OTL logfile created on: 2/10/2015 10:18:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\MTB\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 21.16% Memory free
7.99 Gb Paging File | 2.91 Gb Available in Paging File | 36.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 893.63 Gb Free Space | 95.94% Space Free | Partition Type: NTFS
Drive D: | 164.85 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 1.79 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: MTB-PC | User Name: MTB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2015/02/10 22:16:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MTB\Downloads\OTL.exe
PRC - [2015/02/10 21:17:35 | 002,632,336 | ---- | M] (© 2013 Microsoft Corporation) -- C:\Users\MTB\AppData\Local\Microsoft\DefaultSetup\DefaultSetup.exe
PRC - [2015/02/04 02:02:55 | 000,843,592 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/01/19 12:06:46 | 000,126,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2015/01/19 12:06:40 | 000,182,520 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
PRC - [2015/01/15 23:41:11 | 002,585,744 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015/01/15 23:41:08 | 001,706,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/11/24 10:23:31 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014/11/24 10:23:22 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014/11/24 10:23:21 | 000,702,768 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014/07/02 10:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/05/25 04:25:02 | 006,595,928 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2009/12/23 14:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009/08/04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009/08/04 17:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2015/02/07 01:08:33 | 019,547,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\478dc7fd10cabd3376199e7e857d4b5a\System.ServiceModel.ni.dll
MOD - [2015/02/07 01:08:17 | 002,964,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\88b27ec2125720e652224a1fb387ed23\System.IdentityModel.ni.dll
MOD - [2015/02/07 01:08:11 | 000,392,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\5ee6d68d64d1e33d113d5089cb2fb2d3\System.Xml.Linq.ni.dll
MOD - [2015/02/07 01:07:48 | 000,188,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\232495ea0368dada2d208c51f0e5349c\UIAutomationTypes.ni.dll
MOD - [2015/02/07 01:07:45 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\27e8f505ddb7718933b9c029f6f7a3c4\PresentationFramework-SystemXml.ni.dll
MOD - [2015/02/07 01:07:45 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\fd83da7db20206084d886b7ce3b55ec9\PresentationFramework-SystemData.ni.dll
MOD - [2015/02/07 01:07:45 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\da921af82cd6e90dd073b24caf27ac56\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2015/02/06 18:24:00 | 018,753,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\613fd0f86fc699adfe3184b2e746aa18\PresentationFramework.ni.dll
MOD - [2015/02/06 18:23:52 | 000,218,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\db1c3cbe2929192ad0361f64a25481d5\System.ServiceProcess.ni.dll
MOD - [2015/02/06 18:23:51 | 007,386,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\add15017f88a7eccb8676d7239297d1c\System.Data.ni.dll
MOD - [2015/02/06 18:23:49 | 012,895,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ac38cb30c15eb9e4a54459ee01e9f8e6\System.Windows.Forms.ni.dll
MOD - [2015/02/06 18:23:49 | 011,014,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\eed4ad7c1049e7cf47606479d68ec1de\PresentationCore.ni.dll
MOD - [2015/02/06 18:23:49 | 002,521,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\47023d8fd33b3bd9ab4c3ce84c19d201\System.Data.Linq.ni.dll
MOD - [2015/02/06 18:23:48 | 001,033,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\46eb45905e7c97cf10f74a15879700aa\System.ComponentModel.Composition.ni.dll
MOD - [2015/02/06 18:23:46 | 007,785,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\668bc5e53fd656dc16c9f40ea15e872e\System.Xml.ni.dll
MOD - [2015/02/06 18:23:45 | 006,982,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\e0fea191b75897ec38735bfc31b89fe0\System.Core.ni.dll
MOD - [2015/02/06 18:23:44 | 002,804,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\6184c7705ab9c508cde1318f284afa33\System.Runtime.Serialization.ni.dll
MOD - [2015/02/06 18:23:43 | 003,904,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a40acfa4a0c4bb0dbf824ace588583ba\WindowsBase.ni.dll
MOD - [2015/02/06 18:23:43 | 001,639,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ce11900fa489575613dc777c7fbb0d7d\System.Drawing.ni.dll
MOD - [2015/02/06 18:23:43 | 000,788,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\7203a9da55580016b826a4cade6c5139\System.ServiceModel.Internals.ni.dll
MOD - [2015/02/06 18:23:43 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\72f5d3ff58e143354c4c48149eba08d9\SMDiagnostics.ni.dll
MOD - [2015/02/06 18:23:42 | 001,873,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f246b71bfd9c1537167b7f6d4f18cd01\System.Xaml.ni.dll
MOD - [2015/02/06 18:23:42 | 000,967,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7ece7799d670cdfc1393b98b0668a046\System.Configuration.ni.dll
MOD - [2015/02/06 18:23:41 | 010,067,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\b75ba99f72f116d8951b0f2bba8c276a\System.ni.dll
MOD - [2015/02/06 18:23:41 | 000,458,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\422aaa813823622198be87739142c44e\PresentationFramework.Aero.ni.dll
MOD - [2015/02/06 18:23:37 | 017,207,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
MOD - [2015/02/06 18:23:37 | 000,146,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\de2a832558f95db343e443c365bd3575\System.Numerics.ni.dll
MOD - [2015/02/04 02:02:53 | 014,965,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
MOD - [2015/02/04 02:02:51 | 009,170,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
MOD - [2015/02/04 02:02:47 | 001,117,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
MOD - [2015/02/04 02:02:45 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
MOD - [2012/05/25 04:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2012/05/25 04:25:00 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
MOD - [2009/07/30 18:15:32 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2015/01/15 23:41:08 | 001,148,560 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:[b]64bit:[/b] - [2015/01/15 23:41:06 | 021,833,360 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2012/05/31 22:16:34 | 000,349,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV:[b]64bit:[/b] - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/13 18:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV:[b]64bit:[/b] - [2009/07/13 18:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
SRV:[b]64bit:[/b] - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2009/07/13 18:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
SRV:[b]64bit:[/b] - [2009/07/13 18:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV:[b]64bit:[/b] - [2009/07/13 18:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:[b]64bit:[/b] - [2009/07/13 18:39:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:[b]64bit:[/b] - [2009/07/13 18:39:21 | 000,065,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nfsclnt.exe -- (NfsClnt)
SRV:[b]64bit:[/b] - [2009/07/13 18:39:20 | 000,189,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
SRV:[b]64bit:[/b] - [2009/07/13 18:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:[b]64bit:[/b] - [2009/07/13 18:39:13 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:[b]64bit:[/b] - [2009/07/13 18:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2015/02/09 11:25:11 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/02/05 17:55:53 | 001,910,128 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/01/19 12:06:40 | 000,182,520 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2015/01/15 23:41:08 | 001,706,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/11/24 10:23:31 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/11/24 10:23:22 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/07/02 10:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/01/05 08:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2009/12/23 14:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/08/04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009/07/13 18:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/13 18:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/07/13 18:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/07/13 18:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009/07/13 18:14:39 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2015/02/05 19:10:20 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2015/01/15 23:41:06 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:[b]64bit:[/b] - [2014/11/24 10:23:23 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:[b]64bit:[/b] - [2014/11/24 10:23:22 | 000,131,608 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:[b]64bit:[/b] - [2014/11/24 10:23:21 | 000,119,272 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:[b]64bit:[/b] - [2014/11/22 03:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2014/11/21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:[b]64bit:[/b] - [2014/11/21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2014/09/23 10:56:58 | 000,083,656 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:[b]64bit:[/b] - [2014/09/23 10:56:58 | 000,043,720 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:[b]64bit:[/b] - [2014/02/16 09:23:54 | 000,060,640 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2013/07/24 08:02:55 | 000,034,816 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:[b]64bit:[/b] - [2013/03/04 05:24:27 | 000,040,344 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:[b]64bit:[/b] - [2012/09/21 12:04:22 | 004,763,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:[b]64bit:[/b] - [2012/09/21 12:04:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:[b]64bit:[/b] - [2011/09/29 02:30:34 | 000,646,248 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010/11/11 01:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:[b]64bit:[/b] - [2010/11/11 01:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:[b]64bit:[/b] - [2010/11/11 01:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:[b]64bit:[/b] - [2010/11/11 01:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:[b]64bit:[/b] - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:[b]64bit:[/b] - [2009/10/09 02:41:02 | 001,394,176 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/07/13 18:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/13 17:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:[b]64bit:[/b] - [2009/07/13 17:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:[b]64bit:[/b] - [2009/07/13 16:35:55 | 000,010,240 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psxdrv.sys -- (PsxDrv)
DRV:[b]64bit:[/b] - [2009/07/13 16:24:45 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rpcxdr.sys -- (RpcXdr)
DRV:[b]64bit:[/b] - [2009/07/13 16:24:23 | 000,262,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\nfsrdr.sys -- (NfsRdr)
DRV:[b]64bit:[/b] - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/05/04 09:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:[b]64bit:[/b] - [2009/04/27 18:03:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009/04/27 18:03:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2007/11/14 03:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2015/02/08 20:32:25 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2015/02/07 15:17:07 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2015/02/07 14:22:19 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_ir_15_06&cd=2XzuyEtN2Y1L1QzuyC0C0FtDyEzytDyDyCyE0ByEyCtDtDtCtN0D0Tzu0StCtCtAtCtN1L2XzutAtFyBtFyBtFyDtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2SyCyEyBtC0B0A0A0DtG0CyB0D0CtGzztByEyDtG0C0FyE0DtGtA0A0FtAtAzzyDyE0E0C0D0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByEyEyByE0D0C0DtG0BzytC0CtGyEtD0EyCtG0B0FtDtBtGtCtByE0FyBtA0AtB0F0CtAtD2Q&cr=652130072&ir=
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/custom?clien [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/en-us/?pc=U270&ocid=U270DHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 30 26 B7 9D 41 D0 01  [binary data]
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {B4875CC9-0013-417f-A67A-7BA02DDE6901}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{B4875CC9-0013-417f-A67A-7BA02DDE6901}: "URL" = http://www.bing.com/search?FORM=U270DF&PC=U270&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{BEB9640B-4C6D-4178-A2CE-261A36974EB6}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
[2015/02/05 16:49:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MTB\AppData\Roaming\Mozilla\Firefox\Profiles\a5TuXOey.default\extensions
[2015/02/05 16:49:52 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\MTB\AppData\Roaming\Mozilla\Firefox\Profiles\a5TuXOey.default\extensions\abs@avira.com
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.4_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MsmqIntCert] C:\Windows\SysNative\mqrt.dll (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [SFAUpdater] C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe (Filefacts.net)
O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files (x86)\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKLM..\RunOnce: [GBTUpd] C:\Program Files (x86)\Gigabyte\GBTUpd\PreRun.exe (PreRun)
O4 - HKCU..\RunOnce: [!DefaultSetup] C:\Users\MTB\AppData\Local\Microsoft\DefaultSetup\DefaultSetup.exe (© 2013 Microsoft Corporation)
O4 - Startup: C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C162D443-312D-4D2D-9C3A-9D0F8F86D723}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:[b]64bit:[/b] - Protocol\Handler\belarc - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/16 17:01:33 | 000,000,000 | R--D | M] - E:\AutoRun -- [ UDF ]
O32 - AutoRun File - [2006/08/16 16:57:44 | 000,724,992 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2006/08/16 17:00:02 | 000,003,638 | R--- | M] () - E:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2006/08/16 16:59:46 | 000,000,153 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2006/08/16 17:01:33 | 000,593,920 | R--- | M] (Electronic Arts Inc.) - E:\AutoRunGUI.dll -- [ UDF ]
O33 - MountPoints2\{742969ba-ad96-11e4-9119-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{742969ba-ad96-11e4-9119-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O33 - MountPoints2\{c4736cc0-ada7-11e4-b4b2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c4736cc0-ada7-11e4-b4b2-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2006/08/16 16:57:44 | 000,724,992 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2015/02/10 21:59:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2015/02/10 19:51:41 | 000,000,000 | ---D | C] -- C:\70267f7707ffca11ac
[2015/02/10 19:51:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2015/02/10 18:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2015/02/10 18:42:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2015/02/10 18:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2015/02/10 18:20:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2015/02/10 18:20:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2015/02/10 16:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2015/02/10 16:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2015/02/10 15:48:15 | 000,000,000 | ---D | C] -- C:\cd9c602c094e53f854b4215e819a
[2015/02/09 20:00:52 | 000,000,000 | ---D | C] -- C:\Users\MTB\Desktop\2015-02-09 20-00-52
[2015/02/09 19:44:09 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Logitech® Webcam Software
[2015/02/09 19:39:47 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2015/02/09 19:39:34 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Leadertech
[2015/02/09 19:38:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2015/02/09 19:38:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2015/02/09 17:51:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2015/02/09 17:51:20 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2015/02/09 17:50:52 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2015/02/09 17:50:50 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2015/02/09 17:50:50 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2015/02/09 17:50:50 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2015/02/09 17:50:50 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2015/02/09 17:50:23 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015/02/09 17:50:22 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015/02/09 17:50:22 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015/02/09 17:50:22 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2015/02/09 17:50:15 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015/02/09 17:50:15 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015/02/09 17:49:45 | 002,041,432 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2015/02/09 17:49:44 | 001,063,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2015/02/09 17:49:42 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2015/02/09 17:49:26 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015/02/09 17:49:15 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015/02/09 13:09:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/02/09 13:09:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015/02/09 13:09:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2015/02/09 13:05:28 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\NVIDIA Corporation
[2015/02/09 11:09:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2015/02/09 11:08:14 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2015/02/09 11:06:15 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\GlarySoft
[2015/02/09 11:06:12 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\DiskDefrag
[2015/02/09 11:06:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 4
[2015/02/09 03:00:53 | 000,000,000 | ---D | C] -- C:\f8b710b6c347e72bb2
[2015/02/08 20:07:45 | 000,000,000 | ---D | C] -- C:\Windows\SUA
[2015/02/08 20:07:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices
[2015/02/08 20:07:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\msmq
[2015/02/08 20:07:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2015/02/08 20:06:42 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subsystem for UNIX-based Applications
[2015/02/08 20:06:42 | 000,000,000 | ---D | C] -- C:\inetpub
[2015/02/08 20:02:53 | 000,000,000 | ---D | C] -- C:\Users\MTB\Desktop\drivers
[2015/02/08 19:49:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belarc
[2015/02/08 06:14:12 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\7CA05ADA.sys
[2015/02/07 15:13:54 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2015/02/07 10:39:52 | 000,646,248 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2015/02/07 10:37:51 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2015/02/07 10:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2015/02/07 10:17:53 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\NVIDIA
[2015/02/07 10:15:51 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2015/02/07 10:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2015/02/07 10:15:12 | 000,075,040 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2015/02/07 10:15:12 | 000,061,912 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2015/02/07 10:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2015/02/07 10:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2015/02/07 09:45:59 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\driveridentifier
[2015/02/07 08:24:29 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Roxio
[2015/02/07 08:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2015/02/07 08:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2015/02/07 08:12:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SureThing Shared
[2015/02/07 08:12:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2015/02/07 08:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE
[2015/02/07 08:11:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2015/02/07 08:11:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2015/02/07 08:08:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2015/02/07 08:08:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2015/02/07 07:36:52 | 000,000,000 | ---D | C] -- C:\Users\MTB\Documents\Tiger Woods PGA TOUR 08
[2015/02/07 07:36:40 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2015/02/07 07:35:38 | 000,000,000 | RH-D | C] -- C:\Users\MTB\AppData\Roaming\SecuROM
[2015/02/07 07:35:29 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2015/02/07 07:26:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2015/02/06 23:58:40 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\CrashDumps
[2015/02/06 23:00:44 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\AdobeUM
[2015/02/06 23:00:37 | 000,000,000 | ---D | C] -- C:\Users\MTB\Documents\My eBooks
[2015/02/06 22:55:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2015/02/06 22:53:54 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Adobe
[2015/02/06 22:29:26 | 000,000,000 | ---D | C] -- C:\Windows\GBD
[2015/02/06 22:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\DriverAssist
[2015/02/06 19:02:32 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\AMD
[2015/02/06 19:01:40 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\ATI
[2015/02/06 19:01:40 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\ATI
[2015/02/06 18:18:18 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2015/02/06 18:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2015/02/06 18:03:05 | 000,000,000 | ---D | C] -- C:\AMD
[2015/02/06 17:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2015/02/06 17:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigabyte
[2015/02/06 17:17:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gigabyte
[2015/02/06 16:38:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Informer Technologies, Inc
[2015/02/06 15:42:29 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2015/02/06 13:16:36 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Yahoo!
[2015/02/06 03:08:36 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2015/02/06 01:24:43 | 000,000,000 | ---D | C] -- C:\Users\MTB\Documents\Tiger Woods PGA TOUR 07
[2015/02/06 01:21:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA SPORTS
[2015/02/06 00:36:44 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\ElevatedDiagnostics
[2015/02/05 22:31:43 | 000,285,208 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys
[2015/02/05 22:22:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2015/02/05 22:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2015/02/05 21:24:00 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Diagnostics
[2015/02/05 21:01:26 | 000,000,000 | ---D | C] -- C:\Users\MTB\Documents\Alcohol 120%
[2015/02/05 20:40:02 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2015/02/05 20:38:00 | 000,438,272 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2015/02/05 20:38:00 | 000,327,680 | ---- | C] (On2.com Inc.) -- C:\Windows\SysWow64\vp6dec.ax
[2015/02/05 20:38:00 | 000,168,960 | ---- | C] (Xceed Software Inc.     1-450-442-2626     zip@xceedsoft.com     www.xceedsoft.com) -- C:\Windows\SysWow64\XCDZIP35.OCX
[2015/02/05 20:38:00 | 000,118,832 | ---- | C] (MicroQuill Software Publishing, Inc.) -- C:\Windows\SysWow64\SHW32.DLL
[2015/02/05 20:20:35 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\DeviceVM
[2015/02/05 19:59:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2015/02/05 19:37:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor
[2015/02/05 19:37:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart File Advisor
[2015/02/05 19:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
[2015/02/05 19:30:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2015/02/05 19:30:02 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Macromedia
[2015/02/05 19:22:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Sports
[2015/02/05 19:10:20 | 000,386,680 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2015/02/05 19:09:26 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Adobe
[2015/02/05 18:53:16 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/05 18:52:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/02/05 18:52:57 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/02/05 18:52:57 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015/02/05 18:52:57 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/02/05 18:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/02/05 18:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/02/05 18:41:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2015/02/05 18:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2015/02/05 18:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2015/02/05 18:34:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2015/02/05 18:04:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2015/02/05 17:56:33 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\VS Revo Group
[2015/02/05 17:56:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2015/02/05 17:56:27 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2015/02/05 17:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2015/02/05 17:56:24 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2015/02/05 17:56:18 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Origin
[2015/02/05 17:56:16 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Origin
[2015/02/05 17:56:15 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Programs
[2015/02/05 17:54:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2015/02/05 17:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2015/02/05 17:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2015/02/05 17:53:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2015/02/05 17:51:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2015/02/05 17:50:10 | 000,000,000 | ---D | C] -- C:\Windows\Cache
[2015/02/05 17:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/02/05 17:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/02/05 17:34:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2015/02/05 17:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2015/02/05 17:33:01 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2015/02/05 17:32:56 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2015/02/05 17:32:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2015/02/05 17:27:23 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2015/02/05 17:25:15 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2015/02/05 17:24:32 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2015/02/05 17:23:03 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2015/02/05 17:21:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2015/02/05 17:21:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2015/02/05 17:21:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2015/02/05 17:21:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2015/02/05 16:59:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2015/02/05 16:54:28 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2015/02/05 16:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser
[2015/02/05 16:53:14 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Avira
[2015/02/05 16:51:07 | 000,043,064 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2015/02/05 16:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015/02/05 16:49:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2015/02/05 16:49:52 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Mozilla
[2015/02/05 16:49:44 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Google
[2015/02/05 16:49:04 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Apps
[2015/02/05 16:49:03 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Deployment
[2015/02/05 16:48:45 | 000,131,608 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2015/02/05 16:48:45 | 000,119,272 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2015/02/05 16:48:45 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2015/02/05 16:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd
[2015/02/05 16:46:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2015/02/05 16:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2015/02/05 16:46:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2015/02/05 16:46:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2015/02/05 16:46:15 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2015/02/05 16:46:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2015/02/05 16:45:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2015/02/05 16:39:48 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Microsoft Games
[2015/02/05 16:36:23 | 000,000,000 | R--D | C] -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2015/02/05 16:36:23 | 000,000,000 | R--D | C] -- C:\Users\MTB\Searches
[2015/02/05 16:36:23 | 000,000,000 | R--D | C] -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2015/02/05 16:36:22 | 000,000,000 | -H-D | C] -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015/02/05 16:36:14 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Identities
[2015/02/05 16:36:12 | 000,000,000 | R--D | C] -- C:\Users\MTB\Contacts
[2015/02/05 16:36:11 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\VirtualStore
[2015/02/05 16:36:05 | 000,000,000 | --SD | C] -- C:\Users\MTB\AppData\Roaming\Microsoft
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Videos
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Saved Games
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Pictures
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Music
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Links
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Favorites
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Downloads
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Documents
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Desktop
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\AppData\Local\Temporary Internet Files
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Templates
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Start Menu
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\SendTo
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Recent
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\PrintHood
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\NetHood
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Documents\My Videos
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Documents\My Pictures
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Documents\My Music
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\My Documents
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Local Settings
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\AppData\Local\History
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Cookies
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Application Data
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\AppData\Local\Application Data
[2015/02/05 16:36:05 | 000,000,000 | -H-D | C] -- C:\Users\MTB\AppData
[2015/02/05 16:36:05 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Temp
[2015/02/05 16:36:05 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Microsoft
[2015/02/05 16:36:05 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Media Center Programs
[2015/02/05 16:36:00 | 000,000,000 | -HSD | C] -- C:\Recovery
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2015/02/10 22:02:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/10 21:25:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/02/10 21:20:03 | 000,214,078 | ---- | M] () -- C:\Users\MTB\Desktop\Reliability Report.XML
[2015/02/10 21:17:00 | 000,016,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/02/10 21:17:00 | 000,016,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/02/10 19:15:59 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/10 19:13:55 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/10 19:13:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/02/10 19:13:21 | 3218,202,624 | -HS- | M] () -- C:\hiberfil.sys
[2015/02/10 18:44:28 | 000,001,250 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2015/02/10 17:50:51 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2015/02/10 17:50:51 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2015/02/10 16:56:10 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2015/02/10 01:36:08 | 000,000,231 | ---- | M] () -- C:\Users\MTB\Documents\ax_files.xml
[2015/02/09 20:19:42 | 000,901,490 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/02/09 20:19:42 | 000,747,166 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/02/09 20:19:42 | 000,152,650 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/02/09 19:39:35 | 000,001,108 | ---- | M] () -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2015/02/09 19:38:39 | 000,001,624 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
[2015/02/09 16:34:10 | 000,000,432 | ---- | M] () -- C:\Windows\tasks\DriverNavigator Scheduled Scan.job
[2015/02/09 16:34:09 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\DriverEasy Scheduled Scan.job
[2015/02/08 20:09:22 | 000,852,882 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/02/08 20:06:13 | 000,000,862 | ---- | M] () -- C:\Windows\SysNative\termcap
[2015/02/08 19:56:21 | 000,002,144 | ---- | M] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2015/02/08 19:56:21 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2015/02/08 11:11:04 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2015/02/08 06:14:12 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\7CA05ADA.sys
[2015/02/07 15:17:07 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2015/02/07 15:17:07 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2015/02/07 10:36:26 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2015/02/07 08:12:03 | 000,002,232 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Creator Home.lnk
[2015/02/07 07:35:29 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2015/02/07 07:26:36 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2015/02/06 01:23:09 | 000,002,246 | ---- | M] () -- C:\Users\Public\Desktop\Tiger Woods PGA TOUR 07.lnk
[2015/02/06 00:44:06 | 000,201,422 | ---- | M] () -- C:\Users\MTB\AppData\Local\census.cache
[2015/02/06 00:42:59 | 000,149,168 | ---- | M] () -- C:\Users\MTB\AppData\Local\ars.cache
[2015/02/05 22:48:14 | 000,000,010 | ---- | M] () -- C:\Users\MTB\AppData\Local\sponge.last.runtime.cache
[2015/02/05 22:31:34 | 000,000,036 | ---- | M] () -- C:\Users\MTB\AppData\Local\housecall.guid.cache
[2015/02/05 19:30:46 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\Alcohol 120%.lnk
[2015/02/05 19:10:24 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/02/05 19:10:20 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2015/02/05 18:52:59 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/02/05 18:41:18 | 000,001,161 | ---- | M] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2015/02/05 18:41:18 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2015/02/05 17:56:28 | 000,001,101 | ---- | M] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2015/02/05 17:56:28 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2015/02/05 17:54:02 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2015/02/05 17:42:11 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/02/05 17:29:05 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2015/02/05 17:29:05 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2015/02/05 16:56:49 | 000,002,279 | ---- | M] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/02/05 16:55:49 | 000,265,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/02/05 16:49:57 | 000,043,064 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2015/02/05 16:46:18 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2015/02/05 16:44:38 | 000,001,437 | ---- | M] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2015/02/10 21:20:02 | 000,214,078 | ---- | C] () -- C:\Users\MTB\Desktop\Reliability Report.XML
[2015/02/10 18:44:28 | 000,001,250 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2015/02/10 16:56:10 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2015/02/09 19:39:35 | 000,001,108 | ---- | C] () -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2015/02/09 19:38:39 | 000,001,624 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
[2015/02/09 17:50:15 | 001,099,203 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015/02/08 20:07:10 | 000,000,862 | ---- | C] () -- C:\Windows\SysNative\termcap
[2015/02/08 19:49:29 | 000,002,144 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2015/02/08 19:49:29 | 000,002,132 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
[2015/02/08 19:49:29 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2015/02/08 12:07:10 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2015/02/08 12:07:10 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2015/02/08 11:11:04 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2015/02/07 14:14:07 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2015/02/07 14:14:07 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref
[2015/02/07 10:39:52 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2015/02/07 10:15:26 | 003,826,628 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2015/02/07 09:44:39 | 000,000,402 | ---- | C] () -- C:\Windows\tasks\DriverEasy Scheduled Scan.job
[2015/02/07 08:12:03 | 000,002,232 | ---- | C] () -- C:\Users\Public\Desktop\Roxio Creator Home.lnk
[2015/02/07 07:26:36 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2015/02/07 07:26:35 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2015/02/07 00:14:53 | 000,000,432 | ---- | C] () -- C:\Windows\tasks\DriverNavigator Scheduled Scan.job
[2015/02/06 18:21:16 | 000,852,882 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/02/06 01:23:09 | 000,002,246 | ---- | C] () -- C:\Users\Public\Desktop\Tiger Woods PGA TOUR 07.lnk
[2015/02/06 00:44:05 | 000,201,422 | ---- | C] () -- C:\Users\MTB\AppData\Local\census.cache
[2015/02/06 00:42:59 | 000,149,168 | ---- | C] () -- C:\Users\MTB\AppData\Local\ars.cache
[2015/02/05 22:48:14 | 000,000,010 | ---- | C] () -- C:\Users\MTB\AppData\Local\sponge.last.runtime.cache
[2015/02/05 22:31:34 | 000,000,036 | ---- | C] () -- C:\Users\MTB\AppData\Local\housecall.guid.cache
[2015/02/05 19:54:48 | 000,000,231 | ---- | C] () -- C:\Users\MTB\Documents\ax_files.xml
[2015/02/05 19:30:46 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\Alcohol 120%.lnk
[2015/02/05 18:52:59 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/02/05 18:41:38 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/02/05 18:41:18 | 000,001,161 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2015/02/05 18:41:18 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2015/02/05 17:56:28 | 000,001,101 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2015/02/05 17:56:28 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2015/02/05 17:54:02 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2015/02/05 17:42:11 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/02/05 17:28:57 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2015/02/05 17:28:42 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2015/02/05 17:24:31 | 3218,202,624 | -HS- | C] () -- C:\hiberfil.sys
[2015/02/05 17:20:33 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2015/02/05 16:50:56 | 000,002,279 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/02/05 16:50:56 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/02/05 16:49:59 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/05 16:49:57 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/05 16:46:18 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2015/02/05 16:44:38 | 000,001,437 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015/02/05 16:36:28 | 000,001,409 | ---- | C] () -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2015/02/05 16:36:25 | 000,001,443 | ---- | C] () -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2015/02/05 16:36:05 | 000,000,290 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2015/02/05 16:36:05 | 000,000,272 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/13 18:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 18:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 18:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2015/02/09 11:06:12 | 000,000,000 | ---D | M] -- C:\Users\MTB\AppData\Roaming\DiskDefrag
[2015/02/07 09:46:17 | 000,000,000 | ---D | M] -- C:\Users\MTB\AppData\Roaming\driveridentifier
[2015/02/10 14:23:50 | 000,000,000 | ---D | M] -- C:\Users\MTB\AppData\Roaming\GlarySoft
[2015/02/09 19:39:34 | 000,000,000 | ---D | M] -- C:\Users\MTB\AppData\Roaming\Leadertech
[2015/02/05 18:04:33 | 000,000,000 | ---D | M] -- C:\Users\MTB\AppData\Roaming\Origin
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >