For a few days now I have had unwanted audio adds running in the background on my computer. They're like pop-ups without a picture. They run almost constantly--perhaps with a few minutes break. Sometimes multiple adds run all at the same time and sometimes in a foreign lanquage--Spanish I think. Sometimes these adds are very staticy too. I can just turn the sound off and use my computer normally but much of the time I need my speakers on such as when I'm using Skype or trying to watch a video with sound. The unwanted adds just continue in the background making it impossible to enjoy Skype or videos. I have to idea where this problem came from but it got by Microsoft Security Essentials, and the free editions of Super Anti Spyware and Spybot Seach and Destroy I have tried Spy Hunter which I purchased (big mistake) as well as AdwCleaner in a effort to solve this problem but with no success. Other than the "voices" my computer seems to be working just fine--perhaps a little slow but barely noticable. My computer is a Dell Studio 17 laptop and I'm running Wintows Vista. It's about 5 years old so maybe it just needs to be replaced at this point. Thank you for any help or advice you can give me.
Kay
OTL logfile created on: 4/23/2014 11:19:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kay\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 40.31% Memory free
8.13 Gb Paging File | 5.52 Gb Available in Paging File | 67.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.01 Gb Total Space | 175.73 Gb Free Space | 61.01% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 1.46 Gb Free Space | 14.56% Space Free | Partition Type: NTFS
Drive G: | 14.83 Gb Total Space | 14.36 Gb Free Space | 96.82% Space Free | Partition Type: FAT32
Drive H: | 596.02 Gb Total Space | 581.41 Gb Free Space | 97.55% Space Free | Partition Type: FAT32
Computer Name: KAY-PC | User Name: Kay | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2014/04/23 23:08:26 | 000,350,488 | ---- | M] () -- C:\Program Files (x86)\bomlabio\bin\utilbomlabio.exe
PRC - [2014/04/23 22:57:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kay\Desktop\OTL.exe
PRC - [2014/04/23 22:05:15 | 000,350,488 | ---- | M] () -- C:\Program Files (x86)\bomlabio\updatebomlabio.exe
PRC - [2013/11/01 15:11:20 | 000,067,584 | ---- | M] (PasswordBox, Inc.) -- C:\Program Files (x86)\PasswordBox\pbbtnService.exe
PRC - [2012/12/14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 17:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/10/02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/01/26 17:07:52 | 001,058,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/09/15 18:47:36 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2009/08/07 14:32:26 | 000,358,232 | ---- | M] (Creative Home) -- C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2010 Deluxe\Planner\PLNRnote.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/12/17 23:27:22 | 004,823,928 | ---- | M] (Dell Inc. and SightSpeed Inc.) -- C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/09/05 17:17:08 | 000,095,488 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2008/07/04 14:16:58 | 000,132,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe
PRC - [2008/02/19 10:43:30 | 000,438,403 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe
========== Modules (No Company Name) ==========
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/22 11:46:12 | 000,434,016 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2009/02/26 13:46:56 | 000,064,344 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
MOD - [2008/12/17 23:24:14 | 006,510,416 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtGui4.dll
MOD - [2008/12/17 23:24:14 | 001,657,168 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtCore4.dll
MOD - [2008/12/17 23:24:14 | 000,396,112 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtOpenGL4.dll
MOD - [2008/12/17 23:24:14 | 000,366,928 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtNetwork4.dll
MOD - [2008/12/17 23:24:14 | 000,027,472 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\SDL.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/03/30 22:23:42 | 000,127,752 | ---- | M] (SurfRight B.V.) [Auto | Stopped] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2014/01/09 07:15:48 | 001,025,408 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV:64bit: - [2012/07/11 13:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2012/05/10 14:00:00 | 000,608,864 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2011/12/12 00:00:00 | 000,135,824 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\SysNative\EscSvc64.exe -- (EpsonScanSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2008/12/22 05:35:16 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2008/12/22 04:26:38 | 000,281,600 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/12/22 04:26:06 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/01/20 21:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (hpqddsvc)
SRV:64bit: - [2008/01/20 21:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (hpqcxs08)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014/04/23 23:08:26 | 000,350,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\bomlabio\bin\utilbomlabio.exe -- (Util bomlabio)
SRV - [2014/04/23 22:05:15 | 000,350,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\bomlabio\updatebomlabio.exe -- (Update bomlabio)
SRV - [2014/04/16 13:35:07 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/01 15:11:20 | 000,067,584 | ---- | M] (PasswordBox, Inc.) [Auto | Running] -- C:\Program Files (x86)\PasswordBox\pbbtnService.exe -- (PasswordBox)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/12/14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/10/02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/09/05 17:16:54 | 002,340,096 | ---- | M] (Sensible Vision ) [Disabled | Stopped] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014/03/02 04:10:44 | 000,050,976 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/01/07 03:47:06 | 000,014,872 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013/09/15 23:21:09 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2012/12/14 17:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/22 11:01:32 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\EsgScanner.sys -- (EsgScanner)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/02/11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/07/29 00:25:16 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ivusb.sys -- (ivusb)
DRV:64bit: - [2010/03/08 10:03:36 | 000,067,104 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/04/11 00:03:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/03/08 17:06:00 | 000,319,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA001Vid.sys -- (OA001Vid)
DRV:64bit: - [2009/03/06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA001Ufd.sys -- (OA001Ufd)
DRV:64bit: - [2008/12/22 05:34:48 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:64bit: - [2008/12/22 04:26:52 | 000,472,064 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/12/17 04:22:04 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/11/24 03:29:58 | 000,126,464 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2008/08/25 06:26:08 | 000,199,728 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/08/02 16:36:16 | 000,243,840 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\facap.sys -- (FACAP)
DRV:64bit: - [2008/07/17 05:59:12 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2008/07/17 05:59:10 | 000,062,976 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2008/07/17 05:59:08 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2008/07/16 06:50:42 | 000,239,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2008/02/21 03:10:36 | 000,196,992 | ---- | M] (Omnivision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ov550ivx.sys -- (OV550I)
DRV:64bit: - [2008/01/20 21:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express)
DRV:64bit: - [2007/11/14 03:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/07/03 17:05:18 | 000,114,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscdserd.sys -- (sscdserd)
DRV:64bit: - [2007/07/03 17:04:44 | 000,142,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2007/07/03 17:04:16 | 000,016,040 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2007/07/03 17:02:12 | 000,105,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2006/11/02 02:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{62B15CB1-3DAC-4D69-9F14-391078AD261E}: "URL" = https://www.google.c...?q={searchTerms}
IE - HKCU\..\SearchScopes\{CC0D8809-079A-4D6A-A069-D4BB73DED3DA}: "URL" = http://www.google.co...1I7AURU_enUS501
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....?p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.MapsGalaxy_39.com/Plugin: C:\Program Files (x86)\MapsGalaxy_39EI\Installr\1.bin\NP39EISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll ( )
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/10/26 15:49:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2013/10/21 01:18:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta563\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha545\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014/02/05 00:51:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1827\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1253\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9273\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home429\ff
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2013/10/21 01:18:13 | 000,000,000 | ---D | M]
[2013/09/15 21:40:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kay\AppData\Roaming\Mozilla\Extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\BETTERSURF\BETTERSURFPLUS\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAPLAYERV1\MEDIAPLAYERV1ALPHA545\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWERV1\MEDIAVIEWERV1ALPHA1827\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWV1\MEDIAVIEWV1ALPHA1253\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWV1\MEDIAVIEWV1ALPHA9273\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAWATCHV1\MEDIAWATCHV1HOME429\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\VIDEOPLAYERV3\VIDEOPLAYERV3BETA563\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA797\FF
O1 HOSTS File: ([2012/10/30 16:11:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (PasswordBox Helper) - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (FAIESSOHelper Class) - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (InboxDollars) - {47980628-3844-42AA-A0DD-E2D86BBA9600} - C:\Program Files (x86)\InboxDollars\Toolbar.dll File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (InboxDollars) - {47980628-3844-42AA-A0DD-E2D86BBA9600} - C:\Program Files (x86)\InboxDollars\Toolbar.dll File not found
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Driver Manager] C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe (PC Drivers Headquarters)
O4 - HKCU..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\Kay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Kay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jacquie Lawson Circus.lnk = C:\Program Files (x86)\Jacquie Lawson Circus\Jacquie Lawson Circus.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.159.193.40 24.205.224.36 68.190.192.35
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1694DBF-D6C2-4B79-B95C-1E97B7C54433}: DhcpNameServer = 24.159.193.40 24.205.224.36 68.190.192.35
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O24 - Desktop WallPaper: C:\Users\Kay\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kay\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/04/21 21:24:27 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/04/23 23:08:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/04/23 22:56:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kay\Desktop\OTL.exe
[2014/04/22 08:04:42 | 000,000,000 | -HSD | C] -- C:\found.000
[2014/04/21 21:23:47 | 000,000,000 | ---D | C] -- C:\Users\Kay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2014/04/21 21:23:40 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2014/04/21 21:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014/04/21 21:22:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014/04/21 20:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileParade bundle uninstaller
[2014/04/21 13:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\CDB
[2014/04/17 05:03:28 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/04/03 16:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/04/03 16:09:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2014/04/03 15:24:55 | 000,000,000 | ---D | C] -- C:\Users\Kay\AppData\Local\iWebar
[2014/04/03 15:23:55 | 000,000,000 | ---D | C] -- C:\Users\Kay\AppData\Local\pptaddin
[2014/04/03 15:21:01 | 000,000,000 | ---D | C] -- C:\Users\Kay\AppData\Local\CrashRpt
[2014/03/31 22:28:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/03/31 22:28:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/03/30 22:59:09 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2014/03/30 22:23:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2014/03/30 22:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/03/30 22:15:39 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/03/30 21:17:20 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/03/30 20:42:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/23 23:15:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/23 23:05:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/23 23:00:00 | 000,000,788 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 4121856030.job
[2014/04/23 23:00:00 | 000,000,788 | ---- | M] () -- C:\Windows\tasks\Security Center Update - 3420081092.job
[2014/04/23 22:57:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kay\Desktop\OTL.exe
[2014/04/23 22:41:10 | 000,000,081 | ---- | M] () -- C:\Windows\SysNative\sguekpy.vks
[2014/04/23 21:33:08 | 000,000,910 | ---- | M] () -- C:\Users\Kay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jacquie Lawson Circus.lnk
[2014/04/23 21:31:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/23 21:30:56 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/23 21:30:56 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/23 21:30:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/23 21:30:39 | 4251,865,088 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/21 21:24:27 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014/04/21 21:23:47 | 000,002,087 | ---- | M] () -- C:\Users\Kay\Desktop\SpyHunter.lnk
[2014/04/21 13:47:27 | 000,000,163 | ---- | M] () -- C:\Windows\Reimage.ini
[2014/04/21 13:11:40 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2014/04/21 13:11:40 | 000,011,240 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/04/21 13:11:36 | 000,007,962 | ---- | M] () -- C:\Windows\SysNative\bootdelete.lst
[2014/04/20 02:12:52 | 000,303,616 | ---- | M] () -- C:\Users\Kay\Documents\Easter'14 Web.hmk
[2014/04/19 00:35:05 | 000,961,566 | ---- | M] () -- C:\Users\Kay\Documents\Easter '14 Rachel.avi
[2014/04/19 00:34:18 | 000,289,792 | ---- | M] () -- C:\Users\Kay\Documents\Easter '14 Rachel.hmk
[2014/04/19 00:29:39 | 000,099,840 | ---- | M] () -- C:\Users\Kay\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/04/16 18:28:04 | 000,770,374 | ---- | M] () -- C:\Users\Kay\Documents\Easter '14 Everyone.avi
[2014/04/16 18:05:30 | 001,012,062 | ---- | M] () -- C:\Users\Kay\Documents\Easter '14 P & S.avi
[2014/04/16 17:12:58 | 000,191,488 | ---- | M] () -- C:\Users\Kay\Documents\Easter '14 Eurya.hmk
[2014/04/16 16:29:15 | 000,159,232 | ---- | M] () -- C:\Users\Kay\Documents\Easter '14 Helen.hmk
[2014/04/16 16:07:06 | 000,165,888 | ---- | M] () -- C:\Users\Kay\Documents\Easter '14 Cap.hmk
[2014/04/15 14:50:51 | 000,156,672 | ---- | M] () -- C:\Users\Kay\Documents\Easter '14 MJ.hmk
[2014/04/15 14:41:33 | 000,740,864 | ---- | M] () -- C:\Users\Kay\Documents\Easter '14 Starks.hmk
[2014/04/10 17:26:55 | 000,005,053 | ---- | M] () -- C:\Users\Kay\Documents\Koemen Donation '14.mht
[2014/04/06 23:24:50 | 000,334,336 | ---- | M] () -- C:\Users\Kay\Documents\Birthday '14 Jackie 87.hmk
[2014/04/03 16:04:20 | 000,000,000 | ---- | M] () -- C:\END
[2014/03/31 00:49:40 | 000,002,373 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/31 00:08:45 | 000,002,747 | ---- | M] () -- C:\Users\Kay\Application Data\Microsoft\Internet Explorer\Quick Launch\Event Planner 2010.lnk
[2014/03/30 22:29:30 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\uqqzfo.hbj
[2014/03/30 22:29:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\jxxijed.zro
[2014/03/30 22:13:10 | 000,299,344 | --S- | M] () -- C:\Windows\SysNative\pqxyyq.xbl
[2014/03/30 21:28:19 | 000,000,680 | ---- | M] () -- C:\Users\Kay\AppData\Local\d3d9caps.dat
[2014/03/26 23:03:50 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/03/25 22:44:00 | 000,098,304 | ---- | M] () -- C:\Users\Kay\AppData\Roaming\wzbspw.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/23 15:08:15 | 4251,865,088 | -HS- | C] () -- C:\hiberfil.sys
[2014/04/21 23:06:30 | 000,285,747 | ---- | C] () -- C:\shldr
[2014/04/21 23:06:30 | 000,008,192 | ---- | C] () -- C:\shldr.mbr
[2014/04/21 21:24:27 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014/04/21 21:23:53 | 000,022,704 | ---- | C] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2014/04/21 21:23:47 | 000,002,087 | ---- | C] () -- C:\Users\Kay\Desktop\SpyHunter.lnk
[2014/04/21 13:34:54 | 000,000,163 | ---- | C] () -- C:\Windows\Reimage.ini
[2014/04/21 13:11:33 | 000,007,962 | ---- | C] () -- C:\Windows\SysNative\bootdelete.lst
[2014/04/20 02:12:52 | 000,303,616 | ---- | C] () -- C:\Users\Kay\Documents\Easter'14 Web.hmk
[2014/04/19 00:34:18 | 000,289,792 | ---- | C] () -- C:\Users\Kay\Documents\Easter '14 Rachel.hmk
[2014/04/19 00:30:19 | 000,961,566 | ---- | C] () -- C:\Users\Kay\Documents\Easter '14 Rachel.avi
[2014/04/16 18:28:16 | 000,770,374 | ---- | C] () -- C:\Users\Kay\Documents\Easter '14 Everyone.avi
[2014/04/16 18:05:50 | 001,012,062 | ---- | C] () -- C:\Users\Kay\Documents\Easter '14 P & S.avi
[2014/04/16 17:12:58 | 000,191,488 | ---- | C] () -- C:\Users\Kay\Documents\Easter '14 Eurya.hmk
[2014/04/16 16:29:15 | 000,159,232 | ---- | C] () -- C:\Users\Kay\Documents\Easter '14 Helen.hmk
[2014/04/16 16:07:05 | 000,165,888 | ---- | C] () -- C:\Users\Kay\Documents\Easter '14 Cap.hmk
[2014/04/15 14:50:51 | 000,156,672 | ---- | C] () -- C:\Users\Kay\Documents\Easter '14 MJ.hmk
[2014/04/15 14:41:32 | 000,740,864 | ---- | C] () -- C:\Users\Kay\Documents\Easter '14 Starks.hmk
[2014/04/10 17:26:54 | 000,005,053 | ---- | C] () -- C:\Users\Kay\Documents\Koemen Donation '14.mht
[2014/04/06 23:24:50 | 000,334,336 | ---- | C] () -- C:\Users\Kay\Documents\Birthday '14 Jackie 87.hmk
[2014/04/03 15:01:30 | 000,000,000 | ---- | C] () -- C:\END
[2014/03/30 22:59:09 | 000,011,240 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2014/03/30 22:47:48 | 000,000,081 | ---- | C] () -- C:\Windows\SysNative\sguekpy.vks
[2014/03/30 22:29:30 | 000,000,064 | ---- | C] () -- C:\Windows\SysNative\uqqzfo.hbj
[2014/03/30 22:29:30 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\jxxijed.zro
[2014/03/30 22:13:10 | 000,299,344 | --S- | C] () -- C:\Windows\SysNative\pqxyyq.xbl
[2014/03/30 20:12:33 | 000,000,788 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 4121856030.job
[2014/03/29 17:18:41 | 000,000,788 | ---- | C] () -- C:\Windows\tasks\Security Center Update - 3420081092.job
[2014/03/25 22:44:00 | 000,098,304 | ---- | C] () -- C:\Users\Kay\AppData\Roaming\wzbspw.dll
[2014/01/30 01:58:10 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/11/11 01:34:51 | 000,038,442 | ---- | C] () -- C:\Users\Kay\AppData\Roaming\Comma Separated Values (Windows).ADR
[2013/10/21 22:10:19 | 000,000,045 | ---- | C] () -- C:\Windows\WF-2530.ini
[2013/10/20 23:38:15 | 000,146,856 | ---- | C] () -- C:\Windows\hpoins31.dat
[2013/10/19 01:13:10 | 000,020,164 | ---- | C] () -- C:\Windows\hpqins11.dat
[2013/10/01 13:35:01 | 000,000,258 | RHS- | C] () -- C:\Users\Kay\ntuser.pol
[2013/07/31 23:04:23 | 000,000,055 | ---- | C] () -- C:\Users\Kay\AppData\Roaming\mbam.context.scan
[2013/01/25 16:09:05 | 000,178,720 | ---- | C] () -- C:\Program Files (x86)\gtres.dll
[2011/11/15 00:01:41 | 001,493,071 | ---- | C] () -- C:\Users\Kay\Jackie swim.rtf
[2010/11/30 21:42:36 | 000,568,832 | -HS- | C] () -- C:\Users\Kay\ehthumbs_vista.db
[2010/08/03 20:36:26 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Enhance Tuning
[2010/08/03 20:36:26 | 000,000,268 | RH-- | C] () -- C:\Users\Kay\AppData\Roaming\Effects
[2010/08/03 20:36:26 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010/08/03 20:22:14 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Electric Piano
[2010/08/03 20:22:14 | 000,000,268 | RH-- | C] () -- C:\Users\Kay\AppData\Roaming\Dynamic Library
[2010/08/03 20:22:14 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/02/14 23:46:43 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/09/01 00:50:44 | 000,000,680 | ---- | C] () -- C:\Users\Kay\AppData\Local\d3d9caps.dat
[2009/05/09 22:33:25 | 000,099,840 | ---- | C] () -- C:\Users\Kay\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/09 17:55:22 | 000,035,692 | ---- | C] () -- C:\Users\Kay\AppData\Roaming\wklnhst.dat
========== ZeroAccess Check ==========
[2006/11/02 10:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
"" = \\?\globalroot\Device\HarddiskVolume3\Users\Kay\AppData\Local\Temp\skoylxi\siorime\wow.dll
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"" = \\?\globalroot\Device\HarddiskVolume3\Users\Kay\AppData\Local\Temp\skoylxi\siorime\wow.dll
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 12:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 02:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 21:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll
========== LOP Check ==========
[2013/11/25 01:29:39 | 000,000,000 | ---D | M] -- C:\Users\Kay\AppData\Roaming\Epson
[2014/03/16 14:14:55 | 000,000,000 | ---D | M] -- C:\Users\Kay\AppData\Roaming\JLCircus
[2013/10/23 23:49:34 | 000,000,000 | ---D | M] -- C:\Users\Kay\AppData\Roaming\Leader Technologies
[2013/10/21 22:10:25 | 000,000,000 | ---D | M] -- C:\Users\Kay\AppData\Roaming\Leadertech
[2012/02/03 13:47:38 | 000,000,000 | ---D | M] -- C:\Users\Kay\AppData\Roaming\Nikon
[2012/11/01 14:18:32 | 000,000,000 | ---D | M] -- C:\Users\Kay\AppData\Roaming\TeamViewer
[2013/06/20 17:21:14 | 000,000,000 | ---D | M] -- C:\Users\Kay\AppData\Roaming\Template
[2011/08/11 08:56:44 | 000,000,000 | ---D | M] -- C:\Users\Kay\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 877 bytes -> C:\Users\Kay\Documents\Fw_ Frog Leap Test It can be done!!!!!!.eml:OECustomProperty
@Alternate Data Stream - 869 bytes -> C:\Users\Kay\Documents\Grandma Faith's Website _ Circle the Cat.eml:OECustomProperty
@Alternate Data Stream - 841 bytes -> C:\Users\Kay\Documents\Emailing_ Lorraine's salmon loaf.eml:OECustomProperty
@Alternate Data Stream - 797 bytes -> C:\Users\Kay\Documents\Random act of culture.eml:OECustomProperty
@Alternate Data Stream - 781 bytes -> C:\Users\Kay\Documents\Webster's Holiday Greeting.eml:OECustomProperty
@Alternate Data Stream - 781 bytes -> C:\Users\Kay\Documents\I'm Sending You Spring!!.eml:OECustomProperty
@Alternate Data Stream - 777 bytes -> C:\Users\Kay\Documents\Fw_ Happy Easter with cute message.eml:OECustomProperty
@Alternate Data Stream - 669 bytes -> C:\Users\Kay\Documents\Breezy Point map.eml:OECustomProperty
@Alternate Data Stream - 662 bytes -> C:\Users\Kay\Documents\Fw_ In the land that made me, me.eml:OECustomProperty
@Alternate Data Stream - 649 bytes -> C:\Users\Kay\Documents\Camels.eml:OECustomProperty
@Alternate Data Stream - 587 bytes -> C:\Users\Kay\Documents\Helpful Hints.eml:OECustomProperty
@Alternate Data Stream - 559 bytes -> C:\Users\Kay\Documents\Goddess.eml:OECustomProperty
@Alternate Data Stream - 470 bytes -> C:\Users\Kay\Documents\XM 09 letter, email version.eml:OECustomProperty
@Alternate Data Stream - 470 bytes -> C:\Users\Kay\Documents\Email Christmas Letter 2.eml:OECustomProperty
@Alternate Data Stream - 4096 bytes -> C:\Users\Kay\Documents\Christmas '09 email final version.eml:OECustomProperty
@Alternate Data Stream - 1951 bytes -> C:\Users\Kay\Documents\Fwd_ Fw_ For Elvis Fans.eml:OECustomProperty
@Alternate Data Stream - 1659 bytes -> C:\Users\Kay\Documents\Fwd_ Norwegian Royal Guard____AWESOME.eml:OECustomProperty
@Alternate Data Stream - 1352 bytes -> C:\Users\Kay\Documents\Fw_ Bowling.eml:OECustomProperty
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 1029 bytes -> C:\Users\Kay\Documents\Fw_ The Art of Sleeping in a Box.eml:OECustomProperty
< End of report >