OTL logfile created on: 8/2/2013 11:33:00 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Yolanda\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.85 Gb Total Physical Memory | 2.42 Gb Available Physical Memory | 62.72% Memory free
7.70 Gb Paging File | 5.61 Gb Available in Paging File | 72.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.99 Gb Total Space | 396.13 Gb Free Space | 87.64% Space Free | Partition Type: NTFS
Computer Name: YOLANDA-PC | User Name: Yolanda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/08/02 23:32:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Yolanda\Desktop\OTL.exe
PRC - [2013/07/12 14:37:18 | 003,289,472 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/05/22 10:30:52 | 000,661,360 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011/05/10 14:37:32 | 000,010,920 | ---- | M] (Absolute Software) -- C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe
PRC - [2011/04/13 03:34:08 | 000,416,848 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011/04/13 03:34:08 | 000,334,416 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011/04/13 03:34:06 | 001,097,296 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011/04/13 03:34:06 | 000,353,872 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011/02/25 13:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/22 16:19:12 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/22 16:19:08 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/02/15 14:36:10 | 000,257,344 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011/02/15 14:35:34 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2011/01/31 16:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/11/01 11:45:22 | 000,047,704 | ---- | M] (Alcor) -- C:\Windows\WebCam\S6000\S6000Mnt.exe
PRC - [2010/10/05 17:46:10 | 000,704,104 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2010/05/20 19:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2010/03/11 17:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/01/29 19:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2010/01/08 09:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009/04/07 10:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
========== Modules (No Company Name) ==========
MOD - [2013/07/31 19:39:48 | 000,277,504 | ---- | M] () -- C:\Users\Yolanda\AppData\Local\{869C35D8-82BE-4DD0-BAC4-4449FA89CE51}\{C7A9A436-36B6-4863-B102-2923DF8563AC}\kfakfdnh.dll
MOD - [2011/03/11 16:33:50 | 000,238,056 | ---- | M] () -- c:\Program Files\mcafee\msk\mskapbho.dll
MOD - [2011/02/15 14:37:10 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2009/03/12 16:45:32 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MOD - [2008/11/21 14:58:42 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/08/02 09:53:46 | 000,109,352 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/02/19 14:56:14 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013/02/19 14:53:32 | 000,218,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013/02/19 14:51:54 | 000,241,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012/11/16 22:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2011/01/31 16:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2011/01/28 11:44:08 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/10/08 05:24:16 | 000,150,016 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/07/12 14:37:18 | 003,289,472 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/06/11 23:25:25 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/05/10 14:37:32 | 000,010,920 | ---- | M] (Absolute Software) [Auto | Running] -- C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe -- (AbsoluteNotifier)
SRV - [2011/04/28 19:55:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/04/13 03:34:06 | 000,353,872 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011/03/02 00:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 13:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/22 16:19:12 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/22 16:19:08 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/02/15 14:36:10 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/06/01 18:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/20 19:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/11 17:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/01/29 19:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010/01/08 09:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/12/17 05:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2007/01/11 05:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/02/19 14:59:06 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013/02/19 14:56:26 | 000,340,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013/02/19 14:55:14 | 000,106,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2013/02/19 14:54:32 | 000,771,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013/02/19 14:53:42 | 000,515,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013/02/19 14:53:02 | 000,309,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013/02/19 14:52:44 | 000,179,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/04/20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/26 20:19:48 | 012,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/15 01:11:10 | 000,010,112 | ---- | M] (support.com, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssmirrdr.sys -- (ssmirrdr)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/24 12:23:32 | 003,293,400 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\S6000KNT.sys -- (S6000KNT)
DRV:64bit: - [2010/12/11 23:43:54 | 000,085,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2010/12/11 11:12:54 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2010/12/11 11:12:50 | 000,067,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:64bit: - [2010/12/10 20:46:56 | 000,035,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2010/11/24 02:08:10 | 002,350,952 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/19 02:29:30 | 001,401,392 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/11/06 02:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/01 00:03:30 | 000,410,152 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/10/19 20:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 05:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/10/08 05:23:38 | 000,019,192 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/07/09 15:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/04/20 14:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/12/31 06:04:57 | 000,360,712 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009/09/22 21:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009/09/22 21:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009/09/22 21:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/19 22:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {f2c43291-151e-499c-98a7-923c120b88fa} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {5F25A71F-8BA8-43B8-BA57-741C281B7C8A}
IE - HKCU\..\SearchScopes\{5F25A71F-8BA8-43B8-BA57-741C281B7C8A}: "URL" = http://www.google.co...1I7GGNI_enUS486
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Yolanda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Yolanda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Yolanda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/07/12 22:30:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013/06/04 04:44:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2013/07/29 17:29:04 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Yolanda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Spring Mood = C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\facdidjmdhkmihcagdgmhffjnkklblge\1.11_0\
CHR - Extension: SiteAdvisor = C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0\
CHR - Extension: Skype Click to Call = C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: Gmail = C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013/08/02 00:12:25 | 000,000,019 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120624232459.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120624232459.dll (McAfee, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] T\EPOWERTRAY.EXE File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] DOWS\SYSTEM32\HKCMD.EXE File not found
O4:64bit: - HKLM..\Run: [IgfxTray] DOWS\SYSTEM32\IGFXTRAY.EXE File not found
O4:64bit: - HKLM..\Run: [Persistence] DOWS\SYSTEM32\IGFXPERS.EXE File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynTPEnh] H.EXE File not found
O4 - HKLM..\Run: [Absolute Notifier] C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe (Absolute Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [S6000Mnt] C:\Windows\SysWOW64\Rundll32.exe S6000Rmv.dll,WinMainRmv /StartStillMnt File not found
O4 - HKCU..\Run: [{C7A9A436-36B6-4863-B102-2923DF8563AC}] C:\Users\Yolanda\AppData\Local\{869C35D8-82BE-4DD0-BAC4-4449FA89CE51}\{C7A9A436-36B6-4863-B102-2923DF8563AC}\kfakfdnh.dll ()
O4 - HKCU..\Run: [Checker] rundll32 "C:\Users\Yolanda\AppData\Local\Temp\\\jbllge.dll",DllRegisterServer File not found
O4 - HKCU..\Run: [EPSON WorkForce 610 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFJA.EXE /FU "C:\Windows\TEMP\E_SCC68.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [EPSOND8A4F6] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFJA.EXE /FU "C:\Windows\TEMP\E_SBC0E.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [PhotoJoy] C:\Program Files (x86)\PhotoJoy\bin\PhotoJoy.exe /c File not found
O4 - Startup: C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C3AFADB-4DF7-4A9E-8195-D2BF84E38720}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88EB3ADC-6D3F-49B9-AF34-F960C57EE230}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/08/02 23:32:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Yolanda\Desktop\OTL.exe
[2013/08/02 23:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/08/02 23:15:39 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2013/08/02 00:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2013/08/02 00:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013/08/02 00:04:13 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/08/01 20:59:37 | 000,000,000 | ---D | C] -- C:\Users\Yolanda\Desktop\tdsskiller
[2013/08/01 20:54:05 | 000,000,000 | ---D | C] -- C:\Users\Yolanda\Desktop\GooredFix Backups
[2013/08/01 20:35:56 | 000,000,000 | ---D | C] -- C:\_OTM
[2013/08/01 20:16:07 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013/08/01 20:14:37 | 000,000,000 | ---D | C] -- C:\Users\Yolanda\Documents\ERUNT
[2013/08/01 20:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013/08/01 20:13:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013/08/01 05:09:30 | 000,000,000 | ---D | C] -- C:\Users\Yolanda\Desktop\Search Kaspersky Lab US_files
[2013/07/30 01:38:00 | 000,000,000 | ---D | C] -- C:\Users\Yolanda\AppData\Local\{B6524154-74CD-408C-8998-AC3E79B32611}
[2013/07/23 08:22:03 | 000,000,000 | ---D | C] -- C:\Users\Yolanda\AppData\Local\Diagnostics
[2013/07/22 17:38:33 | 000,000,000 | ---D | C] -- C:\Users\Yolanda\AppData\Local\Adobe
[2013/07/18 16:53:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/07/13 00:06:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SuYin
[2013/07/12 22:53:47 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/11/18 00:11:56 | 005,944,360 | ---- | C] (Absolute Software Corp. ) -- C:\Users\Yolanda\AppData\Roaming\LoJackSetup.exe
========== Files - Modified Within 30 Days ==========
[2013/08/02 23:36:08 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/02 23:32:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Yolanda\Desktop\OTL.exe
[2013/08/02 23:25:14 | 000,024,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/02 23:25:14 | 000,024,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/02 23:22:49 | 000,001,832 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
[2013/08/02 23:21:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/02 23:20:01 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2114457821-856641166-3955415068-1000UA.job
[2013/08/02 23:20:01 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2114457821-856641166-3955415068-1000Core.job
[2013/08/02 23:19:05 | 000,032,000 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2013/08/02 23:18:05 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/02 23:17:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/02 23:17:42 | 3102,347,264 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/02 23:15:39 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2013/08/02 23:00:00 | 000,000,338 | -H-- | M] () -- C:\Windows\tasks\{F236003E-0A82-4CFC-863D-9AC9E528CCF3}.job
[2013/08/02 18:23:39 | 000,017,920 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.dll
[2013/08/02 18:23:29 | 000,017,920 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.exe
[2013/08/02 18:23:29 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2013/08/02 00:12:25 | 000,000,019 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/08/02 00:12:16 | 000,001,432 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2013/08/02 00:05:47 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2013/08/02 00:00:41 | 000,000,246 | ---- | M] () -- C:\Users\Yolanda\Desktop\Remove Department of Justice virus (MoneyPak Scam).url
[2013/08/01 23:33:00 | 000,000,004 | ---- | M] () -- C:\Users\Yolanda\AppData\Roaming\skype.ini
[2013/08/01 23:29:11 | 000,000,860 | ---- | M] () -- C:\Users\Yolanda\Desktop\Internet Security Pro.lnk
[2013/08/01 23:29:09 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\opera172098.exe
[2013/08/01 23:13:24 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\java863586.exe
[2013/08/01 23:05:13 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\msconfig680055.exe
[2013/08/01 23:05:13 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\firefox309024.exe
[2013/08/01 22:52:54 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\notepad.exe
[2013/08/01 22:42:03 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\vlcplayer.exe
[2013/08/01 22:42:03 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\acrobatreader.exe
[2013/08/01 22:28:54 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\chrome.exe
[2013/08/01 20:58:34 | 002,218,636 | ---- | M] () -- C:\Users\Yolanda\Desktop\tdsskiller.zip
[2013/08/01 20:35:57 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.hitmanpro
[2013/08/01 20:14:03 | 000,001,108 | ---- | M] () -- C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/08/01 20:13:45 | 000,000,928 | ---- | M] () -- C:\Users\Yolanda\Desktop\NTREGOPT.lnk
[2013/08/01 20:13:45 | 000,000,909 | ---- | M] () -- C:\Users\Yolanda\Desktop\ERUNT.lnk
[2013/08/01 05:25:02 | 000,000,259 | ---- | M] () -- C:\Users\Yolanda\Desktop\Computer Won't Boot - Malware Related - Geeks to Go Forums.url
[2013/08/01 05:13:29 | 000,000,255 | ---- | M] () -- C:\Users\Yolanda\Desktop\How to fix Google Redirects - Geeks to Go Forums (2).url
[2013/08/01 05:10:14 | 000,000,233 | ---- | M] () -- C:\Users\Yolanda\Desktop\TDSSKiller Rootkit Removal Utility Free Download Kaspersky Lab US.url
[2013/08/01 05:09:30 | 000,036,704 | ---- | M] () -- C:\Users\Yolanda\Desktop\Search Kaspersky Lab US.htm
[2013/08/01 04:29:44 | 000,000,255 | ---- | M] () -- C:\Users\Yolanda\Desktop\How to fix Google Redirects - Geeks to Go Forums.url
[2013/07/18 18:01:20 | 000,001,137 | ---- | M] () -- C:\Users\Yolanda\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/07/18 16:53:13 | 000,775,776 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/07/18 16:53:13 | 000,662,158 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/18 16:53:13 | 000,122,044 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/18 16:53:06 | 000,775,776 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/18 16:02:46 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\msconfig928022.exe
[2013/07/18 16:02:45 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\jucheck173346.exe
[2013/07/18 16:02:45 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\csrss958544.exe
[2013/07/18 16:02:43 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\conhost68164.exe
[2013/07/18 16:02:41 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\firefox520732.exe
[2013/07/18 15:59:51 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\jucheck429603.exe
[2013/07/18 15:59:49 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\jqs319019.exe
[2013/07/18 15:59:48 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\vlcplayer938735.exe
[2013/07/18 15:59:48 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\vlcplayer931615.exe
[2013/07/18 15:59:48 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\java508518.exe
[2013/07/18 15:59:46 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\conhost886471.exe
[2013/07/18 15:59:45 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\jucheck559367.exe
[2013/07/18 15:59:38 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\vlcplayer971244.exe
[2013/07/18 15:59:29 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\icq.exe
[2013/07/18 15:59:29 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\flashplayer.exe
[2013/07/18 15:59:28 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\mstsc.exe
[2013/07/18 15:59:28 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\msconfig.exe
[2013/07/18 15:59:27 | 000,000,000 | ---- | M] () -- C:\Users\Yolanda\jqs.exe
[2013/07/15 10:38:43 | 000,002,593 | ---- | M] () -- C:\Users\Yolanda\Desktop\Demitrius - Chrome.lnk
[2013/07/12 22:53:05 | 664,731,528 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/07/11 00:53:23 | 000,432,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/05 17:12:28 | 004,198,911 | ---- | M] () -- C:\Users\Yolanda\Documents\img021.pdf
[2013/07/05 17:04:03 | 008,937,517 | ---- | M] () -- C:\Users\Yolanda\Documents\Dylan Reese- GEEF 2013.pdf
[2013/07/05 16:54:24 | 000,232,857 | ---- | M] () -- C:\Users\Yolanda\Documents\img019.pdf
========== Files Created - No Company Name ==========
[2013/08/02 23:19:05 | 000,032,000 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2013/08/02 00:12:16 | 000,001,432 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2013/08/02 00:05:47 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2013/08/02 00:00:41 | 000,000,246 | ---- | C] () -- C:\Users\Yolanda\Desktop\Remove Department of Justice virus (MoneyPak Scam).url
[2013/08/01 23:32:16 | 000,000,004 | ---- | C] () -- C:\Users\Yolanda\AppData\Roaming\skype.ini
[2013/08/01 23:29:09 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\opera172098.exe
[2013/08/01 23:13:24 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\java863586.exe
[2013/08/01 23:05:13 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\msconfig680055.exe
[2013/08/01 23:05:13 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\firefox309024.exe
[2013/08/01 22:52:54 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\notepad.exe
[2013/08/01 22:42:03 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\vlcplayer.exe
[2013/08/01 22:42:03 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\acrobatreader.exe
[2013/08/01 22:28:54 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\chrome.exe
[2013/08/01 20:58:25 | 002,218,636 | ---- | C] () -- C:\Users\Yolanda\Desktop\tdsskiller.zip
[2013/08/01 20:14:03 | 000,001,108 | ---- | C] () -- C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/08/01 20:13:45 | 000,000,928 | ---- | C] () -- C:\Users\Yolanda\Desktop\NTREGOPT.lnk
[2013/08/01 20:13:45 | 000,000,909 | ---- | C] () -- C:\Users\Yolanda\Desktop\ERUNT.lnk
[2013/08/01 05:25:02 | 000,000,259 | ---- | C] () -- C:\Users\Yolanda\Desktop\Computer Won't Boot - Malware Related - Geeks to Go Forums.url
[2013/08/01 05:13:29 | 000,000,255 | ---- | C] () -- C:\Users\Yolanda\Desktop\How to fix Google Redirects - Geeks to Go Forums (2).url
[2013/08/01 05:10:14 | 000,000,233 | ---- | C] () -- C:\Users\Yolanda\Desktop\TDSSKiller Rootkit Removal Utility Free Download Kaspersky Lab US.url
[2013/08/01 05:09:29 | 000,036,704 | ---- | C] () -- C:\Users\Yolanda\Desktop\Search Kaspersky Lab US.htm
[2013/08/01 04:29:44 | 000,000,255 | ---- | C] () -- C:\Users\Yolanda\Desktop\How to fix Google Redirects - Geeks to Go Forums.url
[2013/07/18 16:02:46 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\msconfig928022.exe
[2013/07/18 16:02:45 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\jucheck173346.exe
[2013/07/18 16:02:45 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\csrss958544.exe
[2013/07/18 16:02:43 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\conhost68164.exe
[2013/07/18 16:02:41 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\firefox520732.exe
[2013/07/18 16:01:29 | 000,000,338 | -H-- | C] () -- C:\Windows\tasks\{F236003E-0A82-4CFC-863D-9AC9E528CCF3}.job
[2013/07/18 15:59:51 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\jucheck429603.exe
[2013/07/18 15:59:49 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\jqs319019.exe
[2013/07/18 15:59:48 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\vlcplayer938735.exe
[2013/07/18 15:59:48 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\vlcplayer931615.exe
[2013/07/18 15:59:48 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\java508518.exe
[2013/07/18 15:59:46 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\conhost886471.exe
[2013/07/18 15:59:45 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\jucheck559367.exe
[2013/07/18 15:59:38 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\vlcplayer971244.exe
[2013/07/18 15:59:29 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\flashplayer.exe
[2013/07/18 15:59:28 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\mstsc.exe
[2013/07/18 15:59:28 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\msconfig.exe
[2013/07/18 15:59:27 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\jqs.exe
[2013/07/18 15:59:27 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\icq.exe
[2013/07/12 22:53:03 | 664,731,528 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/07/05 17:12:05 | 004,198,911 | ---- | C] () -- C:\Users\Yolanda\Documents\img021.pdf
[2013/07/05 17:03:13 | 008,937,517 | ---- | C] () -- C:\Users\Yolanda\Documents\Dylan Reese- GEEF 2013.pdf
[2013/07/05 16:54:24 | 000,232,857 | ---- | C] () -- C:\Users\Yolanda\Documents\img019.pdf
[2013/07/02 10:43:25 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\jucheck.exe
[2013/07/02 10:43:22 | 000,000,000 | ---- | C] () -- C:\Users\Yolanda\googleupdate.exe
[2013/05/01 12:41:21 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2013/05/01 08:09:35 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe
[2013/04/22 22:06:16 | 000,061,304 | ---- | C] () -- C:\Users\Yolanda\g2mdlhlpx.exe
[2013/01/12 13:58:07 | 000,775,776 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/03 14:18:01 | 000,005,003 | ---- | C] () -- C:\Users\Yolanda\receipt 1-3-13.htm
[2012/11/15 15:04:13 | 000,005,057 | ---- | C] () -- C:\Users\Yolanda\Print receipt car 11-15-2012.htm
[2012/06/02 02:53:40 | 000,069,076 | ---- | C] () -- C:\Users\Yolanda\TP030000507.dotx
[2012/06/02 02:52:24 | 000,028,161 | ---- | C] () -- C:\Users\Yolanda\Budget Template.xltx
[2012/06/02 02:48:59 | 000,025,088 | ---- | C] () -- C:\Users\Yolanda\Expense budget.XLT
[2012/06/02 02:47:41 | 000,066,048 | ---- | C] () -- C:\Users\Yolanda\Targeted budgeting tool.xlt
[2012/04/16 00:42:04 | 000,007,287 | ---- | C] () -- C:\Users\Yolanda\KinderCare Learning Centers 4-16-12.htm
[2012/04/08 22:12:25 | 001,983,932 | ---- | C] () -- C:\Users\Yolanda\Columbia bunkbed assembly instructions.pdf
[2011/12/14 20:18:03 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2011/12/14 16:24:04 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011/12/14 16:24:04 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011/12/14 16:24:04 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011/12/14 16:24:04 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011/12/14 16:24:04 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011/12/14 16:24:04 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011/12/14 16:24:04 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011/12/14 16:24:04 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011/12/14 16:24:04 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011/12/14 16:24:04 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011/12/14 16:24:04 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011/12/14 16:24:04 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011/12/14 16:24:04 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011/12/14 16:24:04 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011/12/14 16:24:04 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011/12/14 16:24:04 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/11/18 01:46:21 | 000,015,190 | ---- | C] () -- C:\Windows\S6000Twn.ini
[2011/11/08 01:30:02 | 000,000,552 | ---- | C] () -- C:\Users\Yolanda\AppData\Roaming\AbsoluteReminder.xml
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011/11/18 00:18:59 | 000,000,000 | ---D | M] -- C:\Users\Yolanda\AppData\Roaming\Absolute
[2011/11/18 00:19:41 | 000,000,000 | ---D | M] -- C:\Users\Yolanda\AppData\Roaming\Absolute Software
[2012/07/02 14:02:59 | 000,000,000 | ---D | M] -- C:\Users\Yolanda\AppData\Roaming\bppenu11
[2012/02/08 00:06:10 | 000,000,000 | ---D | M] -- C:\Users\Yolanda\AppData\Roaming\com.amazon.music.uploader
[2012/02/06 19:40:46 | 000,000,000 | ---D | M] -- C:\Users\Yolanda\AppData\Roaming\Epson
[2013/08/02 00:12:16 | 000,000,000 | ---D | M] -- C:\Users\Yolanda\AppData\Roaming\libAgenspl90
[2012/02/20 00:29:15 | 000,000,000 | ---D | M] -- C:\Users\Yolanda\AppData\Roaming\supportdotcom
[2012/02/24 14:34:00 | 000,000,000 | ---D | M] -- C:\Users\Yolanda\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2013/07/30 03:55:12 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?Ä) -- C:\Windows\SysNative\Ä
[2013/07/30 03:55:12 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?Ä) -- C:\Windows\SysNative\Ä
[2012/10/07 21:14:44 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?q) -- C:\Windows\SysNative\q
[2012/10/07 21:14:44 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?q) -- C:\Windows\SysNative\q
[2012/06/12 01:09:03 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?U) -- C:\Windows\SysNative\U
[2012/06/12 01:09:03 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?U) -- C:\Windows\SysNative\U
[2012/06/10 00:46:38 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?½) -- C:\Windows\SysNative\½
[2012/06/10 00:46:38 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?½) -- C:\Windows\SysNative\½
[2012/06/03 13:23:49 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?M) -- C:\Windows\SysNative\M
[2012/06/03 13:23:49 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?M) -- C:\Windows\SysNative\M
< End of report >