OTL logfile created on: 4/19/2013 8:14:18 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Venus Smith\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.80 Gb Total Physical Memory | 2.11 Gb Available Physical Memory | 55.39% Memory free 7.60 Gb Paging File | 5.33 Gb Available in Paging File | 70.10% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.07 Gb Total Space | 308.18 Gb Free Space | 68.32% Space Free | Partition Type: NTFS Computer Name: VENUSSMITH-PC | User Name: Venus Smith | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/04/18 20:38:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Venus Smith\Downloads\OTL.exe PRC - [2013/04/14 20:12:19 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe PRC - [2013/04/14 19:49:30 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013/02/05 10:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe PRC - [2013/01/31 10:11:58 | 000,542,632 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe PRC - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/06/15 18:23:48 | 000,864,664 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2011/06/15 18:23:36 | 001,355,968 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe PRC - [2011/04/23 22:17:26 | 001,994,936 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe PRC - [2011/04/23 22:17:26 | 000,098,488 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe PRC - [2011/04/23 22:17:08 | 002,412,728 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2010/02/09 13:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe PRC - [2009/12/29 16:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe PRC - [2009/12/02 16:49:00 | 000,414,960 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe PRC - [2009/12/02 16:48:00 | 000,347,888 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe PRC - [2009/12/02 16:47:00 | 000,656,624 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe PRC - [2009/08/17 21:09:54 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe PRC - [2009/07/22 08:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe PRC - [2009/06/24 16:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/04/18 19:03:42 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\9e64c6dea847aec2685eec4da29ea9b0\System.Web.Services.ni.dll MOD - [2013/04/18 19:03:05 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll MOD - [2013/04/14 20:12:18 | 016,032,648 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll MOD - [2013/04/14 19:49:29 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013/01/22 10:34:26 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\ee4683cbfd60ee35d95e2e6d32fc3981\System.Management.ni.dll MOD - [2013/01/19 15:59:52 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0aeaf4f1629dbe8eafc8f47b1795b18a\PresentationFramework.Aero.ni.dll MOD - [2013/01/19 15:59:14 | 014,325,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\36b839247bd1d22a7fd014a74abe9729\PresentationFramework.ni.dll MOD - [2013/01/19 15:58:40 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll MOD - [2013/01/19 15:58:33 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\549690bfac66934b7c7fd5cf8b120b7c\PresentationCore.ni.dll MOD - [2013/01/19 15:58:11 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll MOD - [2013/01/19 15:58:02 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll MOD - [2013/01/19 15:57:53 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8b5eb81362a896af2c70f97502f42013\System.Configuration.ni.dll MOD - [2013/01/19 15:57:49 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll MOD - [2013/01/19 15:57:34 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll MOD - [2011/04/24 19:16:13 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll MOD - [2011/04/23 22:18:10 | 000,100,208 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll MOD - [2011/04/23 22:17:32 | 000,062,136 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll MOD - [2011/04/23 22:16:44 | 000,250,552 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll MOD - [2010/02/09 13:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe MOD - [2010/02/09 13:34:00 | 000,275,776 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll MOD - [2010/02/09 13:34:00 | 000,152,896 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll MOD - [2010/02/09 13:34:00 | 000,095,552 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll MOD - [2010/02/09 13:34:00 | 000,017,728 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll MOD - [2009/12/02 16:49:00 | 000,414,960 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe MOD - [2009/12/02 16:48:00 | 000,079,088 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll MOD - [2009/12/02 16:47:00 | 001,123,568 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll MOD - [2009/12/02 16:47:00 | 000,234,736 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll MOD - [2009/12/02 16:47:00 | 000,128,240 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll MOD - [2009/12/02 16:47:00 | 000,121,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll MOD - [2009/12/02 16:47:00 | 000,115,952 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll MOD - [2009/12/02 16:47:00 | 000,111,856 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll MOD - [2009/12/02 16:47:00 | 000,074,992 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll MOD - [2009/12/02 16:47:00 | 000,025,840 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll MOD - [2009/12/02 16:47:00 | 000,025,840 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll MOD - [2009/12/02 16:47:00 | 000,025,840 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll MOD - [2009/11/13 16:15:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll MOD - [2009/07/22 08:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,245,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,200,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,149,032 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp) SRV:[b]64bit:[/b] - [2010/10/07 21:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy) SRV:[b]64bit:[/b] - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc) SRV:[b]64bit:[/b] - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV:[b]64bit:[/b] - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV:[b]64bit:[/b] - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV:[b]64bit:[/b] - [2009/08/17 21:09:52 | 000,868,128 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2009/07/16 20:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc) SRV:[b]64bit:[/b] - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV:[b]64bit:[/b] - [2009/03/31 01:01:34 | 000,092,160 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV - [2013/04/14 20:33:37 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/04/14 19:49:29 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/02/05 10:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService) SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/06/15 13:26:32 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service) SRV - [2011/06/15 18:23:36 | 001,355,968 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2011/04/23 22:17:08 | 002,412,728 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService) SRV - [2010/04/13 03:23:31 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/12/02 16:47:00 | 000,656,624 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService) SRV - [2009/09/23 21:59:36 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC) SRV - [2009/06/23 16:02:42 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/05 19:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013/04/14 19:51:09 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto) DRV:[b]64bit:[/b] - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,529,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk) DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,441,328 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek) DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk) DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk) DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk) DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,094,864 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet) DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk) DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids) DRV:[b]64bit:[/b] - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2010/06/06 19:42:18 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd) DRV:[b]64bit:[/b] - [2009/10/25 23:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:[b]64bit:[/b] - [2009/10/12 12:26:00 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Acceler.sys -- (Acceler) DRV:[b]64bit:[/b] - [2009/10/07 19:37:50 | 007,749,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009/10/01 05:51:12 | 000,166,528 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATMFNVsp.sys -- (ATMFNVsp) DRV:[b]64bit:[/b] - [2009/10/01 05:51:12 | 000,166,528 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATMFMdm.sys -- (ATMFMdm) DRV:[b]64bit:[/b] - [2009/10/01 05:51:12 | 000,166,528 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATMFCVsp.sys -- (ATMFCVsp) DRV:[b]64bit:[/b] - [2009/10/01 05:51:12 | 000,133,632 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATMFNET.sys -- (ATMFNET) DRV:[b]64bit:[/b] - [2009/10/01 05:51:12 | 000,063,488 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATMFBUS.sys -- (ATMFBUS) DRV:[b]64bit:[/b] - [2009/10/01 05:51:12 | 000,015,872 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATMFFLT.sys -- (ATMFFLT) DRV:[b]64bit:[/b] - [2009/10/01 05:51:10 | 000,166,528 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATMFVsp.sys -- (ATMFVsp) DRV:[b]64bit:[/b] - [2009/09/25 18:42:58 | 000,233,984 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:[b]64bit:[/b] - [2009/09/03 05:15:26 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2009/08/20 02:34:38 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:[b]64bit:[/b] - [2009/07/23 12:57:48 | 000,018,792 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdflt.sys -- (stdflt) DRV:[b]64bit:[/b] - [2009/07/16 22:14:00 | 000,220,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b]64bit:[/b] - [2009/07/16 20:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY) DRV:[b]64bit:[/b] - [2009/07/16 20:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/06/30 23:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2009/06/30 23:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2009/06/30 23:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2009/06/15 13:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt) DRV:[b]64bit:[/b] - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/04/07 02:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2008/09/24 20:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP) DRV:[b]64bit:[/b] - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2AC04309-43BF-40F0-BAF6-197CF70B60CB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=2&sr=0&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=2&sr=0&q={searchTerms} IE - HKLM\..\SearchScopes\{E56C29DA-F548-4331-BD11-EF2420FB93ED}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} IE - HKCU\..\SearchScopes\{26BEB746-2D89-4EEB-8FD3-0A73C6029AE1}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=6pccb-WlDyyOSL_gyJ8JZ8XAxxo?q={searchTerms} IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=2&sr=0&q={searchTerms} IE - HKCU\..\SearchScopes\{E56C29DA-F548-4331-BD11-EF2420FB93ED}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Search Results" FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-type: "${8}" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.com/" FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:2.5.9.20130409112616 FF - prefs.js..extensions.enabledAddons: %7B87934c42-161d-45bc-8cef-ef18abe2a30c%7D:2.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:4.9 FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.9 FF - prefs.js..extensions.enabledItems: fassoxpcom@sensiblevision.com:1.29 FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.1.195 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31 FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=20&systemid=2&sr=0&q=" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Venus Smith\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( ) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fassoxpcom@sensiblevision.com: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2011/05/22 15:22:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/01/06 17:48:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2012/03/13 14:41:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/14 19:53:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/18 19:45:26 | 000,000,000 | ---D | M] [2011/12/31 19:27:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Venus Smith\AppData\Roaming\Mozilla\Extensions [2013/04/14 20:09:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Venus Smith\AppData\Roaming\Mozilla\Firefox\Profiles\ned3avdy.default\extensions [2013/04/14 19:43:23 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Venus Smith\AppData\Roaming\Mozilla\Firefox\Profiles\ned3avdy.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013/04/14 19:53:33 | 000,000,000 | ---D | M] (Ad-Aware Security Add-on) -- C:\Users\Venus Smith\AppData\Roaming\Mozilla\Firefox\Profiles\ned3avdy.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2013/04/14 19:53:40 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\Venus Smith\AppData\Roaming\Mozilla\Firefox\Profiles\ned3avdy.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2011/06/01 17:14:30 | 000,001,832 | ---- | M] () -- C:\Users\Venus Smith\AppData\Roaming\Mozilla\Firefox\Profiles\ned3avdy.default\searchplugins\bing.xml [2011/11/29 16:29:59 | 000,002,513 | ---- | M] () -- C:\Users\Venus Smith\AppData\Roaming\Mozilla\Firefox\Profiles\ned3avdy.default\searchplugins\Search_Results.xml [2012/12/02 19:18:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/04/14 19:49:30 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010/10/13 23:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll [2012/03/06 16:17:26 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2013/04/14 19:49:27 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011/11/29 16:29:59 | 000,002,513 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml [2013/04/14 19:49:27 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: http://search.bearshare.com O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110301183506.dll (McAfee, Inc.) O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O2:[b]64bit:[/b] - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision ) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110301183506.dll (McAfee, Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision ) O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - !{F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe () O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe () O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found O4 - HKLM..\Run: [FAStartup] File not found O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision ) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks) O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe () O4 - Startup: C:\Users\Venus Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O12 - Plugin for: .spop - C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1365988481653 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1365988439104 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92109D1F-4F0B-4A3C-99F4-324A04C808BB}: DhcpNameServer = 208.180.42.68 208.180.42.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C59BBBFE-3085-4D83-A9B3-7F4709A28655}: DhcpNameServer = 192.168.2.1 O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GO36F4~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll () O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{f65a02f9-54a4-11df-9414-c417fe1f6f20}\Shell - "" = AutoRun O33 - MountPoints2\{f65a02f9-54a4-11df-9414-c417fe1f6f20}\Shell\AutoRun\command - "" = E:\start.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/04/18 20:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2013/04/18 19:58:19 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\ElevatedDiagnostics [2013/04/14 20:12:49 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\Macromedia [2013/04/14 20:12:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2013/04/14 19:57:58 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Roaming\Roxio Log Files [2013/04/14 19:54:49 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Roaming\LavasoftStatistics [2013/04/14 19:53:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2013/04/14 19:53:46 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars [2013/04/14 19:53:46 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\adawarebp [2013/04/14 19:53:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection [2013/04/14 19:53:44 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Roaming\vlc [2013/04/14 19:53:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner [2013/04/14 19:53:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013/04/14 19:53:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb [2013/04/14 19:52:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2013/04/14 19:51:09 | 000,047,496 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe [2013/04/14 19:51:09 | 000,014,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys [2013/04/14 19:51:07 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Roaming\Ad-Aware Antivirus [2013/04/14 19:01:07 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{013CC638-9750-437F-8DF3-6048884F78D4} [2013/04/13 22:22:13 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\Desktop\Movies [2013/04/11 15:08:56 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{64734F4F-BF73-4244-A15F-F6574CC96296} [2013/04/11 14:37:41 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{23707CC2-F5D8-41CD-AF52-590A420A0E41} [2013/04/11 13:57:08 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{68736C02-7CED-412C-B7E9-65B9575D39CB} [2013/04/11 13:50:22 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{D923D7BD-4FA5-475C-9261-F183AD507E64} [2013/04/11 13:49:27 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{64712D3E-50B2-4282-8CA0-FDAB0F7E8DC7} [2013/04/11 12:41:43 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{B5999109-3F26-4E49-AF90-E2CA25E39634} [2013/04/11 12:41:19 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{9195F217-A70E-49A1-B4B7-E14D9512498A} [2013/04/11 12:08:36 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{42336266-A09B-42B2-A427-7E1173034678} [2013/04/11 12:07:52 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{68E75705-F83B-4C40-8E69-574FD55CC6E1} [2013/04/11 12:07:21 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{2F2DEA54-6313-4EDB-A947-EADEDFB55066} [2013/04/11 12:06:52 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{AA9F160E-BA73-42D8-B181-4E9F74CBB348} [2013/04/10 17:14:21 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{0B7D76DC-290E-4764-AE8A-E0AAAD748059} [2013/04/10 16:34:32 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{F6909A09-EE0B-4532-BD3F-D2433770FFDD} [2013/04/10 12:26:44 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{60AA16D8-40D4-4839-900A-98906A09531D} [2013/04/10 12:04:23 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{34CFB550-5302-4836-A64E-79CEA102803F} [2013/04/10 12:03:58 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{50ABC4D7-B336-4672-9F81-5902138C67A8} [2013/04/10 11:41:23 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{346096CD-AFFA-4358-BFA6-2619B1E58DB8} [2013/04/10 11:35:02 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{34436F7D-7AA4-48CA-9D7C-C0372FAA97FB} [2013/04/10 11:26:35 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{DA66FD1C-212E-415E-8BE6-40EA492C1672} [2013/04/10 10:52:42 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{4E235FDC-8FA3-4DED-8DE5-298ADEE5652A} [2013/04/10 10:19:58 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{006D447D-73FC-41E3-AC2F-FFB3F0B4B0D4} [2013/04/10 09:32:21 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{4557FCC4-10D3-45A4-BF97-215BD2016872} [2013/04/07 17:09:04 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{EC3E0018-EF6A-4251-B0FE-51034F751DE5} [2013/04/07 16:53:05 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{F9967A7B-445C-45BE-8C7C-D523D6BC16FE} [2013/04/07 16:40:58 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{7B8F3DAD-267C-4215-8F19-92F0BB848503} [2013/04/01 23:48:09 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{38110BB1-23E6-4F83-ACAF-CA4B307BEF15} [2013/04/01 23:47:36 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{1D568E22-2687-4F66-B166-FF629F5E65BA} [2013/04/01 23:22:42 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{483C96D0-E9D8-47A1-8561-5D137C8AFD24} [2013/04/01 22:55:59 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{B673F594-1DAF-430D-B13D-96D5E450F0A3} [2013/04/01 22:54:08 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{A7ED99FD-9A24-472B-9D00-D03BC44FCDC2} [2013/04/01 22:50:50 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{308A062B-C2B1-4376-9E18-6D1E56C43FE4} [2013/04/01 22:48:34 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{025A0B03-7AB4-4D76-B203-B6BED86538A1} [2013/04/01 20:42:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2013/04/01 20:41:53 | 000,000,000 | ---D | C] -- C:\b9e26732f75c98ac11e0 [2013/04/01 20:40:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013/04/01 20:39:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013/04/01 20:39:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013/04/01 13:23:26 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{A5B614CD-EED4-40D1-BB34-6A3DBC1ECD4F} [2013/04/01 12:50:51 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{17D2846C-074F-462B-BDAB-60F8A356810B} [2013/04/01 12:50:30 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{364B96FE-35D2-4236-A75D-DFEB2E1BC39A} [2013/04/01 12:50:11 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{D90BEDD4-210B-463F-B50B-E48B54E52C6A} [2013/04/01 12:49:17 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{7A65D9C6-5476-4342-85D4-8AAF9E9AAA04} [2013/04/01 12:15:27 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{CDDB0AEC-D6E0-49B8-B2FA-5A0C332AC856} [2013/04/01 12:13:47 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{2AD39AD9-A2A4-47DB-9B51-ADD2E4D80500} [2013/04/01 12:13:24 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{202940D3-3D3A-48FE-A2CD-94089F02183C} [2013/04/01 10:18:11 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{A4FAECDC-2604-4428-8E9D-F00A4AB011C3} [2013/04/01 08:58:52 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{7A85CA47-9E5D-44EE-95DC-0DA294BCA2DD} [2013/04/01 08:57:42 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{6DE4C180-0D60-410D-9C47-A3EFA7A71370} [2013/04/01 08:56:45 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{9D4E60FF-7183-4590-8888-A8A3A73FD735} [2013/04/01 08:52:09 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{15BEAA34-9191-4621-95D3-4261D56C4686} [2013/04/01 08:50:56 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{16852EBC-5A39-4805-9A6F-CF64AA47D322} [2013/04/01 08:49:54 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{C6908A26-E673-4AD1-8745-B479165FA4D1} [2013/04/01 08:48:15 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{FD085F5A-C707-47F8-BA1D-EE19C5D25CEA} [2013/04/01 08:47:12 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{3988D274-D391-41B5-80F0-6A60EDA51893} [2013/03/31 23:42:16 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{7AEBAAAF-8770-4665-B23F-1ADB0C3F31C7} [2013/03/31 23:40:51 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{ADB60DD5-7D3C-442E-8DE7-3EF8685C7F11} [2013/03/31 23:16:53 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{8737F2EF-FC9B-4045-B0C0-C19032156AE5} [2013/03/31 22:53:34 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{8B1BE5FC-C368-4605-805E-ED30AD6F642D} [2013/03/31 22:24:22 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{DD4E8840-08A5-47FD-9A48-CEB192591F24} [2013/03/31 22:23:03 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{C4086596-0FDF-4B43-A665-D511AB372995} [2013/03/31 22:20:34 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{61A155A7-078E-4244-9E34-71912881B4FA} [2013/03/31 22:18:25 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{AE113B15-E9F7-4C06-AA08-C79E308D2320} [2013/03/31 22:17:50 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{913F342E-7A99-48B9-83A0-38D15A96F8F9} [2013/03/31 22:17:10 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{FE20AC89-2F98-4D9D-AB46-355BF1433F54} [2013/03/31 22:15:39 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{049021BC-3D86-4A12-A398-FFFDB4ED9079} [2013/03/31 21:43:01 | 000,000,000 | ---D | C] -- C:\Users\Venus Smith\AppData\Local\{6416FF3F-0C5C-4652-9D87-E3F0ABA90061} [2010/04/27 18:39:27 | 008,656,832 | ---- | C] (Dell, Inc. ) -- C:\Users\Venus Smith\AppData\Roaming\DataSafeDotNet.exe [1 C:\Users\Venus Smith\Desktop\*.tmp files -> C:\Users\Venus Smith\Desktop\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/04/19 19:36:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/04/19 19:35:19 | 000,805,730 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/04/19 19:35:19 | 000,679,888 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/04/19 19:35:19 | 000,128,304 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/04/19 19:33:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/04/19 19:32:41 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/04/19 19:32:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/04/18 20:39:18 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/04/18 20:39:18 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/04/18 20:32:46 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2013/04/18 20:32:19 | 000,001,749 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk [2013/04/18 20:31:20 | 3061,202,944 | -HS- | M] () -- C:\hiberfil.sys [2013/04/18 20:21:25 | 000,420,432 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/04/14 19:53:28 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013/04/14 19:51:09 | 000,047,496 | ---- | M] (GFI Software) -- C:\Windows\SysNative\sbbd.exe [2013/04/14 19:51:09 | 000,014,456 | ---- | M] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys [2013/04/14 19:49:32 | 000,002,050 | ---- | M] () -- C:\Users\Venus Smith\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2013/04/14 18:49:45 | 000,315,648 | ---- | M] () -- C:\Users\Venus Smith\Desktop\FASFA 2013.xps [2013/04/14 17:52:37 | 000,312,538 | ---- | M] () -- C:\Users\Venus Smith\Desktop\mike taxes 2012.xps [2013/04/14 16:28:24 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/04/14 16:23:00 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2013/04/14 16:23:00 | 000,001,967 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/04/01 15:37:51 | 000,002,104 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/04/01 10:25:35 | 000,000,992 | ---- | M] () -- C:\Users\Venus Smith\Documents\4-1-2013_1025.RBC [2013/04/01 10:13:25 | 000,000,164 | ---- | M] () -- C:\Users\Venus Smith\Documents\Data_040113_100939.roxio [2013/04/01 10:09:38 | 000,000,192 | ---- | M] () -- C:\Users\Venus Smith\Documents\Data_040113_095319.roxio [2013/04/01 09:53:19 | 000,000,126 | ---- | M] () -- C:\Users\Venus Smith\Documents\Data_040113_093117.roxio [2013/04/01 09:31:17 | 000,000,152 | ---- | M] () -- C:\Users\Venus Smith\Documents\Data_040113_090926.roxio [2013/04/01 09:07:50 | 000,000,874 | ---- | M] () -- C:\Users\Venus Smith\Documents\Data_040113_090210.roxio [2013/04/01 08:59:52 | 000,002,293 | ---- | M] () -- C:\Users\Venus Smith\Documents\Hansel & Gretel witchhunter4.wlmp [2013/04/01 08:58:33 | 000,002,282 | ---- | M] () -- C:\Users\Venus Smith\Documents\Hansel & Gretel witchhunter3.wlmp [2013/04/01 08:57:23 | 000,002,293 | ---- | M] () -- C:\Users\Venus Smith\Documents\Hansel & Gretel witchhunter2.wlmp [2013/04/01 08:56:20 | 000,002,282 | ---- | M] () -- C:\Users\Venus Smith\Documents\Hansel & Gretel witchhunter.wlmp [2013/04/01 08:49:32 | 000,002,246 | ---- | M] () -- C:\Users\Venus Smith\Documents\My Movie.wlmp [1 C:\Users\Venus Smith\Desktop\*.tmp files -> C:\Users\Venus Smith\Desktop\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/04/18 19:31:51 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2013/04/14 20:12:20 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/04/14 19:53:28 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013/04/14 18:49:42 | 000,315,648 | ---- | C] () -- C:\Users\Venus Smith\Desktop\FASFA 2013.xps [2013/04/14 17:52:34 | 000,312,538 | ---- | C] () -- C:\Users\Venus Smith\Desktop\mike taxes 2012.xps [2013/04/14 16:28:24 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/04/01 10:25:24 | 000,000,992 | ---- | C] () -- C:\Users\Venus Smith\Documents\4-1-2013_1025.RBC [2013/04/01 10:13:25 | 000,000,164 | ---- | C] () -- C:\Users\Venus Smith\Documents\Data_040113_100939.roxio [2013/04/01 10:09:38 | 000,000,192 | ---- | C] () -- C:\Users\Venus Smith\Documents\Data_040113_095319.roxio [2013/04/01 09:53:19 | 000,000,126 | ---- | C] () -- C:\Users\Venus Smith\Documents\Data_040113_093117.roxio [2013/04/01 09:31:17 | 000,000,152 | ---- | C] () -- C:\Users\Venus Smith\Documents\Data_040113_090926.roxio [2013/04/01 09:07:50 | 000,000,874 | ---- | C] () -- C:\Users\Venus Smith\Documents\Data_040113_090210.roxio [2013/04/01 08:59:52 | 000,002,293 | ---- | C] () -- C:\Users\Venus Smith\Documents\Hansel & Gretel witchhunter4.wlmp [2013/04/01 08:58:33 | 000,002,282 | ---- | C] () -- C:\Users\Venus Smith\Documents\Hansel & Gretel witchhunter3.wlmp [2013/04/01 08:57:23 | 000,002,293 | ---- | C] () -- C:\Users\Venus Smith\Documents\Hansel & Gretel witchhunter2.wlmp [2013/04/01 08:56:20 | 000,002,282 | ---- | C] () -- C:\Users\Venus Smith\Documents\Hansel & Gretel witchhunter.wlmp [2013/04/01 08:49:32 | 000,002,246 | ---- | C] () -- C:\Users\Venus Smith\Documents\My Movie.wlmp [2012/03/13 14:36:45 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2012/03/13 14:26:06 | 000,183,514 | ---- | C] () -- C:\Windows\hpwins11.dat [2012/03/13 14:26:06 | 000,000,392 | ---- | C] () -- C:\Windows\hpwmdl11.dat [2011/10/29 13:10:55 | 000,075,888 | ---- | C] () -- C:\Users\Venus Smith\AppData\Local\rx_audio.Cache [2011/05/13 21:06:13 | 000,000,506 | ---- | C] () -- C:\ProgramData\DebugLog.tx0 [2011/05/13 20:54:07 | 000,000,609 | ---- | C] () -- C:\Users\Venus Smith\AppData\Local\bingsn.dll [2011/04/23 22:18:10 | 000,100,208 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll [2011/04/23 22:17:32 | 000,062,136 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll [2011/04/23 22:16:44 | 000,250,552 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll [2010/07/31 16:26:05 | 000,007,680 | ---- | C] () -- C:\Users\Venus Smith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/07/30 14:26:17 | 000,585,904 | ---- | C] () -- C:\Users\Venus Smith\AppData\Local\rx_image.Cache [2010/05/08 11:23:25 | 015,983,616 | ---- | C] () -- C:\Users\Venus Smith\Cricket Broadband Setup-v1.0 (build 1950).msi [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2013/04/14 19:51:07 | 000,000,000 | ---D | M] -- C:\Users\Venus Smith\AppData\Roaming\Ad-Aware Antivirus [2010/05/01 00:48:12 | 000,000,000 | ---D | M] -- C:\Users\Venus Smith\AppData\Roaming\Cricket [2010/06/21 20:08:09 | 000,000,000 | ---D | M] -- C:\Users\Venus Smith\AppData\Roaming\Facebook [2010/08/10 15:07:16 | 000,000,000 | ---D | M] -- C:\Users\Venus Smith\AppData\Roaming\InterTrust [2010/11/05 22:14:16 | 000,000,000 | ---D | M] -- C:\Users\Venus Smith\AppData\Roaming\iWin [2010/07/25 10:10:38 | 000,000,000 | ---D | M] -- C:\Users\Venus Smith\AppData\Roaming\Leadertech [2011/11/25 22:32:39 | 000,000,000 | ---D | M] -- C:\Users\Venus Smith\AppData\Roaming\MusicNet [2010/12/12 14:58:02 | 000,000,000 | ---D | M] -- C:\Users\Venus Smith\AppData\Roaming\PCDr [2010/04/22 19:59:47 | 000,000,000 | ---D | M] -- C:\Users\Venus Smith\AppData\Roaming\WildTangent [2011/11/25 23:01:42 | 000,000,000 | ---D | M] -- C:\Users\Venus Smith\AppData\Roaming\Windows Live Writer [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 76 bytes -> C:\Users\Venus Smith\Documents\YouTube - VaShawn Mitchell - _Nobody Greater_.mp4:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Venus Smith\Documents\YouTube - Steph Jones - Little Drummer Boy (Official Music Video).mp4:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Venus Smith\Documents\YouTube - Lauryn Hill & Bob Marley (HQ) - Turn Your Lights Down Low.mp4:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Venus Smith\Documents\YouTube - Eminem - Love The Way You Lie ft. Rihanna.mp4:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Venus Smith\Documents\YouTube - DICE TRAILER.mp4:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Venus Smith\Documents\YouTube - Chester D. T. Baldwin - READY WILLING AND ABLE.mp4:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Venus Smith\Documents\YouTube - Amazing Grace Dance.mp4:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Venus Smith\Documents\YouTube - Amazing Grace - Promise Keepers.mp4:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Venus Smith\Documents\manni oct 28.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Venus Smith\Documents\Good Deeds.c2d:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Venus Smith\Documents\EBC VBS WOW CD.rcl:Roxio EMC Stream < End of report >