OLT
OTL logfile created on: 2/3/2013 1:18:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Deb\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 3.22 Gb Available Physical Memory | 84.54% Memory free
7.61 Gb Paging File | 7.03 Gb Available in Paging File | 92.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 254.14 Gb Total Space | 190.39 Gb Free Space | 74.91% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 27.85 Gb Free Space | 96.05% Space Free | Partition Type: NTFS
Computer Name: DEB-PC | User Name: Deb | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/02/02 17:15:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Deb\Desktop\OTL.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - [2012/11/22 04:42:06 | 000,378,952 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/11/09 06:37:30 | 000,177,680 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/11/09 06:34:50 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/10/07 03:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/10/07 03:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2012/10/07 03:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/10/07 03:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/10/07 03:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2012/10/06 07:28:16 | 001,007,288 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2010/09/22 13:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WPDBusEnum)
SRV:64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WebClient)
SRV:64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (SensrSvc)
SRV:64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (RasMan)
SRV - [2013/01/08 16:49:40 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/04 10:54:14 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/26 13:15:26 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.313\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/06/23 04:39:54 | 000,046,080 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe -- (Oasis2Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 15:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/12/09 03:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/12/09 03:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/01/29 18:21:36 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/11/09 06:40:24 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/11/09 06:37:42 | 000,339,776 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/11/09 06:35:50 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/11/09 06:34:58 | 000,515,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/11/09 06:34:18 | 000,309,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/11/09 06:33:58 | 000,178,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/11/02 01:46:50 | 000,328,976 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2012/11/02 01:46:50 | 000,097,208 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2012/05/28 10:28:18 | 000,197,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 10:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/10/13 00:20:02 | 000,736,896 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010/08/07 03:07:16 | 001,326,928 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BisonC07.sys -- (Cam5607)
DRV:64bit: - [2010/06/10 06:43:20 | 001,380,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/31 02:47:08 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/03/11 22:23:16 | 000,242,720 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/03 14:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/26 03:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/02 17:38:30 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/11/06 07:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/10/18 19:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2009/09/16 23:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/20 11:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/21 09:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 15:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 15:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/08/06 07:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{C14984B6-0E90-453E-8BDD-E65545EA0700}: "URL" = http://www.mysearchresults.com/search?&c=2652&t=03&q={searchTerms}
IE - HKCU\..\SearchScopes\{C7E2EF61-2EFC-41C7-B1C1-DC6F466B7705}: "URL" = http://search.yahoo.com/search?p={s...e=W3i_DS,136,0_0,Search,20130105,17118,0,18,0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: firefox@facebook.com:1.8.2
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.6.0
FF - prefs.js..extensions.enabledItems: firefox@facebook.com:1.7.3
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.313\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Deb\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Deb\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Deb\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Deb\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/01/26 11:22:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/26 11:57:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/26 11:57:01 | 000,000,000 | ---D | M]
[2011/03/30 07:51:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deb\AppData\Roaming\Mozilla\Extensions
[2013/02/03 10:23:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\zq87jksh.default\extensions
[2013/01/26 11:58:12 | 000,319,802 | ---- | M] () (No name found) -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\zq87jksh.default\extensions\firefox@facebook.com.xpi
[2012/11/18 13:15:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/07/06 11:22:10 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/11/18 13:15:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/01/26 11:22:07 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2013/01/26 11:56:50 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/01/21 12:52:42 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll
[2013/01/26 11:56:43 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/01/26 11:56:42 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Deb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pddaeeclcbikcegjhhgocgkakehngcem\1.4_0\
CHR - Extension: No name found = C:\Users\Deb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoocbcmaj\1_0\
O1 HOSTS File: ([2013/02/02 15:23:01 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.313\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4:64bit: - HKLM..\RunOnce: [GrpConv] C:\windows\SysNative\grpconv.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Z1] C:\windows\SysWow64\cmd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 204.186.110.76 204.186.80.251 216.144.187.199
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65F1F6F6-7F1D-4BC0-AF36-A209CC6B035B}: DhcpNameServer = 204.186.110.76 204.186.80.251 216.144.187.199
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{946347D4-6E06-4B1C-AA0B-2DED38AF904C}: DhcpNameServer = 173.243.32.50 8.8.8.8
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/02/03 12:55:38 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013/02/03 12:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/02/03 12:36:19 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2013/02/03 12:35:38 | 000,000,000 | ---D | C] -- C:\windows\SysNative\catroot2
[2013/02/03 10:49:52 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs
[2013/02/03 10:49:44 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013/02/03 10:49:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2013/02/03 10:34:25 | 000,000,000 | ---D | C] -- C:\JRT
[2013/02/02 17:15:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Deb\Desktop\OTL.exe
[2013/02/02 17:14:08 | 000,538,188 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Deb\Desktop\JRT.exe
[2013/02/02 15:41:14 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/02/02 15:25:49 | 000,000,000 | ---D | C] -- C:\windows\temp
[2013/02/02 15:15:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013/02/02 15:15:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013/02/02 15:15:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013/02/02 15:09:47 | 000,000,000 | ---D | C] -- C:\matt_dahms6172m
[2013/02/02 15:02:53 | 000,000,000 | ---D | C] -- C:\matt_dahms23844m
[2013/02/02 14:46:24 | 000,000,000 | ---D | C] -- C:\matt_dahms23500m
[2013/02/02 14:45:46 | 000,000,000 | ---D | C] -- C:\matt_dahms26598m
[2013/02/02 14:45:11 | 000,000,000 | ---D | C] -- C:\matt_dahms27645m
[2013/02/02 12:44:33 | 000,000,000 | ---D | C] -- C:\matt_dahms
[2013/02/02 12:44:30 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/02/02 12:34:50 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/02/02 12:31:23 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Deb\Desktop\rkill.exe
[2013/02/02 01:36:41 | 000,000,000 | ---D | C] -- C:\FRST
[2013/02/01 23:03:54 | 000,000,000 | ---D | C] -- C:\Users\Deb\Documents\mbar-1.01.0.1017
[2013/02/01 20:34:16 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\RK_Quarantine
[2013/01/29 22:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/29 22:12:44 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013/01/29 22:12:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/01/29 22:12:18 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Local\Programs
[2013/01/29 18:51:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/01/29 18:21:43 | 000,030,568 | ---- | C] (AVG Technologies) -- C:\windows\SysNative\drivers\avgtpx64.sys
[2013/01/29 18:21:08 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\Nico Mak Computing
[2013/01/29 18:21:04 | 000,018,760 | ---- | C] (WinZip Computing, S.L.(WinZip Computing)) -- C:\windows\SysNative\roboot64.exe
[2013/01/27 21:03:53 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/01/27 20:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Quick PC Booster
[2013/01/27 20:42:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger
[2013/01/27 20:34:47 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\rkill
[2013/01/27 20:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2013/01/27 20:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2013/01/27 20:27:47 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Local\Macromedia
[2013/01/27 19:18:35 | 000,027,256 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\FixZeroAccess.sys
[2013/01/26 21:55:42 | 000,000,000 | ---D | C] -- C:\Users\Deb\Documents\Outlook Files
[2013/01/26 11:41:25 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/01/26 11:37:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/01/26 11:32:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/01/26 11:31:21 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Local\Microsoft Help
[2013/01/26 11:31:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/01/26 11:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013/01/26 11:15:50 | 000,197,264 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\HipShieldK.sys
[2013/01/26 11:15:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2013/01/26 11:15:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2013/01/26 11:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2013/01/26 11:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2013/01/26 11:01:04 | 000,177,680 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\mfevtps.exe
[2013/01/26 11:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2013/01/25 16:23:30 | 000,000,000 | -H-D | C] -- C:\windows\AxInstSV
[2013/01/21 12:52:42 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\Catalina Marketing Corp
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/02/03 12:54:50 | 000,001,844 | ---- | M] () -- C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
[2013/02/03 12:53:00 | 000,727,310 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/02/03 12:53:00 | 000,624,606 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/02/03 12:53:00 | 000,106,724 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/02/03 12:48:15 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/02/03 12:47:58 | 3063,033,856 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/03 12:42:25 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/03 12:42:25 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/03 12:36:03 | 000,429,208 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/02/03 12:27:12 | 000,727,310 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/02/03 10:56:14 | 000,006,576 | ---- | M] () -- C:\bootsqm.dat
[2013/02/03 10:49:44 | 000,002,287 | ---- | M] () -- C:\Users\Deb\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/02/03 10:45:42 | 005,445,702 | ---- | M] () -- C:\Users\Deb\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2013/02/02 17:15:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Deb\Desktop\OTL.exe
[2013/02/02 17:14:08 | 000,538,188 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Deb\Desktop\JRT.exe
[2013/02/02 17:13:31 | 000,580,235 | ---- | M] () -- C:\Users\Deb\Desktop\adwcleaner.exe
[2013/02/02 16:50:00 | 000,000,900 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-200714488-2481930607-893224880-1000UA.job
[2013/02/02 16:49:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/02/02 15:23:01 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013/02/02 15:14:59 | 000,001,094 | ---- | M] () -- C:\Users\Deb\Desktop\ComboFix - Shortcut.lnk
[2013/02/02 12:31:23 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Deb\Desktop\rkill.exe
[2013/02/01 20:30:03 | 000,771,072 | ---- | M] () -- C:\Users\Deb\Desktop\winlogon.com.exe
[2013/02/01 19:50:17 | 000,000,848 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-200714488-2481930607-893224880-1000Core.job
[2013/01/29 22:12:46 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/29 21:31:40 | 000,027,256 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\FixZeroAccess.sys
[2013/01/29 21:23:19 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/01/29 18:53:55 | 000,031,998 | ---- | M] () -- C:\Users\Deb\Documents\cc_20130129_185320.reg
[2013/01/29 18:21:36 | 000,030,568 | ---- | M] (AVG Technologies) -- C:\windows\SysNative\drivers\avgtpx64.sys
[2013/01/27 18:49:04 | 000,002,239 | ---- | M] () -- C:\Users\Deb\Desktop\OneKey Recovery.lnk
[2013/01/26 21:55:44 | 000,001,131 | ---- | M] () -- C:\Users\Deb\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013/01/26 11:17:23 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013/01/26 11:17:23 | 000,002,046 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/02/03 10:56:14 | 000,006,576 | ---- | C] () -- C:\bootsqm.dat
[2013/02/03 10:49:44 | 000,002,287 | ---- | C] () -- C:\Users\Deb\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/02/03 10:45:42 | 005,445,702 | ---- | C] () -- C:\Users\Deb\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2013/02/02 17:13:24 | 000,580,235 | ---- | C] () -- C:\Users\Deb\Desktop\adwcleaner.exe
[2013/02/02 15:15:34 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/02/02 15:15:34 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/02/02 15:15:34 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/02/02 15:15:34 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/02/02 15:15:34 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/02/02 15:14:59 | 000,001,094 | ---- | C] () -- C:\Users\Deb\Desktop\ComboFix - Shortcut.lnk
[2013/02/01 20:30:00 | 000,771,072 | ---- | C] () -- C:\Users\Deb\Desktop\winlogon.com.exe
[2013/01/29 22:12:46 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/29 21:23:18 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/01/29 18:53:40 | 000,031,998 | ---- | C] () -- C:\Users\Deb\Documents\cc_20130129_185320.reg
[2013/01/26 21:55:44 | 000,001,131 | ---- | C] () -- C:\Users\Deb\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013/01/26 11:57:05 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/26 11:16:19 | 000,001,844 | ---- | C] () -- C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
[2013/01/26 11:15:50 | 000,002,641 | ---- | C] () -- C:\windows\SysNative\drivers\mfencrk.inf
[2013/01/26 11:15:49 | 000,002,946 | ---- | C] () -- C:\windows\SysNative\drivers\mfencbdc.inf
[2011/09/18 11:46:21 | 000,727,310 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/04/01 16:54:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/03/05 15:13:17 | 000,000,512 | ---- | C] () -- C:\windows\previous.bin
[2011/03/05 15:13:17 | 000,000,512 | ---- | C] () -- C:\windows\current.bin
[2011/03/05 14:59:47 | 002,110,816 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll
[2011/03/05 14:59:47 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll
[2011/03/05 14:59:41 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll
[2011/03/05 14:54:13 | 000,000,235 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/03/05 14:35:34 | 000,015,190 | ---- | C] () -- C:\windows\M3000Twn.ini
[2011/03/05 14:25:14 | 000,870,560 | ---- | C] () -- C:\windows\SysWow64\igkrng575.bin
[2011/03/05 14:25:14 | 000,208,896 | ---- | C] () -- C:\windows\SysWow64\iglhsip32.dll
[2011/03/05 14:25:14 | 000,143,360 | ---- | C] () -- C:\windows\SysWow64\iglhcp32.dll
[2011/03/05 14:25:13 | 000,104,636 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin
[2011/03/05 14:25:11 | 000,127,868 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\windows\sysWOW64\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/01/21 12:52:42 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Catalina Marketing Corp
[2013/01/29 17:34:02 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\go
[2013/01/29 21:26:34 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Nico Mak Computing
[2011/03/31 06:51:29 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\ooVoo Details
[2013/02/01 21:11:14 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\SoftGrid Client
[2011/09/18 11:47:17 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\TP
[2012/06/19 08:25:39 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\UpdateTemp1198781688
[2011/12/07 09:53:24 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\UpdateTemp555917465
[2012/04/07 15:56:04 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report >
OTL logfile created on: 2/3/2013 1:18:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Deb\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 3.22 Gb Available Physical Memory | 84.54% Memory free
7.61 Gb Paging File | 7.03 Gb Available in Paging File | 92.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 254.14 Gb Total Space | 190.39 Gb Free Space | 74.91% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 27.85 Gb Free Space | 96.05% Space Free | Partition Type: NTFS
Computer Name: DEB-PC | User Name: Deb | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/02/02 17:15:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Deb\Desktop\OTL.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - [2012/11/22 04:42:06 | 000,378,952 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/11/09 06:37:30 | 000,177,680 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/11/09 06:34:50 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/10/07 03:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/10/07 03:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2012/10/07 03:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/10/07 03:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/10/07 03:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2012/10/06 07:28:16 | 001,007,288 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2010/09/22 13:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WPDBusEnum)
SRV:64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WebClient)
SRV:64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (SensrSvc)
SRV:64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (RasMan)
SRV - [2013/01/08 16:49:40 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/04 10:54:14 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/26 13:15:26 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.313\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/06/23 04:39:54 | 000,046,080 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe -- (Oasis2Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 15:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/12/09 03:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/12/09 03:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/01/29 18:21:36 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/11/09 06:40:24 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/11/09 06:37:42 | 000,339,776 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/11/09 06:35:50 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/11/09 06:34:58 | 000,515,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/11/09 06:34:18 | 000,309,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/11/09 06:33:58 | 000,178,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/11/02 01:46:50 | 000,328,976 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2012/11/02 01:46:50 | 000,097,208 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2012/05/28 10:28:18 | 000,197,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 10:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/10/13 00:20:02 | 000,736,896 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010/08/07 03:07:16 | 001,326,928 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BisonC07.sys -- (Cam5607)
DRV:64bit: - [2010/06/10 06:43:20 | 001,380,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/31 02:47:08 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/03/11 22:23:16 | 000,242,720 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/03 14:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/26 03:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/02 17:38:30 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/11/06 07:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/10/18 19:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2009/09/16 23:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/20 11:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/21 09:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 15:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 15:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/08/06 07:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{C14984B6-0E90-453E-8BDD-E65545EA0700}: "URL" = http://www.mysearchresults.com/search?&c=2652&t=03&q={searchTerms}
IE - HKCU\..\SearchScopes\{C7E2EF61-2EFC-41C7-B1C1-DC6F466B7705}: "URL" = http://search.yahoo.com/search?p={s...e=W3i_DS,136,0_0,Search,20130105,17118,0,18,0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: firefox@facebook.com:1.8.2
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.6.0
FF - prefs.js..extensions.enabledItems: firefox@facebook.com:1.7.3
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.313\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Deb\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Deb\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Deb\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Deb\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/01/26 11:22:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/26 11:57:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/26 11:57:01 | 000,000,000 | ---D | M]
[2011/03/30 07:51:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deb\AppData\Roaming\Mozilla\Extensions
[2013/02/03 10:23:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\zq87jksh.default\extensions
[2013/01/26 11:58:12 | 000,319,802 | ---- | M] () (No name found) -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\zq87jksh.default\extensions\firefox@facebook.com.xpi
[2012/11/18 13:15:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/07/06 11:22:10 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/11/18 13:15:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/01/26 11:22:07 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2013/01/26 11:56:50 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/01/21 12:52:42 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll
[2013/01/26 11:56:43 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/01/26 11:56:42 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Deb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pddaeeclcbikcegjhhgocgkakehngcem\1.4_0\
CHR - Extension: No name found = C:\Users\Deb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoocbcmaj\1_0\
O1 HOSTS File: ([2013/02/02 15:23:01 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.313\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4:64bit: - HKLM..\RunOnce: [GrpConv] C:\windows\SysNative\grpconv.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Z1] C:\windows\SysWow64\cmd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 204.186.110.76 204.186.80.251 216.144.187.199
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65F1F6F6-7F1D-4BC0-AF36-A209CC6B035B}: DhcpNameServer = 204.186.110.76 204.186.80.251 216.144.187.199
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{946347D4-6E06-4B1C-AA0B-2DED38AF904C}: DhcpNameServer = 173.243.32.50 8.8.8.8
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/02/03 12:55:38 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013/02/03 12:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/02/03 12:36:19 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2013/02/03 12:35:38 | 000,000,000 | ---D | C] -- C:\windows\SysNative\catroot2
[2013/02/03 10:49:52 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs
[2013/02/03 10:49:44 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013/02/03 10:49:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2013/02/03 10:34:25 | 000,000,000 | ---D | C] -- C:\JRT
[2013/02/02 17:15:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Deb\Desktop\OTL.exe
[2013/02/02 17:14:08 | 000,538,188 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Deb\Desktop\JRT.exe
[2013/02/02 15:41:14 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/02/02 15:25:49 | 000,000,000 | ---D | C] -- C:\windows\temp
[2013/02/02 15:15:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013/02/02 15:15:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013/02/02 15:15:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013/02/02 15:09:47 | 000,000,000 | ---D | C] -- C:\matt_dahms6172m
[2013/02/02 15:02:53 | 000,000,000 | ---D | C] -- C:\matt_dahms23844m
[2013/02/02 14:46:24 | 000,000,000 | ---D | C] -- C:\matt_dahms23500m
[2013/02/02 14:45:46 | 000,000,000 | ---D | C] -- C:\matt_dahms26598m
[2013/02/02 14:45:11 | 000,000,000 | ---D | C] -- C:\matt_dahms27645m
[2013/02/02 12:44:33 | 000,000,000 | ---D | C] -- C:\matt_dahms
[2013/02/02 12:44:30 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/02/02 12:34:50 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/02/02 12:31:23 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Deb\Desktop\rkill.exe
[2013/02/02 01:36:41 | 000,000,000 | ---D | C] -- C:\FRST
[2013/02/01 23:03:54 | 000,000,000 | ---D | C] -- C:\Users\Deb\Documents\mbar-1.01.0.1017
[2013/02/01 20:34:16 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\RK_Quarantine
[2013/01/29 22:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/29 22:12:44 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013/01/29 22:12:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/01/29 22:12:18 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Local\Programs
[2013/01/29 18:51:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/01/29 18:21:43 | 000,030,568 | ---- | C] (AVG Technologies) -- C:\windows\SysNative\drivers\avgtpx64.sys
[2013/01/29 18:21:08 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\Nico Mak Computing
[2013/01/29 18:21:04 | 000,018,760 | ---- | C] (WinZip Computing, S.L.(WinZip Computing)) -- C:\windows\SysNative\roboot64.exe
[2013/01/27 21:03:53 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/01/27 20:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Quick PC Booster
[2013/01/27 20:42:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger
[2013/01/27 20:34:47 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\rkill
[2013/01/27 20:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2013/01/27 20:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2013/01/27 20:27:47 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Local\Macromedia
[2013/01/27 19:18:35 | 000,027,256 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\FixZeroAccess.sys
[2013/01/26 21:55:42 | 000,000,000 | ---D | C] -- C:\Users\Deb\Documents\Outlook Files
[2013/01/26 11:41:25 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/01/26 11:37:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/01/26 11:32:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/01/26 11:31:21 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Local\Microsoft Help
[2013/01/26 11:31:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/01/26 11:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013/01/26 11:15:50 | 000,197,264 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\HipShieldK.sys
[2013/01/26 11:15:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2013/01/26 11:15:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2013/01/26 11:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2013/01/26 11:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2013/01/26 11:01:04 | 000,177,680 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\mfevtps.exe
[2013/01/26 11:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2013/01/25 16:23:30 | 000,000,000 | -H-D | C] -- C:\windows\AxInstSV
[2013/01/21 12:52:42 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\Catalina Marketing Corp
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/02/03 12:54:50 | 000,001,844 | ---- | M] () -- C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
[2013/02/03 12:53:00 | 000,727,310 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/02/03 12:53:00 | 000,624,606 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/02/03 12:53:00 | 000,106,724 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/02/03 12:48:15 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/02/03 12:47:58 | 3063,033,856 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/03 12:42:25 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/03 12:42:25 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/03 12:36:03 | 000,429,208 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/02/03 12:27:12 | 000,727,310 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/02/03 10:56:14 | 000,006,576 | ---- | M] () -- C:\bootsqm.dat
[2013/02/03 10:49:44 | 000,002,287 | ---- | M] () -- C:\Users\Deb\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/02/03 10:45:42 | 005,445,702 | ---- | M] () -- C:\Users\Deb\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2013/02/02 17:15:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Deb\Desktop\OTL.exe
[2013/02/02 17:14:08 | 000,538,188 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Deb\Desktop\JRT.exe
[2013/02/02 17:13:31 | 000,580,235 | ---- | M] () -- C:\Users\Deb\Desktop\adwcleaner.exe
[2013/02/02 16:50:00 | 000,000,900 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-200714488-2481930607-893224880-1000UA.job
[2013/02/02 16:49:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/02/02 15:23:01 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013/02/02 15:14:59 | 000,001,094 | ---- | M] () -- C:\Users\Deb\Desktop\ComboFix - Shortcut.lnk
[2013/02/02 12:31:23 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Deb\Desktop\rkill.exe
[2013/02/01 20:30:03 | 000,771,072 | ---- | M] () -- C:\Users\Deb\Desktop\winlogon.com.exe
[2013/02/01 19:50:17 | 000,000,848 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-200714488-2481930607-893224880-1000Core.job
[2013/01/29 22:12:46 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/29 21:31:40 | 000,027,256 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\FixZeroAccess.sys
[2013/01/29 21:23:19 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/01/29 18:53:55 | 000,031,998 | ---- | M] () -- C:\Users\Deb\Documents\cc_20130129_185320.reg
[2013/01/29 18:21:36 | 000,030,568 | ---- | M] (AVG Technologies) -- C:\windows\SysNative\drivers\avgtpx64.sys
[2013/01/27 18:49:04 | 000,002,239 | ---- | M] () -- C:\Users\Deb\Desktop\OneKey Recovery.lnk
[2013/01/26 21:55:44 | 000,001,131 | ---- | M] () -- C:\Users\Deb\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013/01/26 11:17:23 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013/01/26 11:17:23 | 000,002,046 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/02/03 10:56:14 | 000,006,576 | ---- | C] () -- C:\bootsqm.dat
[2013/02/03 10:49:44 | 000,002,287 | ---- | C] () -- C:\Users\Deb\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/02/03 10:45:42 | 005,445,702 | ---- | C] () -- C:\Users\Deb\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2013/02/02 17:13:24 | 000,580,235 | ---- | C] () -- C:\Users\Deb\Desktop\adwcleaner.exe
[2013/02/02 15:15:34 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/02/02 15:15:34 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/02/02 15:15:34 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/02/02 15:15:34 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/02/02 15:15:34 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/02/02 15:14:59 | 000,001,094 | ---- | C] () -- C:\Users\Deb\Desktop\ComboFix - Shortcut.lnk
[2013/02/01 20:30:00 | 000,771,072 | ---- | C] () -- C:\Users\Deb\Desktop\winlogon.com.exe
[2013/01/29 22:12:46 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/29 21:23:18 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/01/29 18:53:40 | 000,031,998 | ---- | C] () -- C:\Users\Deb\Documents\cc_20130129_185320.reg
[2013/01/26 21:55:44 | 000,001,131 | ---- | C] () -- C:\Users\Deb\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013/01/26 11:57:05 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/26 11:16:19 | 000,001,844 | ---- | C] () -- C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
[2013/01/26 11:15:50 | 000,002,641 | ---- | C] () -- C:\windows\SysNative\drivers\mfencrk.inf
[2013/01/26 11:15:49 | 000,002,946 | ---- | C] () -- C:\windows\SysNative\drivers\mfencbdc.inf
[2011/09/18 11:46:21 | 000,727,310 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/04/01 16:54:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/03/05 15:13:17 | 000,000,512 | ---- | C] () -- C:\windows\previous.bin
[2011/03/05 15:13:17 | 000,000,512 | ---- | C] () -- C:\windows\current.bin
[2011/03/05 14:59:47 | 002,110,816 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll
[2011/03/05 14:59:47 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll
[2011/03/05 14:59:41 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll
[2011/03/05 14:54:13 | 000,000,235 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/03/05 14:35:34 | 000,015,190 | ---- | C] () -- C:\windows\M3000Twn.ini
[2011/03/05 14:25:14 | 000,870,560 | ---- | C] () -- C:\windows\SysWow64\igkrng575.bin
[2011/03/05 14:25:14 | 000,208,896 | ---- | C] () -- C:\windows\SysWow64\iglhsip32.dll
[2011/03/05 14:25:14 | 000,143,360 | ---- | C] () -- C:\windows\SysWow64\iglhcp32.dll
[2011/03/05 14:25:13 | 000,104,636 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin
[2011/03/05 14:25:11 | 000,127,868 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\windows\sysWOW64\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/01/21 12:52:42 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Catalina Marketing Corp
[2013/01/29 17:34:02 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\go
[2013/01/29 21:26:34 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Nico Mak Computing
[2011/03/31 06:51:29 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\ooVoo Details
[2013/02/01 21:11:14 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\SoftGrid Client
[2011/09/18 11:47:17 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\TP
[2012/06/19 08:25:39 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\UpdateTemp1198781688
[2011/12/07 09:53:24 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\UpdateTemp555917465
[2012/04/07 15:56:04 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report >