OTL logfile created on: 1/7/2015 11:06:51 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\justin\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17498) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 11.93 Gb Total Physical Memory | 9.42 Gb Available Physical Memory | 78.99% Memory free 13.74 Gb Paging File | 11.53 Gb Available in Paging File | 83.91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 905.89 Gb Total Space | 816.30 Gb Free Space | 90.11% Space Free | Partition Type: NTFS Drive D: | 24.60 Gb Total Space | 2.72 Gb Free Space | 11.07% Space Free | Partition Type: NTFS Computer Name: GABBY | User Name: justin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Users\justin\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) PRC - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.) PRC - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.) PRC - C:\SYSTEM.SAV\Util\ibtsiva.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Program Files\AVAST Software\Avast\libcef.dll () [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - (GfExperienceService) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) SRV:[b]64bit:[/b] - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) SRV:[b]64bit:[/b] - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV:[b]64bit:[/b] - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (SynTPEnhService) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated) SRV:[b]64bit:[/b] - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation) SRV:[b]64bit:[/b] - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe () SRV:[b]64bit:[/b] - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV:[b]64bit:[/b] - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV:[b]64bit:[/b] - (igfxCUIService1.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation) SRV:[b]64bit:[/b] - (RichVideo64) -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe () SRV:[b]64bit:[/b] - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (omniserv) -- C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (Softex Inc.) SRV:[b]64bit:[/b] - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) SRV:[b]64bit:[/b] - (ISCTAgent) -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe () SRV:[b]64bit:[/b] - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV:[b]64bit:[/b] - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation) SRV:[b]64bit:[/b] - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV:[b]64bit:[/b] - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (eb12ba5e) -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) SRV:[b]64bit:[/b] - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:[b]64bit:[/b] - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation) SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios) SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (iBtSiva) -- C:\SYSTEM.SAV\Util\ibtsiva.exe (Intel Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - (webinstrNHK) -- C:\Windows\SysNative\drivers\webinstrNHK.sys (Corsica) DRV:[b]64bit:[/b] - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation) DRV:[b]64bit:[/b] - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys () DRV:[b]64bit:[/b] - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:[b]64bit:[/b] - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys () DRV:[b]64bit:[/b] - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys () DRV:[b]64bit:[/b] - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:[b]64bit:[/b] - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation) DRV:[b]64bit:[/b] - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation) DRV:[b]64bit:[/b] - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:[b]64bit:[/b] - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Wof) -- C:\Windows\SysNative\drivers\wof.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation) DRV:[b]64bit:[/b] - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (NETwNb64) -- C:\Windows\SysNative\drivers\Netwbw02.sys (Intel Corporation) DRV:[b]64bit:[/b] - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:[b]64bit:[/b] - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated) DRV:[b]64bit:[/b] - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys (Synaptics Incorporated) DRV:[b]64bit:[/b] - (ibtusb) -- C:\Windows\SysNative\drivers\ibtusb.sys (Intel Corporation) DRV:[b]64bit:[/b] - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek ) DRV:[b]64bit:[/b] - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:[b]64bit:[/b] - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.) DRV:[b]64bit:[/b] - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:[b]64bit:[/b] - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation) DRV:[b]64bit:[/b] - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation) DRV:[b]64bit:[/b] - (ReFS) -- C:\Windows\SysNative\drivers\refs.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation) DRV:[b]64bit:[/b] - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation) DRV:[b]64bit:[/b] - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation) DRV:[b]64bit:[/b] - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation) DRV:[b]64bit:[/b] - (CLVirtualDrive) -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys (CyberLink) DRV:[b]64bit:[/b] - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation) DRV:[b]64bit:[/b] - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:[b]64bit:[/b] - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:[b]64bit:[/b] - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation) DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:[b]64bit:[/b] - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation) DRV:[b]64bit:[/b] - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra) DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:[b]64bit:[/b] - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI) DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:[b]64bit:[/b] - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation) DRV:[b]64bit:[/b] - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.) DRV:[b]64bit:[/b] - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation) DRV:[b]64bit:[/b] - (ISCT) -- C:\Windows\SysNative\drivers\ISCTD64.sys () DRV:[b]64bit:[/b] - (imsevent) -- C:\Windows\SysNative\drivers\imsevent.sys () DRV:[b]64bit:[/b] - (INETMON) -- C:\Windows\SysNative\drivers\INETMON.sys () DRV:[b]64bit:[/b] - (ikbevent) -- C:\Windows\SysNative\drivers\ikbevent.sys () DRV:[b]64bit:[/b] - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider) DRV:[b]64bit:[/b] - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation) DRV:[b]64bit:[/b] - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation) DRV:[b]64bit:[/b] - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation) DRV:[b]64bit:[/b] - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard) DRV:[b]64bit:[/b] - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard) DRV:[b]64bit:[/b] - (WirelessButtonDriver) -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys (Hewlett-Packard Development Company, L.P.) DRV:[b]64bit:[/b] - (NETwNe64) -- C:\Windows\SysNative\drivers\NETwew02.sys (Intel Corporation) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPNOT14/1 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{44EB6667-ADE5-42FA-9E79-858F562DE7D4}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1D CF 44 5C E3 2A D0 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:60259;https=127.0.0.1:60259 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/12/12 03:38:45 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{DEB3EF69-9903-4024-9D7D-EBB2D0AA4C96}: C:\Program Files (x86)\ver3BlockAndSurf\185.xpi [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: http://www.trovi.com/?gd=&ctid=CT3333566&octid=EB_ORIGINAL_CTID&ISID=MCD65C7CF-5664-4C64-8466-2C78DB03B781&SearchSource=55&CUI=&UM=8&UP=SP716CED16-1A61-4A37-BE2C-C1B11083D32F&SSPV=SP21930TA_sp_ch CHR - plugin: Error reading preferences file CHR - Extension: avast! Online Security (BETA) = C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam\10.0.2201.137_1\ O1 HOSTS File: ([2014/12/20 19:30:18 | 000,518,369 | ---- | M]) - C:\Windows\SysNative\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost #[IPv6] O1 - Hosts: 0.0.0.0 fr.a2dfp.net O1 - Hosts: 0.0.0.0 m.fr.a2dfp.net O1 - Hosts: 0.0.0.0 mfr.a2dfp.net O1 - Hosts: 0.0.0.0 ad.a8.net O1 - Hosts: 0.0.0.0 asy.a8ww.net O1 - Hosts: 0.0.0.0 static.a-ads.com O1 - Hosts: 0.0.0.0 atlas.aamedia.ro O1 - Hosts: 0.0.0.0 abcstats.com O1 - Hosts: 0.0.0.0 ad4.abradio.cz O1 - Hosts: 0.0.0.0 a.abv.bg O1 - Hosts: 0.0.0.0 adserver.abv.bg O1 - Hosts: 0.0.0.0 adv.abv.bg O1 - Hosts: 0.0.0.0 bimg.abv.bg O1 - Hosts: 0.0.0.0 ca.abv.bg O1 - Hosts: 0.0.0.0 www2.a-counter.kiev.ua O1 - Hosts: 0.0.0.0 track.acclaimnetwork.com O1 - Hosts: 0.0.0.0 accuserveadsystem.com O1 - Hosts: 0.0.0.0 www.accuserveadsystem.com O1 - Hosts: 0.0.0.0 achmedia.com O1 - Hosts: 0.0.0.0 csh.actiondesk.com O1 - Hosts: 0.0.0.0 ads.activepower.net O1 - Hosts: 0.0.0.0 app.activetrail.com O1 - Hosts: 0.0.0.0 stat.active24stats.nl #[Tracking.Cookie] O1 - Hosts: 15526 more lines... O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b]64bit:[/b] - BHO: (no name) - {b02822b2-c825-4eb2-8aef-86dc251f2fe6} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [SimplePass] C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Hewlett-Packard) O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O4:[b]64bit:[/b] - HKLM..\RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254 74.40.74.41 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CC06707-F07B-4F38-B97D-0C0128CE1482}: DhcpNameServer = 192.168.254.254 74.40.74.41 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{325523EC-E97B-4B97-95FB-A91F7E851F60}: DhcpNameServer = 40.20.1.201 40.20.1.202 O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2015/01/07 23:06:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\justin\Desktop\OTL.exe [2015/01/07 22:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses [2015/01/07 22:49:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster [2015/01/07 22:49:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster [2015/01/07 22:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2015/01/07 22:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2015/01/07 22:30:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2015/01/07 21:16:11 | 000,000,000 | ---D | C] -- C:\SUPERDelete [2015/01/07 21:12:41 | 000,000,000 | -HSD | C] -- C:\Users\justin\AppData\Local\EmieUserList [2015/01/07 21:12:41 | 000,000,000 | -HSD | C] -- C:\Users\justin\AppData\Local\EmieSiteList [2015/01/07 21:12:41 | 000,000,000 | -HSD | C] -- C:\Users\justin\AppData\Local\EmieBrowserModeList [2015/01/07 19:12:55 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\ElevatedDiagnostics [2015/01/07 17:46:58 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2015/01/06 20:42:19 | 000,056,432 | ---- | C] (Corsica) -- C:\Windows\SysNative\drivers\webinstrNHK.sys [2015/01/06 17:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\turbodiagnosis [2015/01/06 17:23:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer [2015/01/06 17:23:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\download Manager [2015/01/06 17:22:53 | 006,946,176 | ---- | C] (TeamViewer GmbH) -- C:\Users\justin\Desktop\TeamViewer_8.0.20935.exe [2014/12/31 12:22:28 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\Intel_Corporation [2014/12/27 16:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2014/12/27 16:50:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2014/12/27 16:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [2014/12/27 16:49:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle [2014/12/27 16:49:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2014/12/27 14:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2014/12/27 14:31:39 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2014/12/27 13:53:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2014/12/16 20:51:16 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\Diagnostics [2014/12/16 17:34:08 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014/12/16 17:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [2014/12/16 17:33:54 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2014/12/16 17:33:54 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys [2014/12/16 17:33:54 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2014/12/16 17:33:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware [2014/12/16 17:33:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2014/12/16 17:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2014/12/16 17:19:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2014/12/16 17:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO [2014/12/16 17:08:48 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps [2014/12/16 17:08:44 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2014/12/15 08:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft [2014/12/15 07:15:31 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel [2014/12/15 07:15:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser [2014/12/15 07:10:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT [2014/12/15 00:28:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft [2014/12/14 23:50:53 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\Blizzard Entertainment [2014/12/14 23:50:46 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\Battle.net [2014/12/14 23:50:46 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\Battle.net [2014/12/14 23:50:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2014/12/14 23:50:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net [2014/12/14 23:50:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net [2014/12/14 23:39:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2014/12/13 18:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Riot Games [2014/12/13 18:50:06 | 000,000,000 | ---D | C] -- C:\Riot Games [2014/12/13 18:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends [2014/12/13 18:37:29 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\Riot Games [2014/12/13 15:01:59 | 000,000,000 | ---D | C] -- C:\Users\justin\Documents\Avatar [2014/12/13 14:53:24 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\CyberLink [2014/12/12 03:45:49 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2014/12/12 03:40:46 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\Dropbox [2014/12/12 03:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Avast Free Antivirus and Options [2014/12/12 03:39:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avast Free Antivirus and Options [2014/12/12 03:39:31 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\AVAST Software [2014/12/12 03:39:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast [2014/12/12 03:38:47 | 001,041,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2014/12/12 03:38:47 | 000,427,872 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2014/12/12 03:38:47 | 000,108,512 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2014/12/12 03:38:47 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2014/12/12 03:38:47 | 000,079,696 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2014/12/12 03:38:46 | 000,364,512 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2014/12/12 03:38:44 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2014/12/12 03:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2014/12/12 03:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2014/12/12 03:03:16 | 000,000,000 | ---D | C] -- C:\Users\justin\Tracing [2014/12/12 03:00:46 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\Skype [2014/12/12 03:00:43 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\Skype [2014/12/12 03:00:39 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2014/12/12 03:00:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2014/12/12 03:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2014/12/12 03:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2014/12/12 02:59:14 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\hpqlog [2014/12/12 02:58:43 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\Programs [2014/12/12 00:26:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2014/12/12 00:26:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2014/12/12 00:26:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2014/12/11 22:56:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2014/12/11 22:55:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2014/12/11 22:55:32 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\Google [2014/12/11 22:55:23 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\Deployment [2014/12/11 22:55:23 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\Apps [2014/12/11 21:56:29 | 000,000,000 | ---D | C] -- C:\Users\justin\Documents\My Games [2014/12/11 21:03:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios [2014/12/11 21:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Hi-Rez Studios [2014/12/11 21:03:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hi-Rez Studios [2014/12/11 19:27:41 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\CrashDumps [2014/12/11 19:25:32 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\Macromedia [2014/12/11 19:24:32 | 000,000,000 | R--D | C] -- C:\Users\justin\OneDrive [2014/12/11 19:23:59 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\Hewlett-Packard [2014/12/11 19:23:22 | 000,000,000 | ---D | C] -- C:\Users\justin\Documents\Youcam [2014/12/11 19:23:20 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\CyberLink [2014/12/11 19:21:14 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\Hewlett-Packard [2014/12/11 19:20:21 | 000,000,000 | R--D | C] -- C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2014/12/11 19:20:21 | 000,000,000 | R--D | C] -- C:\Users\justin\Searches [2014/12/11 19:20:21 | 000,000,000 | R--D | C] -- C:\Users\justin\Contacts [2014/12/11 19:20:21 | 000,000,000 | R--D | C] -- C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2014/12/11 19:20:21 | 000,000,000 | -H-D | C] -- C:\Users\justin\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2014/12/11 19:20:18 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\VirtualStore [2014/12/11 19:20:18 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\Adobe [2014/12/11 19:20:02 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\Packages [2014/12/11 19:20:01 | 000,000,000 | -HSD | C] -- C:\Users\justin\IntelGraphicsProfiles [2014/12/11 19:19:56 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\Synaptics [2014/12/11 19:19:54 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\NVIDIA Corporation [2014/12/11 19:19:54 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\NVIDIA [2014/12/11 19:19:53 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\Intel [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\AppData\Local\Temporary Internet Files [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\Templates [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\Start Menu [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\SendTo [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\Recent [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\PrintHood [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\NetHood [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\Documents\My Videos [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\Documents\My Pictures [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\Documents\My Music [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\My Documents [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\Local Settings [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\AppData\Local\History [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\Cookies [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\Application Data [2014/12/11 19:19:31 | 000,000,000 | -HSD | C] -- C:\Users\justin\AppData\Local\Application Data [2014/12/11 19:19:30 | 000,000,000 | --SD | C] -- C:\Users\justin\AppData\Roaming\Microsoft [2014/12/11 19:19:30 | 000,000,000 | R--D | C] -- C:\Users\justin\Videos [2014/12/11 19:19:30 | 000,000,000 | R--D | C] -- C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2014/12/11 19:19:30 | 000,000,000 | R--D | C] -- C:\Users\justin\Saved Games [2014/12/11 19:19:30 | 000,000,000 | R--D | C] -- C:\Users\justin\Pictures [2014/12/11 19:19:30 | 000,000,000 | R--D | C] -- C:\Users\justin\Music [2014/12/11 19:19:30 | 000,000,000 | R--D | C] -- C:\Users\justin\Links [2014/12/11 19:19:30 | 000,000,000 | R--D | C] -- C:\Users\justin\Favorites [2014/12/11 19:19:30 | 000,000,000 | R--D | C] -- C:\Users\justin\Downloads [2014/12/11 19:19:30 | 000,000,000 | R--D | C] -- C:\Users\justin\Documents [2014/12/11 19:19:30 | 000,000,000 | R--D | C] -- C:\Users\justin\Desktop [2014/12/11 19:19:30 | 000,000,000 | R--D | C] -- C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2014/12/11 19:19:30 | 000,000,000 | R--D | C] -- C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2014/12/11 19:19:30 | 000,000,000 | -H-D | C] -- C:\Users\justin\Documents\hp.system.package.metadata [2014/12/11 19:19:30 | 000,000,000 | -H-D | C] -- C:\Users\justin\Documents\hp.applications.package.appdata [2014/12/11 19:19:30 | 000,000,000 | -H-D | C] -- C:\Users\justin\AppData [2014/12/11 19:19:30 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\Temp [2014/12/11 19:19:30 | 000,000,000 | ---D | C] -- C:\Users\justin\Roaming [2014/12/11 19:19:30 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Local\Microsoft [2014/12/11 19:19:30 | 000,000,000 | ---D | C] -- C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2014/12/11 19:08:15 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2015/01/07 23:06:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\justin\Desktop\OTL.exe [2015/01/07 23:00:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2015/01/07 23:00:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2015/01/07 22:41:38 | 000,000,466 | ---- | M] () -- C:\Windows\SysNative\.crusader [2015/01/07 22:38:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2015/01/07 22:20:42 | 000,002,266 | ---- | M] () -- C:\Users\justin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2015/01/07 22:20:42 | 000,002,242 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2015/01/07 20:59:05 | 000,958,356 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2015/01/07 20:59:05 | 000,797,164 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2015/01/07 20:59:05 | 000,161,882 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2015/01/07 20:53:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2015/01/07 20:51:07 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2015/01/07 20:51:05 | 1659,387,902 | -HS- | M] () -- C:\hiberfil.sys [2015/01/07 18:46:23 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2015/01/07 17:39:59 | 000,354,128 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2015/01/07 17:25:27 | 000,002,531 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2015/01/07 14:49:36 | 000,001,185 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk [2015/01/07 09:19:13 | 000,002,019 | ---- | M] () -- C:\Windows\patsearch.bin [2015/01/06 20:42:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstrNHK_01009.Wdf [2015/01/06 20:42:19 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2015/01/06 20:42:02 | 000,056,432 | ---- | M] (Corsica) -- C:\Windows\SysNative\drivers\webinstrNHK.sys [2015/01/06 17:23:08 | 006,946,176 | ---- | M] (TeamViewer GmbH) -- C:\Users\justin\Desktop\TeamViewer_8.0.20935.exe [2014/12/27 14:30:05 | 000,000,841 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2014/12/20 19:30:18 | 000,518,369 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\HOSTS [2014/12/16 17:33:58 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014/12/16 17:26:29 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\HOSTS.MVP [2014/12/16 17:17:01 | 000,001,443 | ---- | M] () -- C:\Users\justin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2014/12/16 17:08:44 | 000,002,326 | ---- | M] () -- C:\Users\justin\Desktop\Chrome App Launcher.lnk [2014/12/15 08:26:13 | 000,001,255 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk [2014/12/14 23:50:42 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk [2014/12/13 18:50:07 | 000,001,625 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends.lnk [2014/12/13 02:08:08 | 000,027,983 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2014/12/12 18:22:41 | 000,000,982 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2014/12/12 15:11:01 | 004,151,176 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [2014/12/12 03:39:17 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2014/12/12 03:38:44 | 000,427,872 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2014/12/12 03:38:44 | 000,364,512 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2014/12/12 03:38:44 | 000,224,896 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2014/12/12 03:38:44 | 000,108,512 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2014/12/12 03:38:44 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2014/12/12 03:38:44 | 000,079,696 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2014/12/12 03:38:44 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2014/12/12 03:38:44 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2014/12/12 03:38:44 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys [2014/12/12 03:38:39 | 001,041,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2014/12/11 21:03:51 | 000,002,052 | ---- | M] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk [2014/12/11 21:03:51 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\Smite.lnk [2014/12/11 19:33:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf [2014/12/11 19:20:11 | 000,000,184 | ---- | M] () -- C:\Windows\insFileSpec [2014/12/11 19:19:57 | 000,000,180 | ---- | M] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2015/01/07 22:41:38 | 000,000,466 | ---- | C] () -- C:\Windows\SysNative\.crusader [2015/01/06 20:42:20 | 000,002,019 | ---- | C] () -- C:\Windows\patsearch.bin [2015/01/06 20:42:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstrNHK_01009.Wdf [2015/01/06 17:23:45 | 000,001,197 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk [2015/01/06 17:23:45 | 000,001,185 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk [2015/01/06 13:45:14 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014/12/16 17:33:58 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014/12/16 17:19:36 | 000,000,841 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2014/12/16 17:08:44 | 000,002,326 | ---- | C] () -- C:\Users\justin\Desktop\Chrome App Launcher.lnk [2014/12/15 08:26:13 | 000,001,255 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk [2014/12/15 07:21:41 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2014/12/14 23:50:42 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk [2014/12/13 18:50:07 | 000,001,625 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends.lnk [2014/12/12 23:14:35 | 000,389,176 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2014/12/12 03:39:17 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2014/12/12 03:38:47 | 000,224,896 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2014/12/12 03:38:47 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2014/12/12 03:38:47 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys [2014/12/12 03:00:39 | 000,002,531 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2014/12/12 00:26:31 | 000,000,982 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2014/12/11 22:56:08 | 000,002,266 | ---- | C] () -- C:\Users\justin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2014/12/11 22:56:08 | 000,002,242 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014/12/11 22:55:36 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/12/11 22:55:35 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014/12/11 21:03:51 | 000,002,052 | ---- | C] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk [2014/12/11 21:03:51 | 000,002,043 | ---- | C] () -- C:\Users\Public\Desktop\Smite.lnk [2014/12/11 19:33:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf [2014/12/11 19:24:47 | 000,001,443 | ---- | C] () -- C:\Users\justin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2014/12/11 19:20:18 | 000,001,449 | ---- | C] () -- C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2014/12/11 19:20:11 | 000,000,184 | ---- | C] () -- C:\Windows\insFileSpec [2014/12/11 19:20:10 | 000,002,241 | ---- | C] () -- C:\Users\Public\Desktop\Snapfish.lnk [2014/12/11 19:19:57 | 000,000,180 | ---- | C] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [2014/12/11 19:19:31 | 000,000,352 | ---- | C] () -- C:\Users\justin\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2014/12/11 19:19:31 | 000,000,334 | ---- | C] () -- C:\Users\justin\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2014/12/11 19:19:30 | 000,000,369 | ---- | C] () -- C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk [2014/12/11 19:19:30 | 000,000,369 | ---- | C] () -- C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk [2014/04/24 04:38:44 | 000,348,088 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll [2014/04/24 04:35:42 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2014/04/24 04:35:40 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll [2014/04/02 15:13:50 | 000,974,698 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2014/03/18 01:55:05 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini [2014/03/18 01:54:40 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2013/08/27 13:00:08 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2013/08/22 07:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2013/08/22 07:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2013/08/22 06:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2013/08/21 23:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2013/08/21 19:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2013/08/21 15:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2013/08/21 15:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2014/08/26 01:06:50 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014/08/30 16:15:33 | 021,197,152 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014/08/30 14:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 01:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 18:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 01:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2014/12/12 03:39:31 | 000,000,000 | ---D | M] -- C:\Users\justin\AppData\Roaming\AVAST Software [2014/12/19 21:10:32 | 000,000,000 | ---D | M] -- C:\Users\justin\AppData\Roaming\Battle.net [2014/12/12 03:46:13 | 000,000,000 | ---D | M] -- C:\Users\justin\AppData\Roaming\Dropbox [2014/12/13 18:50:57 | 000,000,000 | ---D | M] -- C:\Users\justin\AppData\Roaming\Riot Games [2014/12/11 19:19:56 | 000,000,000 | ---D | M] -- C:\Users\justin\AppData\Roaming\Synaptics [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 220 bytes -> C:\Users\justin\OneDrive:ms-properties @Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:B3503B59 @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34 < End of report >