found) -- C:\USERS\MATT LAVINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\791Z1U9T.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
[2012/01/02 16:54:49 | 000,275,540 | ---- | M] () (No name found) -- C:\USERS\MATT LAVINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\791Z1U9T.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
[2012/01/23 14:16:45 | 000,138,614 | ---- | M] () (No name found) -- C:\USERS\MATT LAVINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\791Z1U9T.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2011/10/31 13:01:43 | 000,148,816 | ---- | M] () (No name found) -- C:\USERS\MATT LAVINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\791Z1U9T.DEFAULT\EXTENSIONS\AUTOFILLFORMS@BLUEIMP.NET.XPI
[2011/08/10 12:10:33 | 000,042,771 | ---- | M] () (No name found) -- C:\USERS\MATT LAVINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\791Z1U9T.DEFAULT\EXTENSIONS\MARK@AREYOUWATCHINGTHIS.COM.XPI
[2011/03/24 09:09:37 | 000,330,316 | ---- | M] () (No name found) -- C:\USERS\MATT LAVINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\791Z1U9T.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2012/06/30 02:08:27 | 000,048,468 | ---- | M] () (No name found) -- C:\USERS\MATT LAVINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\791Z1U9T.DEFAULT\EXTENSIONS\PERSONASEXPRESSION@EDDIESCORPSE.PRIVATE.XPI
[2011/07/25 14:15:01 | 000,067,428 | ---- | M] () (No name found) -- C:\USERS\MATT LAVINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\791Z1U9T.DEFAULT\EXTENSIONS\TRACKMENOT@MRL.NYU.EDU.XPI
[2011/03/30 12:34:04 | 000,040,179 | ---- | M] () (No name found) -- C:\USERS\MATT LAVINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\791Z1U9T.DEFAULT\EXTENSIONS\UNDOCLOSEDTABSBUTTON@SUPERNOVA00.BIZ.XPI
[2012/07/23 00:11:09 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/10/13 23:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2010/03/11 01:01:02 | 000,124,272 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2010/03/11 01:02:52 | 000,070,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2010/03/11 01:01:48 | 000,091,504 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2010/03/11 01:01:24 | 000,022,384 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2010/10/06 17:18:35 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/11/10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/06/30 15:01:57 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2010/03/11 01:40:56 | 000,423,248 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2010/10/06 17:18:37 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/06/28 21:01:22 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010/03/11 01:02:48 | 000,023,920 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2012/07/23 00:11:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/12/23 13:02:16 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml
[2012/07/23 00:11:05 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{googl
e:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3.5 Beta 4\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Mozilla Firefox 3.5 Beta 4\plugins\npFoxitReaderPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: PalmSource Package Installer (Enabled) = C:\PROGRA~2\Palm\PACKAG~1\NPInstal.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Matt Lavine\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Delicious Bookmark Bar Sync 1.0 = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\agabedjjbijfpccchcmpfpcdfnlpjkoj\1.0.1.0_1\
CHR - Extension: Angry Birds = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Shortcuts for Google\u2122 = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\baohinapilmkigilbbbcccncoljkdpnd\1.6.4.2_0\
CHR - Extension: 8 Ball Pool = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhljoejlbnebcpflalenbmpnanjbikof\2.0_0\
CHR - Extension: 9 Ball Pool = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmncmephfckdpcmohbdpcnkmchejma\1.0_0\
CHR - Extension: LinkPush = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bldcfmboagkddflfbdgidanpmhiomldp\2.0_0\
CHR - Extension: LinkPush = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bldcfmboagkddflfbdgidanpmhiomldp\2.0_1\
CHR - Extension: Bouncy Mouse = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb\1.2.1_0\
CHR - Extension: Star Legends = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\chcaflnbhnoegjedbjaamecefhglfamc\1.1.1.2_0\
CHR - Extension: Online Guitar Tuner = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnemellbcpjiodfgadpoebbjobfaoiga\1.1.6_0\
CHR - Extension: Street Racers = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\cohkjfondhjjfehnehlpmjpljpihfhfc\1_0\
CHR - Extension: multiNotifier \u2013 for multiple Gmail\u2122 accounts = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcdpjakjgmgklajndnlekpojkelnibfp\0.0.2.1_0\
CHR - Extension: WGT Golf Challenge = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\32.1.0_0\
CHR - Extension: Pirates: Tides of Fortune = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\djlmofcgpnpnhlbkgbpenbecfboohcka\0.88_0\
CHR - Extension: Text This To Me = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkkpcmkomhogkedgllbfmbinhebihlgn\1.5.1_0\
CHR - Extension: Google+ = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.0.1.424_0\
CHR - Extension: CloudMagic - Exchange, Gmail & Twitter Search = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeabeiioncmgphlgcgnmhjahjjmimkmp\1.2.20_0\
CHR - Extension: FTP Free = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdgcfaoankkonoiichmblcfijkomfbn\2.5_0\
CHR - Extension: AppBrain Android market = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgkmaemheeocopibkndllbfmgmlkmpn\1_0\
CHR - Extension: Tennis = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkomjfglgnfeeachhdckcbgjhfiahco\1.9_0\
CHR - Extension: Do Not Track Plus = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd\2.2.0.510_0\
CHR - Extension: Pandora = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0\
CHR - Extension: Private Browsing = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbhgehldmbojedoeglnclpglgoggonjg\0.1_0\
CHR - Extension: SiteAdvisor = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: Springpad = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla\6_0\
CHR - Extension: Planetarium = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp\1.1.1_0\
CHR - Extension: KIDO'Z Games = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghlcchaakmfckfnadbjemimebhpfgmdc\2.7_0\
CHR - Extension: Cut the Rope = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\13_0\
CHR - Extension: Star Wars 3D HD = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnhjclidoajgmiphkbafmeiolkgjhdpp\2_0\
CHR - Extension: Television = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnmomcpoickdoboegggnoillkfmekfjc\1.0_0\
CHR - Extension: TweetDeck = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\1.5.3_0\
CHR - Extension: Farm King = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbgjffonecbloecgdnookagmopcmacfh\1_0\
CHR - Extension: SendTab = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\helfjghkkgfpipmbhpocdkccmephafgb\3.2.1_0\
CHR - Extension: Text4FreeOnline = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfhiboopoofbabnfbcpolfjgbckecbcl\1.1_0\
CHR - Extension: Flood-It! = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\hidcjhphimkfnacedjcnajpmlaegnddp\1.11_0\
CHR - Extension: 2cloud = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkelgkihphkegiaagbcgglfidabmgkgp\2.1.4_0\
CHR - Extension: Evernote Snipping Tool = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmhpjbejpnnaffkpmebeagdiidibjfa\1.3.7.7_0\
CHR - Extension: Tweet Button for Chrome (by Shareaholic) = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\homldgnlpldcmdflhnabedgkgpmeanhd\2.1.0_0\
CHR - Extension: Bubble Shooter = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.0_0\
CHR - Extension: Isoball 3 = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.2.1_0\
CHR - Extension: Cloud Reader = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.0.0.0_0\
CHR - Extension: Google Play Music = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\4.0_0\
CHR - Extension: DarkOrbit = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfellpkdddmaldkbohekiikcmadbdnj\1.0.0_0\
CHR - Extension: Snipe The Spider = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\iododaildpmjeegkeifmaaaehmhaiagi\1_0\
CHR - Extension: Clearly = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj\6.3337.321.633_0\
CHR - Extension: Send to Kindle = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\2.6.4_0\
CHR - Extension: KanMeet = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipogebjapdddlkchpnimcgplonlonkoj\1.4.0.41_0\
CHR - Extension: MeeGenius! Children's Books = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhfhmaajajcjoijfaceafiembkmhcddc\1.1_0\
CHR - Extension: BabyFirstTV = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkpkmpeiddoigoegdminaabfhfbpkofp\1.0_0\
CHR - Extension: Lady Popular = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnamdlacgipmoldlhfgjficjiclhgibm\1.0.8_0\
CHR - Extension: Cargo Bridge = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn\1.5.7_0\
CHR - Extension: Isoball = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejjemnehdnkjkjnjbiilhlpnbliolhf\1.0_0\
CHR - Extension: Little Alchemy = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.12_0\
CHR - Extension: Evernote Web = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\
CHR - Extension: Power Boat = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lecbckbingdlfhpmelgfjamaicniembi\1.0_0\
CHR - Extension: blast billiards 5 = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhihcmbnnheokjmagbmbkjmpnijcpnod\3.2_0\
CHR - Extension: TV for Google Chrome\u2122 = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe\1.8.3_0\
CHR - Extension: WarTime = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkobmjibnppfleogmodpjgocgdbdiikp\1.23_0\
CHR - Extension: Fieldrunners = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak\1.0.0.5_0\
CHR - Extension: Delicious Bookmarks = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnapbapmncaacbfijemonkinanfaebhm\2.0_0\
CHR - Extension: Google Maps = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.4_0\
CHR - Extension: Delicious = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\maegjfahmbklahdfelffbmnkaoicphdm\0.2.2_0\
CHR - Extension: 3D Solar System Web = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd\0.32_0\
CHR - Extension: FlashControl = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe\3.0.7_0\
CHR - Extension: PBS Kids PLAY! = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkmpnidbgboeiebfgmoibgjhopampkj\1.0.3_0\
CHR - Extension: Google Play Books = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.3_0\
CHR - Extension: WGT Golf Game = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb\32.1.0_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.5_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\2.2_0\
CHR - Extension: Baseball (Deluxe) = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbbmhkhnoadhdceaokdofknafciecdea\2.1_0\
CHR - Extension: Nyan Cat = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\neimpplmbdhflkfojgmplkgflkgmodpd\3.0_0\
CHR - Extension: Creachi = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbkjmgalhlgankobfmedplaipmnfhmd\1_0\
CHR - Extension: Carina Nebula Jet Theme = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\npebkpkiddfadallfhefpiphaagcfjdo\1_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: Better History = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb\1.6.0_0\
CHR - Extension: dealspl.us = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\olplonfdcekbkpjnoeecfihlkfdkehbj\0.5.5.16_0\
CHR - Extension: Game Center = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooaacmobbjgefehdfgmajemidjdkkdoo\1.1_0\
CHR - Extension: Bastion = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid\0.0.0.4_0\
CHR - Extension: iCloud = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjfjiepcafjlmaopmmdfcmdjldjfhlki\1.0.0_0\
CHR - Extension: 3D Tennis = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjpokfkdchapbkfpkmeiebmlfafbljla\3.0_0\
CHR - Extension: Sim Air Traffic = C:\Users\Matt Lavine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnihncffcpfoldlenbalioclnbdicfmb\5.0_0\
O1 HOSTS File: ([2012/03/01 23:41:43 | 000,000,740 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120622085025.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CDelHotkeys Object) - {78875F5C-A685-4405-8DC5-D48DC65452B0} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120622085025.dll (McAfee, Inc.)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Reg Error: Value error.) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Delicious Toolbar) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O3 - HKLM\..\Toolbar: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Delicious Toolbar) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NVRaidService] C:\Windows\SysNative\nvraidservice.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.exe (Microsoft)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mSpot] C:\Program Files (x86)\mSpot\mSpot\mSpot.exe (mSpot)
O4 - HKLM..\Run: [Online Backup Auto Update] C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Auto Update\OnlineBackup.UpdateSystemTray.exe ()
O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Vault Explorer Cache Watcher] C:\Program Files (x86)\Cox\Secure Online Backup for Windows\vewatch.exe (DigiData Corp.)
O4 - HKLM..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (WDC)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
O4 - HKCU..\Run: [HP Photosmart 7510 series (NET)] C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Matt Lavine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cox Secure Online Backup for Windows.lnk = C:\Windows\SysWOW64\schtasks.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Matt Lavine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Matt Lavine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Matt Lavine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Delicious - {2C887991-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O9 - Extra Button: Bookmarks - {2C887992-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O9 - Extra Button: Tag - {2C887993-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0BAA0410-CB8F-4A93-B12C-E5E4AE306A68}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0BAA0410-CB8F-4A93-B12C-E5E4AE306A68}: NameServer = 67.90.152.122,67.107.71.186
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{952D8D3A-B987-4E16-805A-426B02BD1BCB}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb5 - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Xobni\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/29 16:28:00 | 000,000,257 | ---- | M] () - F:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{466a59d0-a7db-11df-8c46-00235476a4b3}\Shell - "" = AutoRun
O33 - MountPoints2\{466a59d0-a7db-11df-8c46-00235476a4b3}\Shell\AutoRun\command - "" = "L:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.ac3filter - ac3filter.acm File not found
Drivers32: msacm.enc - C:\Windows\SysWow64\ITIG726.acm (Ingenient Technologies, Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\Windows\SysWow64\ir32_32.dll (Intel® Corporation)
Drivers32: vidc.iv32 - C:\Windows\SysWow64\ir32_32.dll (Intel® Corporation)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/07/26 13:11:34 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Matt Lavine\Desktop\OTL.exe
[2012/07/26 12:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/07/25 17:31:17 | 000,000,000 | ---D | C] -- C:\Users\Matt Lavine\AppData\Roaming\Malwarebytes
[2012/07/25 17:30:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/25 17:30:43 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/25 17:30:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/25 17:23:46 | 000,000,000 | ---D | C] -- C:\Users\Matt Lavine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/07/25 17:23:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/07/25 17:03:52 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/07/25 14:12:50 | 000,000,000 | ---D | C] -- C:\Users\Matt Lavine\AppData\Roaming\SUPERAntiSpyware.com
[2012/07/25 14:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/07/25 14:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/07/25 14:12:21 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/07/25 14:00:00 | 000,000,000 | ---D | C] -- C:\Users\Matt Lavine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/07/25 10:20:29 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/07/25 10:20:29 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/07/25 10:20:28 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/07/25 10:20:28 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/07/25 10:20:27 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/07/25 10:20:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/07/25 10:20:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/07/25 10:20:27 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/07/25 10:20:25 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/07/25 10:20:25 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/07/25 10:20:25 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/07/25 10:20:25 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/07/25 10:20:25 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/07/23 00:11:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/07/23 00:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/07/10 22:55:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/07/10 22:55:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/07/10 22:54:54 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/10 22:54:36 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/07/10 22:54:30 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/07/02 15:11:03 | 000,000,000 | ---D | C] -- C:\Users\Matt Lavine\AppData\Local\{BD52D38F-4F0D-4325-BB9E-32223CCB54AA}
[2012/06/30 01:26:47 | 000,000,000 | ---D | C] -- C:\Users\Matt Lavine\AppData\Local\Macromedia
[2012/06/26 19:05:36 | 000,000,000 | ---D | C] -- C:\Users\Matt Lavine\AppData\Roaming\DigiData
[2012/06/26 19:05:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cox Secure Online Backup for Windows
[2012/06/26 19:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\DigiData
[2012/06/26 19:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cox
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/26 13:14:22 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2012/07/26 13:11:38 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Matt Lavine\Desktop\OTL.exe
[2012/07/26 13:11:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/26 13:06:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3075047637-3246912856-2567676659-1000UA.job
[2012/07/26 12:57:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/26 11:48:05 | 000,001,172 | ---- | M] () -- C:\Users\Matt Lavine\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2012/07/26 11:29:19 | 000,010,048 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/26 11:29:19 | 000,010,048 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/26 11:19:01 | 000,001,946 | ---- | M] () -- C:\Users\Matt Lavine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7510 series (Network).lnk
[2012/07/26 11:18:50 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/26 11:18:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/26 11:18:23 | 334,929,919 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/26 10:47:20 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3075047637-3246912856-2567676659-1000Core1cc076e8ba44f60.job
[2012/07/25 17:30:52 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/25 17:23:46 | 000,003,003 | ---- | M] () -- C:\Users\Matt Lavine\Desktop\HiJackThis.lnk
[2012/07/25 16:32:00 | 000,000,480 | ---- | M] () -- C:\Windows\tasks\COMODO System Cleaner Update.job
[2012/07/25 14:12:27 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/07/25 14:00:00 | 000,001,303 | ---- | M] () -- C:\Users\Matt Lavine\Desktop\Revo Uninstaller.lnk
[2012/07/25 10:57:38 | 000,471,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/12 11:57:15 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/12 11:57:14 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/07/04 23:56:58 | 000,783,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/04 23:56:58 | 000,663,200 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/04 23:56:58 | 000,122,068 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/06/26 19:06:04 | 000,001,762 | ---- | M] () -- C:\Users\Matt Lavine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cox Secure Online Backup for Windows.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/25 17:30:52 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/25 17:23:46 | 000,003,003 | ---- | C] () -- C:\Users\Matt Lavine\Desktop\HiJackThis.lnk
[2012/07/25 14:12:27 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/26 19:06:04 | 000,001,762 | ---- | C] () -- C:\Users\Matt Lavine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cox Secure Online Backup for Windows.lnk
[2012/06/17 17:18:51 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/03/28 12:26:20 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/01/18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/11/29 18:42:28 | 000,005,120 | ---- | C] () -- C:\Users\Matt Lavine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/12 15:51:51 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\LXEEsmr.dll
[2011/06/12 15:51:50 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXEEsm.dll
[2011/01/25 18:09:48 | 000,777,034 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/10/25 13:41:19 | 000,001,708 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2010/06/03 12:56:56 | 000,072,080 | ---- | C] () -- C:\Users\Matt Lavine\g2mdlhlpx.exe
[2010/02/23 14:47:45 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010/01/29 18:04:18 | 000,004,352 | ---- | C] () -- C:\Users\Matt Lavine\AppData\Roaming\Comma Separated Values (Windows).NOT
[2010/01/07 17:32:29 | 000,027,241 | ---- | C] () -- C:\Users\Matt Lavine\AppData\Roaming\Personal Address Book.ADR
[2009/11/05 00:24:55 | 000,038,449 | ---- | C] () -- C:\Users\Matt Lavine\AppData\Roaming\Comma Separated Values (Windows).ADR
[2009/11/05 00:11:47 | 000,012,953 | ---- | C] () -- C:\Users\Matt Lavine\AppData\Roaming\Comma Separated Values (Windows).CAL
[2009/11/04 19:34:27 | 000,011,402 | ---- | C] () -- C:\Users\Matt Lavine\AppData\Roaming\Comma Separated Values (Windows).TSK
[2009/05/04 21:20:00 | 000,012,965 | ---- | C] () -- C:\Users\Matt Lavine\AppData\Roaming\Microsoft Access 97-2003.CAL
========== LOP Check ==========
[2010/02/02 16:13:46 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Any Video Converter
[2010/02/02 16:14:05 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Audacity
[2012/07/25 13:54:26 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Azureus
[2010/07/05 15:49:27 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/07/25 14:02:42 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Delicious IE Extension
[2012/06/26 19:05:36 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\DigiData
[2012/07/26 11:20:58 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Dropbox
[2010/06/30 15:04:13 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Foxit Software
[2010/02/02 16:14:11 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\HotSync
[2011/12/07 14:04:55 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\ICAClient
[2012/03/27 15:59:21 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Iminent
[2010/11/10 18:49:01 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Juniper Networks
[2010/02/02 16:14:11 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Leadertech
[2010/03/17 21:34:50 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\magicJackOutlookAddIn
[2010/02/02 16:15:07 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\OpenCandy
[2010/03/18 11:40:46 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Opera
[2010/02/02 16:15:07 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Participatory Culture Foundation
[2010/02/02 16:15:09 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\PictureMover
[2011/10/23 10:22:45 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Spotify
[2012/01/26 18:38:00 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\TeamViewer
[2012/06/17 17:32:29 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Visan
[2010/02/02 16:15:10 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\webex
[2010/12/20 17:28:24 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\Windows Live Writer
[2012/03/27 15:58:47 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\WinPatrol
[2012/05/06 13:30:40 | 000,000,000 | ---D | M] -- C:\Users\Matt Lavine\AppData\Roaming\XnView
[2009/03/07 12:29:06 | 000,000,456 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2012/04/29 09:32:45 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/04/10 23:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/11/03 08:12:07 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2009/12/01 19:44:35 | 000,000,301 | ---- | M] () -- C:\CLDTCPIPLib.log
[2012/07/26 11:18:23 | 334,929,919 | -HS- | M] () -- C:\hiberfil.sys
[2009/09/13 16:47:31 | 000,291,924 | ---- | M] () -- C:\hpCDE.log
[2009/03/02 17:40:29 | 000,000,183 | ---- | M] () -- C:\LogiSetup.log
[2009/09/13 16:45:29 | 000,000,000 | ---- | M] () -- C:\MMiPodExcept.log
[2009/09/13 16:45:30 | 000,000,000 | ---- | M] () -- C:\MMWMDMExcept.log
[2009/03/02 17:42:38 | 000,535,060 | ---- | M] () -- C:\MSIInstall.log
[2012/07/26 13:47:05 | 1075,838,976 | -HS- | M] () -- C:\pagefile.sys
[2012/07/25 17:04:01 | 000,154,926 | ---- | M] () -- C:\TDSSKiller.2.7.48.0_25.07.2012_16.59.47_log.txt
[2012/06/17 17:20:29 | 000,000,762 | ---- | M] () -- C:\updatedatfix.log
< %systemroot%\Fonts\*.com >
[2009/07/13 22:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 22:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 22:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 22:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/10 13:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2010/09/23 00:32:56 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/07/13 21:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/04/06 16:57:10 | 000,000,344 | -HS- | M] () -- C:\Users\Matt Lavine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2011/03/23 16:59:52 | 000,000,221 | -HS- | M] () -- C:\Users\Matt Lavine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2012/07/26 13:11:38 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Matt Lavine\Desktop\OTL.exe
[2010/07/09 17:39:15 | 011,283,720 | ---- | M] (Nullsoft, Inc.) -- C:\Users\Matt Lavine\Desktop\winamp558_full_emusic-7plus_en-us.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >