Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Undo or reverse ComboFix.exe [Solved]

Started by AdamsWorld333 , Feb 03 2013 05:10 PM

  • This topic is locked This topic is locked

#1
AdamsWorld333
Posted 03 February 2013 - 05:10 PM

AdamsWorld333

    Member

  • Member
  • PipPip
  • 19 posts
To whom it may concern, why is it I see 25 different people have looked at my request and or posts here with no available solution to my errors here???. Have I not posted my request properly? Any help would be much appriciated. Thanks in advance...


I am new to this forum and would appreciate someone helping me in reversing what ComboFix.exe has done. Any HELP would be much appreciated. I Ran ComboFix.exe to fix two issues.
1).Runn DLL32IEDKC32 DLL Brand IE4 Signup. Which I believe is a virus?
2).Pup.Datamngr

AVG blocked a blackhole exploit kit when ComboFix.exe started its scan, which I allowed. When scan completed, I no longer have access to my system files or programs except a few. I get a error stating C:\Users|WayneAdams\Desktop.ini Illegal operation attempted on a registry key that has been marked for deletion. I will atempt to show these errors and some system folders by using snapshot which I can still use as administrator!

Everything that ComboFix.exe found has been moved to quarantined in a folder called Qoobox. AVG's Identity Protection is not active due to the quarantine. I no longer have access to system restore because of the error I mentioned earlier.

I have included 3 notepad logs or reports showing what ComboFix.exe has done.
Any help would be sincerely appreciated.

1rst) ComboFix 13-02-02.05 - WayneAdams 02/03/2013 0:36.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8174.6417 [GMT -5:00]
Running from: c:\users\WayneAdams\Desktop\ComboFix.exe
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\WayneAdams\AppData\Roaming\Roaming
c:\users\WayneAdams\AppData\Roaming\Roaming\Quest3D\ShipSimExtreme\channels.lst
c:\users\WayneAdams\g2mdlhlpx.exe
c:\windows\msvcr71.dll
c:\windows\wininit.ini
c:\windows\SysWOW64\ . . . . Failed to delete
.
.
((((((((((((((((((((((((( Files Created from 2013-01-03 to 2013-02-03 )))))))))))))))))))))))))))))))
.
.
2013-02-03 01:53 . 2013-02-03 02:09 -------- d-----w- c:\users\TEMP
2013-01-30 17:51 . 2013-01-30 17:51 -------- d-----w- c:\program files (x86)\FileASSASSIN
2013-01-30 17:30 . 2013-01-30 17:30 -------- d-----w- c:\program files (x86)\Citrix
2013-01-30 13:29 . 2013-01-30 16:01 -------- d-----w- c:\windows\SysWow64\C2MP
2013-01-30 03:47 . 2013-01-30 03:47 -------- d-----w- c:\users\WayneAdams\AppData\Local\Coupon Companion
2013-01-30 03:46 . 2013-01-30 16:01 -------- d-----w- c:\program files (x86)\Coupon Companion
2013-01-30 01:07 . 2013-01-30 01:07 -------- d-----w- c:\programdata\APN
2013-01-29 04:44 . 2013-01-29 04:44 -------- d-----w- c:\program files (x86)\PANDORA.TV
2013-01-24 00:18 . 2013-01-24 00:18 -------- d-----w- c:\users\WayneAdams\AppData\Roaming\RealNetworks
2013-01-24 00:18 . 2013-01-30 16:01 -------- d-----w- c:\program files (x86)\RealNetworks
2013-01-24 00:18 . 2013-01-24 00:18 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2013-01-24 00:17 . 2013-01-24 00:17 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2013-01-18 17:40 . 2013-01-18 23:44 -------- d-----w- c:\users\WayneAdams\temp
2013-01-18 17:39 . 2013-01-19 23:55 -------- d-----w- c:\users\WayneAdams\AppData\Local\Avid
2013-01-18 17:35 . 2013-01-18 17:35 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging
2013-01-18 17:20 . 2013-01-18 17:20 -------- d-----w- c:\windows\system32\appmgmt
2013-01-18 17:07 . 2013-01-18 17:07 -------- d-----w- c:\programdata\PCTV Systems
2013-01-18 01:09 . 2013-01-18 01:09 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle
2013-01-18 01:00 . 2013-01-18 17:34 -------- d-----w- c:\program files (x86)\Pinnacle
2013-01-15 20:54 . 2012-05-08 23:34 32600 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-01-15 20:52 . 2010-11-26 23:02 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-01-15 20:13 . 2013-01-15 20:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-15 20:11 . 2013-01-15 20:11 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-15 20:11 . 2013-01-15 20:11 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-15 20:11 . 2013-01-15 20:11 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-15 20:11 . 2013-01-15 20:11 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-15 20:07 . 2013-01-15 20:07 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-15 20:06 . 2013-01-15 20:06 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2013-01-15 20:06 . 2013-01-15 20:06 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-15 20:06 . 2013-01-15 20:06 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-15 20:06 . 2013-01-15 20:06 2048 ----a-w- c:\windows\system32\msxml3r.dll
2013-01-15 20:06 . 2013-01-15 20:06 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-15 20:06 . 2013-01-15 20:06 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-15 20:05 . 2013-01-15 20:05 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-01-15 20:05 . 2013-01-15 20:05 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-01-15 20:05 . 2013-01-15 20:05 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-01-15 20:05 . 2013-01-15 20:05 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-01-15 20:05 . 2013-01-15 20:05 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-01-15 20:05 . 2013-01-15 20:05 2048 ----a-w- c:\windows\system32\tzres.dll
2013-01-15 19:58 . 2013-01-15 19:58 478208 ----a-w- c:\windows\system32\dpnet.dll
2013-01-15 19:58 . 2013-01-15 19:58 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2013-01-15 19:48 . 2013-01-15 19:48 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-15 19:48 . 2013-01-15 19:48 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-15 19:48 . 2013-01-15 19:48 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-15 19:47 . 2013-01-15 19:47 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-01-15 19:47 . 2013-01-15 19:47 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-01-15 19:47 . 2013-01-15 19:47 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2013-01-15 19:47 . 2013-01-15 19:47 340992 ----a-w- c:\windows\system32\schannel.dll
2013-01-15 19:47 . 2013-01-15 19:47 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-01-15 19:47 . 2013-01-15 19:47 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-01-15 19:47 . 2013-01-15 19:47 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2013-01-15 19:46 . 2013-01-15 19:46 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-01-15 19:42 . 2013-01-15 19:42 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-01-15 19:42 . 2013-01-15 19:42 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-01-15 19:42 . 2013-01-15 19:42 5120 ----a-w- c:\windows\system32\wmi.dll
2013-01-15 19:42 . 2013-01-15 19:42 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-01-15 19:42 . 2013-01-15 19:42 220672 ----a-w- c:\windows\system32\wintrust.dll
2013-01-15 19:42 . 2013-01-15 19:42 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-01-15 19:42 . 2013-01-15 19:42 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-01-15 19:36 . 2013-01-14 22:25 26448 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-01-15 19:19 . 2013-01-15 20:51 -------- d-----w- c:\programdata\IObit
2013-01-15 19:19 . 2013-01-30 16:00 -------- d-----w- c:\users\WayneAdams\AppData\Roaming\IObit
2013-01-11 12:48 . 2013-01-13 00:33 -------- d-----w- c:\users\WayneAdams\AppData\Roaming\DMCache
2013-01-11 01:50 . 2013-01-11 01:50 -------- d-----w- c:\users\WayneAdams\AppData\Local\Garmin
2013-01-11 01:50 . 2013-01-11 01:59 -------- d-----w- c:\programdata\Garmin
2013-01-11 01:50 . 2013-01-11 01:50 -------- d-----w- c:\users\WayneAdams\AppData\Local\GARMIN_Corp
2013-01-11 01:49 . 2013-01-11 01:49 -------- d-----w- c:\program files\DIFX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-02 12:02 . 2011-10-18 12:07 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2013-02-02 11:52 . 2011-09-30 03:45 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-02-02 11:52 . 2011-09-30 03:45 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-01-15 19:59 . 2013-01-15 19:59 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-09 10:36 . 2012-04-04 21:47 697864 ------w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 10:36 . 2011-09-26 16:55 74248 ------w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-30 02:19 . 2012-12-30 02:19 178800 ------w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-12-29 15:50 . 2011-10-18 12:07 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-12-29 15:50 . 2011-10-18 12:07 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-12-29 10:34 . 2012-09-20 10:12 1813432 ----a-w- c:\windows\system32\nvdispco64.dll
2012-12-29 10:34 . 2012-09-20 10:12 1504696 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-12-29 10:34 . 2012-05-27 15:08 15129064 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-12-29 10:34 . 2012-03-14 13:50 1107592 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-12-29 10:34 . 2012-02-11 22:55 18054312 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-12-29 10:34 . 2012-02-11 22:55 15052368 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-12-29 10:34 . 2011-09-26 17:29 2824656 ----a-w- c:\windows\system32\nvapi64.dll
2012-12-29 08:40 . 2011-01-08 00:49 6382008 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:40 . 2011-01-08 00:49 3455416 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-29 08:40 . 2012-03-14 13:51 2923201 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-29 08:40 . 2011-09-26 17:29 63928 ----a-w- c:\windows\system32\nvshext.dll
2012-12-29 08:40 . 2011-01-08 00:48 884152 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-29 08:40 . 2011-01-08 00:48 118712 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-29 07:54 . 2012-12-29 07:54 550328 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-12-14 21:49 . 2012-12-29 00:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-10 03:39 . 2012-12-10 03:39 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-11-29 01:15 . 2012-11-29 00:24 181064 ----a-w- c:\windows\PSEXESVC.EXE
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-10 03:33 220632 ----a-w- c:\users\WayneAdams\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-10 03:33 220632 ----a-w- c:\users\WayneAdams\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-10 03:33 220632 ----a-w- c:\users\WayneAdams\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-06-23 22:20 2042504 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-06-23 22:20 2042504 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-06-23 22:20 2042504 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableStatusMessages"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStartMenuMyGames"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoUserFolderInStartMenu"= 0 (0x0)
"NoThumbnailCache"= 0 (0x0)
"DisableThumbnailsOnNetworkFolders"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ c:\progra~2\AVG\AVG2013\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^WayneAdams^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
backup=c:\windows\pss\Facebook Messenger.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linksys Wireless Manager^Registry: HKLM:RUN
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Cleaners^32*Registry: HKLM:RUN
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt^32*Registry: HKLM:RUN
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM^32*Registry: HKLM:RUN]
2012-12-03 07:35 946352 ----a-w- c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task^32*Registry: HKLM:RUN]
2012-10-25 08:12 421888 ----a-w- c:\program files (x86)\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Roxio Burn]
2010-06-30 13:10 477680 ----a-w- c:\program files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-02-12 03:23 1242448 ----a-w- c:\program files (x86)\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched^32*Registry: HKLM:RUN]
2012-01-18 19:02 254696 ----a-w- c:\program files (x86)\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"DelReg"=c:\program files (x86)\MSI\OverclockingCenter\DelReg.exe
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2009-06-02 457200]
R3 cpuz134;cpuz134; [x]
R3 DualCoreCenter;DualCoreCenter;c:\program files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys [2010-04-12 44344]
R3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4; [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-06-23 178784]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-05-06 19936]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-05-06 13280]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-07-05 33224]
R3 RoxMediaDB13;RoxMediaDB13;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2010-07-16 1099248]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-04-05 60504]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2012-11-01 40712]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-07-05 21904]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 BOT4Service;BOT4Service;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe [2010-09-13 39408]
R4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe [2012-08-13 292736]
R4 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2010-07-16 354288]
R4 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys [2009-06-02 27120]
S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys [2009-06-02 19952]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S1 aswKbd;aswKbd; [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-09-09 31080]
S1 c2scsi64;c2scsi64;c:\windows\system32\DRIVERS\c2scsi64.sys [2010-07-16 167920]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-11-01 42248]
S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys [2009-06-02 27632]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2011-04-05 253528]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2012-02-27 55384]
S1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [2011-04-05 94296]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-03-14 224048]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-03-14 130864]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-14 465232]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe [2012-11-02 1340976]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-07 5814392]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-10 821592]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-30 38608]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2011-03-26 81008]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-03-14 147248]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-03-14 166192]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-02 06:43 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 10:36]
.
2012-12-23 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-09-27 23:27]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-15 12:01]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-15 12:01]
.
2012-06-06 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SpybotSD.exe [2012-08-08 19:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-10 03:33 244696 ----a-w- c:\users\WayneAdams\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-10 03:33 244696 ----a-w- c:\users\WayneAdams\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-10 03:33 244696 ----a-w- c:\users\WayneAdams\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-06-23 22:20 2860168 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-06-23 22:20 2860168 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-06-23 22:20 2860168 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yahoo.com/
mStart Page = about:blank
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 10.0.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\fk8bv7e2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=mkg030&p=
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2012-12-23 11:09; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\fk8bv7e2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-01-15 09:25; [email protected]; c:\users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\fk8bv7e2.default\extensions\[email protected]
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=e60789240000000000006c626dbc0c11&q=
FF - user.js: extensions.BabylonToolbar.id - e60789240000000000006c626dbc0c11
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15697
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.7.2
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.7.2
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.7.222:23
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar_i.excTlbr - false
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110195&tt=5112_8
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-ioloSystemService
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-RealPlayer 16.0 - c:\program files (x86)\real\realplayer\Update\r1puninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\.NET CLR Data]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\.NET CLR Networking]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\.NET CLR Networking 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\.NET Data Provider for Oracle]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\.NET Data Provider for SqlServer]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\.NETFramework]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\1394ohci]
"ImagePath"="\SystemRoot\system32\drivers\1394ohci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269]
"ImagePath"="c:\program files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ACPI]
"ImagePath"="system32\drivers\ACPI.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AcpiPmi]
"ImagePath"="\SystemRoot\system32\drivers\acpipmi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AdobeARMservice]
"ImagePath"="\"c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AdobeFlashPlayerUpdateSvc]
"ImagePath"="c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\adp94xx]
"ImagePath"="\SystemRoot\system32\DRIVERS\adp94xx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\adpahci]
"ImagePath"="\SystemRoot\system32\DRIVERS\adpahci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\adpu320]
"ImagePath"="\SystemRoot\system32\DRIVERS\adpu320.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\adsi]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AdvancedSystemCareService6]
"ImagePath"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AeLookupSvc]
"ServiceDll"="%SystemRoot%\System32\aelupsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AFD]
"ImagePath"="\SystemRoot\system32\drivers\afd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\agp440]
"ImagePath"="\SystemRoot\system32\drivers\agp440.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\aliide]
"ImagePath"="\SystemRoot\system32\drivers\aliide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\amdide]
"ImagePath"="\SystemRoot\system32\drivers\amdide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AmdK8]
"ImagePath"="\SystemRoot\system32\DRIVERS\amdk8.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AmdPPM]
"ImagePath"="\SystemRoot\system32\DRIVERS\amdppm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\amdsata]
"ImagePath"="\SystemRoot\system32\drivers\amdsata.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\amdsbs]
"ImagePath"="\SystemRoot\system32\DRIVERS\amdsbs.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\amdxata]
"ImagePath"="system32\drivers\amdxata.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AppID]
"ImagePath"="\SystemRoot\system32\drivers\appid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AppIDSvc]
"ServiceDll"="%SystemRoot%\System32\appidsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Appinfo]
"ServiceDll"="%SystemRoot%\System32\appinfo.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\arc]
"ImagePath"="\SystemRoot\system32\DRIVERS\arc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\arcsas]
"ImagePath"="\SystemRoot\system32\DRIVERS\arcsas.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\aswKbd]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\atapi]
"ImagePath"="system32\drivers\atapi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AudioEndpointBuilder]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avg]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avgfwfd]
"ImagePath"="system32\DRIVERS\avgfwd6a.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\avgfws]
"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgfws.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AVGIDSAgent]
"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgidsagent.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AVGIDSDriver]
"ImagePath"="system32\DRIVERS\avgidsdrivera.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AVGIDSHA]
"ImagePath"="system32\DRIVERS\avgidsha.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avgldx64]
"ImagePath"="system32\DRIVERS\avgldx64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avgloga]
"ImagePath"="system32\DRIVERS\avgloga.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avgmfx64]
"ImagePath"="system32\DRIVERS\avgmfx64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avgrkx64]
"ImagePath"="system32\DRIVERS\avgrkx64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avgtdia]
"ImagePath"="system32\DRIVERS\avgtdia.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\avgtp]
"ImagePath"="\??\c:\windows\system32\drivers\avgtpx64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\avgwd]
"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AxInstSV]
"ServiceDll"="%SystemRoot%\System32\AxInstSV.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\b06bdrv]
"ImagePath"="\SystemRoot\system32\DRIVERS\bxvbda.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\b57nd60a]
"ImagePath"="system32\DRIVERS\b57nd60a.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BattC]
"MofImagePath"="system32\drivers\battc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BDESVC]
"ServiceDll"="%SystemRoot%\System32\bdesvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Beep]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BFE]
"ServiceDll"="%SystemRoot%\System32\bfe.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BITS]
"ServiceDll"="%systemroot%\system32\qmgr.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\blbdrive]
"ImagePath"="system32\DRIVERS\blbdrive.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Bonjour Service]
"ImagePath"="\"c:\program files\Bonjour\mDNSResponder.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BOT4Service]
"ImagePath"="\"c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\bowser]
"ImagePath"="system32\DRIVERS\bowser.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BrFiltLo]
"ImagePath"="\SystemRoot\system32\DRIVERS\BrFiltLo.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BrFiltUp]
"ImagePath"="\SystemRoot\system32\DRIVERS\BrFiltUp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BridgeMP]
"ImagePath"="system32\DRIVERS\bridge.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Brserid]
"ImagePath"="\SystemRoot\System32\Drivers\Brserid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BrSerWdm]
"ImagePath"="\SystemRoot\System32\Drivers\BrSerWdm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BrUsbMdm]
"ImagePath"="\SystemRoot\System32\Drivers\BrUsbMdm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BrUsbSer]
"ImagePath"="\SystemRoot\System32\Drivers\BrUsbSer.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BTHMODEM]
"ImagePath"="\SystemRoot\system32\DRIVERS\bthmodem.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BTHPORT]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\bthserv]
"ServiceDll"="%SystemRoot%\system32\bthserv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\c2scsi64]
"ImagePath"="system32\DRIVERS\c2scsi64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\catchme]
"ImagePath"="\??\c:\combofix\catchme.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cdfs]
"ImagePath"="system32\DRIVERS\cdfs.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CertPropSvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\circlass]
"ImagePath"="\SystemRoot\system32\DRIVERS\circlass.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CLFS]
"ImagePath"="System32\CLFS.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\clr_optimization_v2.0.50727_32]
"ImagePath"="%systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\clr_optimization_v2.0.50727_64]
"ImagePath"="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\clr_optimization_v4.0.30319_32]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\clr_optimization_v4.0.30319_64]
"ImagePath"="c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CmBatt]
"ImagePath"="\SystemRoot\system32\DRIVERS\CmBatt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cmdide]
"ImagePath"="\SystemRoot\system32\drivers\cmdide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CNG]
"ImagePath"="System32\Drivers\cng.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Compbatt]
"ImagePath"="\SystemRoot\system32\DRIVERS\compbatt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CompositeBus]
"ImagePath"="\SystemRoot\system32\drivers\CompositeBus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\COMSysApp]
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cpuz134]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\crcdisk]
"ImagePath"="\SystemRoot\system32\DRIVERS\crcdisk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\crypt32]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CryptSvc]
"ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CSC]
"ImagePath"="system32\drivers\csc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CscService]
"ServiceDll"="%SystemRoot%\System32\cscsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\DCLocator]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\defragsvc]
"ServiceDll"="%Systemroot%\System32\defragsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\DfsC]
"ImagePath"="System32\Drivers\dfsc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Dhcp]
"ServiceDll"="%SystemRoot%\system32\dhcpcore.dll"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\discache]
"ImagePath"="System32\drivers\discache.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Disk]
"ImagePath"="system32\DRIVERS\disk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\DPS]
"ServiceDll"="%SystemRoot%\system32\dps.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\DualCoreCenter]
"ImagePath"="\??\c:\program files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\DXGKrnl]
"ImagePath"="\SystemRoot\System32\drivers\dxgkrnl.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ebdrv]
"ImagePath"="\SystemRoot\system32\DRIVERS\evbda.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EFS]
"ImagePath"="%SystemRoot%\System32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ehRecvr]
"ImagePath"="%systemroot%\ehome\ehRecvr.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ehSched]
"ImagePath"="%systemroot%\ehome\ehsched.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\elxstor]
"ImagePath"="\SystemRoot\system32\DRIVERS\elxstor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ErrDev]
"ImagePath"="\SystemRoot\system32\drivers\errdev.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ESENT]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\eventlog]
"ServiceDll"="%SystemRoot%\System32\wevtsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EventSystem]
"ServiceDll"="%systemroot%\system32\es.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\exfat]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fastfat]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Fax]
"ImagePath"="%systemroot%\system32\fxssvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fdc]
"ImagePath"="\SystemRoot\system32\DRIVERS\fdc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fdPHost]
"ServiceDll"="%SystemRoot%\system32\fdPHost.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FDResPub]
"ServiceDll"="%SystemRoot%\system32\fdrespub.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FileInfo]
"ImagePath"="system32\drivers\fileinfo.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FileMonitor]
"ImagePath"="\??\c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Filetrace]
"ImagePath"="system32\drivers\filetrace.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\flpydisk]
"ImagePath"="\SystemRoot\system32\DRIVERS\flpydisk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FontCache]
"ServiceDll"="%SystemRoot%\system32\FntCache.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FontCache3.0.0.0]
"ImagePath"="%systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FsDepends]
"ImagePath"="System32\drivers\FsDepends.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fssfltr]
"ImagePath"="system32\DRIVERS\fssfltr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fsssvc]
"ImagePath"="\"c:\program files (x86)\Windows Live\Family Safety\fsssvc.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Fs_Rec]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fvevol]
"ImagePath"="System32\DRIVERS\fvevol.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\gagp30kx]
"ImagePath"="\SystemRoot\system32\DRIVERS\gagp30kx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\gpsvc]
"ServiceDll"="%SystemRoot%\System32\gpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\gupdate]
"ImagePath"="\"c:\program files (x86)\Google\Update\GoogleUpdate.exe\" /svc"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\gupdatem]
"ImagePath"="\"c:\program files (x86)\Google\Update\GoogleUpdate.exe\" /medsvc"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hcmon]
"ImagePath"="\??\c:\windows\system32\drivers\hcmon.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hcw85cir]
"ImagePath"="\SystemRoot\system32\drivers\hcw85cir.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HdAudAddService]
"ImagePath"="\SystemRoot\system32\drivers\HdAudio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HidBatt]
"ImagePath"="\SystemRoot\system32\DRIVERS\HidBatt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HidBth]
"ImagePath"="\SystemRoot\system32\DRIVERS\hidbth.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HidIr]
"ImagePath"="\SystemRoot\system32\DRIVERS\hidir.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hidserv]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hkmsvc]
"ServiceDLL"="%SystemRoot%\system32\kmsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HomeGroupListener]
"ServiceDll"="%SystemRoot%\system32\ListSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HomeGroupProvider]
"ServiceDll"="%SystemRoot%\system32\provsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HpSAMD]
"ImagePath"="\SystemRoot\system32\drivers\HpSAMD.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HssDRV6]
"ImagePath"="system32\DRIVERS\hssdrv6.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HTTP]
"ImagePath"="system32\drivers\HTTP.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hwpolicy]
"ImagePath"="System32\drivers\hwpolicy.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\i8042prt]
"ImagePath"="\SystemRoot\system32\drivers\i8042prt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\iaStorV]
"ImagePath"="\SystemRoot\system32\drivers\iaStorV.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IDriverT]
"ImagePath"="\"c:\program files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\idsvc]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\iirsp]
"ImagePath"="\SystemRoot\system32\DRIVERS\iirsp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IKEEXT]
"ServiceDll"="%SystemRoot%\System32\ikeext.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IMFservice]
"ImagePath"="c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\inetaccs]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IntcAzAudAddService]
"ImagePath"="system32\drivers\RTKVHD64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\intelide]
"ImagePath"="\SystemRoot\system32\drivers\intelide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\intelppm]
"ImagePath"="system32\DRIVERS\intelppm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IPBusEnum]
"ServiceDll"="%SystemRoot%\system32\ipbusenum.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\iphlpsvc]
"ServiceDll"="%SystemRoot%\System32\iphlpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IPMIDRV]
"ImagePath"="\SystemRoot\system32\drivers\IPMIDrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IPNAT]
"ImagePath"="System32\drivers\ipnat.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IRENUM]
"ImagePath"="system32\drivers\irenum.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\isapnp]
"ImagePath"="\SystemRoot\system32\drivers\isapnp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\iScsiPrt]
"ImagePath"="\SystemRoot\system32\drivers\msiscsi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\kbdclass]
"ImagePath"="\SystemRoot\system32\drivers\kbdclass.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\kbdhid]
"ImagePath"="\SystemRoot\system32\drivers\kbdhid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\KeyIso]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\KSecDD]
"ImagePath"="System32\Drivers\ksecdd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\KSecPkg]
"ImagePath"="System32\Drivers\ksecpkg.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ksthunk]
"ImagePath"="\SystemRoot\system32\drivers\ksthunk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\KtmRm]
"ServiceDll"="%systemroot%\system32\msdtckrm.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\LanmanServer]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\LanmanWorkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ldap]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\lltdio]
"ImagePath"="system32\DRIVERS\lltdio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\lltdsvc]
"ServiceDll"="%SystemRoot%\System32\lltdsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\lmhosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Lsa]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\LSI_FC]
"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_fc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\LSI_SAS]
"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_sas.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\LSI_SAS2]
"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_sas2.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\LSI_SCSI]
"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_scsi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\luafv]
"ImagePath"="\SystemRoot\system32\drivers\luafv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MarvinBus]
"ImagePath"="system32\DRIVERS\MarvinBus64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MBAMProtector]
"ImagePath"="\??\c:\windows\system32\drivers\mbam.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MBAMScheduler]
"ImagePath"="\"c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MBAMService]
"ImagePath"="\"c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MBfilt]
"ImagePath"="system32\drivers\MBfilt64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Mcx2Svc]
"ServiceDll"="%SystemRoot%\system32\Mcx2Svc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\megasas]
"ImagePath"="\SystemRoot\system32\DRIVERS\megasas.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MegaSR]
"ImagePath"="\SystemRoot\system32\DRIVERS\MegaSR.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEIx64]
"ImagePath"="system32\DRIVERS\HECIx64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MMCSS]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Modem]
"ImagePath"="system32\drivers\modem.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\monitor]
"ImagePath"="system32\DRIVERS\monitor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mountmgr]
"ImagePath"="System32\drivers\mountmgr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MozillaMaintenance]
"ImagePath"="\"c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mpio]
"ImagePath"="\SystemRoot\system32\drivers\mpio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mpsdrv]
"ImagePath"="System32\drivers\mpsdrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MpsSvc]
"ServiceDll"="%SystemRoot%\system32\mpssvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MRxDAV]
"ImagePath"="\SystemRoot\system32\drivers\mrxdav.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mrxsmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mrxsmb10]
"ImagePath"="system32\DRIVERS\mrxsmb10.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mrxsmb20]
"ImagePath"="system32\DRIVERS\mrxsmb20.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\msahci]
"ImagePath"="\SystemRoot\system32\drivers\msahci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\msdsm]
"ImagePath"="\SystemRoot\system32\drivers\msdsm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSDTC]
"ImagePath"="%SystemRoot%\System32\msdtc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSDTC Bridge 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSDTC Bridge 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Msfs]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mshidkmdf]
"ImagePath"="\SystemRoot\System32\drivers\mshidkmdf.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\msisadrv]
"ImagePath"="system32\drivers\msisadrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSiSCSI]
"ServiceDll"="%systemroot%\system32\iscsiexe.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSI_MSIBIOS_010507]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MsRPC]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSSCNTRS]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mssmbios]
"ImagePath"="\SystemRoot\system32\drivers\mssmbios.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MTConfig]
"ImagePath"="\SystemRoot\system32\DRIVERS\MTConfig.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Mup]
"ImagePath"="System32\Drivers\mup.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\napagent]
"ServiceDLL"="%SystemRoot%\system32\qagentRT.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NativeWifiP]
"ImagePath"="system32\DRIVERS\nwifi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NDIS]
"ImagePath"="system32\drivers\ndis.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NdisCap]
"ImagePath"="system32\DRIVERS\ndiscap.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NDProxy]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NetBT]
"ImagePath"="System32\DRIVERS\netbt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\netprofm]
"ServiceDll"="%SystemRoot%\System32\netprofm.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\netr28ux]
"ImagePath"="system32\DRIVERS\netr28ux.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NetTcpPortSharing]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nfrd960]
"ImagePath"="\SystemRoot\system32\DRIVERS\nfrd960.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NlaSvc]
"ServiceDll"="%SystemRoot%\System32\nlasvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Npfs]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nsi]
"ServiceDll"="%systemroot%\system32\nsisvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nsiproxy]
"ImagePath"="system32\drivers\nsiproxy.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NTDS]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Ntfs]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NTIOLib_1_0_4]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Null]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nusb3hub]
"ImagePath"="system32\DRIVERS\nusb3hub.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nusb3xhc]
"ImagePath"="system32\DRIVERS\nusb3xhc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NVHDA]
"ImagePath"="system32\drivers\nvhda64v.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nvlddmkm]
"ImagePath"="system32\DRIVERS\nvlddmkm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nvraid]
"ImagePath"="\SystemRoot\system32\drivers\nvraid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nvstor]
"ImagePath"="\SystemRoot\system32\drivers\nvstor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nvsvc]
"ImagePath"="c:\windows\system32\nvvsvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nvUpdatusService]
"ImagePath"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nv_agp]
"ImagePath"="\SystemRoot\system32\drivers\nv_agp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ohci1394]
"ImagePath"="\SystemRoot\system32\drivers\ohci1394.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ose64]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\osppsvc]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Outlook]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\p2pimsvc]
"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\p2psvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PanService]
"ImagePath"="c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Parport]
"ImagePath"="\SystemRoot\system32\DRIVERS\parport.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\partmgr]
"ImagePath"="System32\drivers\partmgr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PcaSvc]
"ServiceDll"="%SystemRoot%\System32\pcasvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pci]
"ImagePath"="system32\drivers\pci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pciide]
"ImagePath"="system32\drivers\pciide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pcmcia]
"ImagePath"="\SystemRoot\system32\DRIVERS\pcmcia.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pcw]
"ImagePath"="System32\drivers\pcw.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PEAUTH]
"ImagePath"="system32\drivers\peauth.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PeerDistSvc]
"ServiceDll"="%SystemRoot%\system32\peerdistsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PerfDisk]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PerfHost]
"ImagePath"="%SystemRoot%\SysWow64\perfhost.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PerfNet]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PerfOS]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PerfProc]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pla]
"ServiceDll"="%systemroot%\system32\pla.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PlugPlay]
"ServiceDll"="%SystemRoot%\system32\umpnpmgr.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PNRPAutoReg]
"ServiceDll"="%SystemRoot%\system32\pnrpauto.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PNRPsvc]
"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PolicyAgent]
"ServiceDll"="%SystemRoot%\System32\ipsecsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PortProxy]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Power]
"ServiceDll"="%SystemRoot%\system32\umpo.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Processor]
"ImagePath"="\SystemRoot\system32\DRIVERS\processr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ProfSvc]
"ServiceDll"="%systemroot%\system32\profsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Psched]
"ImagePath"="system32\DRIVERS\pacer.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PuranDefrag]
"ImagePath"="\"c:\windows\system32\PuranDefragS.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pwdrvio]
"ImagePath"="\??\c:\windows\system32\pwdrvio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pwdspio]
"ImagePath"="\??\c:\windows\system32\pwdspio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PxHlpa64]
"ImagePath"="System32\Drivers\PxHlpa64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ql2300]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql2300.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ql40xx]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql40xx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\QWAVE]
"ServiceDll"="%windir%\system32\qwave.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\QWAVEdrv]
"ImagePath"="\SystemRoot\system32\drivers\qwavedrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RasAcd]
"ImagePath"="System32\DRIVERS\rasacd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RasAgileVpn]
"ImagePath"="system32\DRIVERS\AgileVpn.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RasSstp]
"ImagePath"="system32\DRIVERS\rassstp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\rdpbus]
"ImagePath"="system32\DRIVERS\rdpbus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPDD]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPDR]
"ImagePath"="System32\drivers\rdpdr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPENCDD]
"ImagePath"="system32\drivers\rdpencdd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPNP]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPREFMP]
"ImagePath"="system32\drivers\rdprefmp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPUDD]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RdpVideoMiniport]
"ImagePath"="System32\drivers\rdpvideominiport.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPWD]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\rdyboost]
"ImagePath"="System32\drivers\rdyboost.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RealNetworks Downloader Resolver Service]
"ImagePath"="\"c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RegFilter]
"ImagePath"="\??\c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RemoteAccess]
"ServiceDLL"="%SystemRoot%\System32\mprdim.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RoxMediaDB13]
"ImagePath"="\"c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RoxWatch12]
"ImagePath"="\"c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RpcEptMapper]
"ServiceDll"="%SystemRoot%\System32\RpcEpMap.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RpcSs]
"ServiceDll"="%SystemRoot%\System32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\rspndr]
"ImagePath"="system32\DRIVERS\rspndr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RTL8167]
"ImagePath"="system32\DRIVERS\Rt64win7.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\s3cap]
"ImagePath"="\SystemRoot\system32\drivers\vms3cap.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Sahdad64]
"ImagePath"="System32\Drivers\Sahdad64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Saibad64]
"ImagePath"="System32\Drivers\Saibad64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SaibVdAd64]
"ImagePath"="System32\Drivers\SaibVdAd64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SbFw]
"ImagePath"="system32\drivers\SbFw.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SBFWIMCL]
"ImagePath"="system32\DRIVERS\sbfwim.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SBFWIMCLMP]
"ImagePath"="system32\DRIVERS\SBFWIM.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sbhips]
"ImagePath"="system32\drivers\sbhips.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sbp2port]
"ImagePath"="\SystemRoot\system32\drivers\sbp2port.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SBRE]
"ImagePath"="\??\c:\windows\system32\drivers\SBREdrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SBSDWSCService]
"ImagePath"="c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SbTis]
"ImagePath"="system32\drivers\sbtis.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SCardSvr]
"ServiceDll"="%SystemRoot%\System32\SCardSvr.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\scfilter]
"ImagePath"="System32\DRIVERS\scfilter.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Schedule]
"ServiceDll"="%systemroot%\system32\schedsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SCPolicySvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SDRSVC]
"ServiceDll"="%Systemroot%\System32\SDRSVC.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\secdrv]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\seclogon]
"ServiceDll"="%windir%\system32\seclogon.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SensrSvc]
"ServiceDll"="%SystemRoot%\system32\sensrsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Serenum]
"ImagePath"="system32\DRIVERS\serenum.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Serial]
"ImagePath"="system32\DRIVERS\serial.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sermouse]
"ImagePath"="\SystemRoot\system32\DRIVERS\sermouse.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ServiceModelEndpoint 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ServiceModelOperation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ServiceModelService 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SessionEnv]
"ServiceDLL"="%SystemRoot%\system32\sessenv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sffdisk]
"ImagePath"="\SystemRoot\system32\drivers\sffdisk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sffp_mmc]
"ImagePath"="\SystemRoot\system32\drivers\sffp_mmc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sffp_sd]
"ImagePath"="\SystemRoot\system32\drivers\sffp_sd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sfloppy]
"ImagePath"="\SystemRoot\system32\DRIVERS\sfloppy.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SiSRaid2]
"ImagePath"="\SystemRoot\system32\DRIVERS\SiSRaid2.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SiSRaid4]
"ImagePath"="\SystemRoot\system32\DRIVERS\sisraid4.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SmartDefragBootTime]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SmartDefragDriver]
"ImagePath"="System32\Drivers\SmartDefragDriver.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Smb]
"ImagePath"="system32\DRIVERS\smb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SMSvcHost 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SMSvcHost 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SNMPTRAP]
"ImagePath"="%SystemRoot%\System32\snmptrap.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\speedfan]
"ImagePath"="SysWOW64\speedfan.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\spldr]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Spooler]
"ImagePath"="%SystemRoot%\System32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sppsvc]
"ImagePath"="%SystemRoot%\system32\sppsvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sppuinotify]
"ServiceDll"="%SystemRoot%\system32\sppuinotify.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\srv]
"ImagePath"="System32\DRIVERS\srv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\srv2]
"ImagePath"="System32\DRIVERS\srv2.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\srvnet]
"ImagePath"="System32\DRIVERS\srvnet.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SstpSvc]
"ServiceDll"="%SystemRoot%\system32\sstpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Steam Client Service]
"ImagePath"="c:\program files (x86)\Common Files\Steam\SteamService.exe /RunAsService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Stereo Service]
"ImagePath"="c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\stexstor]
"ImagePath"="\SystemRoot\system32\DRIVERS\stexstor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\StillCam]
"ImagePath"="system32\DRIVERS\serscan.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\stisvc]
"ServiceDll"="%SystemRoot%\System32\wiaservc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\storflt]
"ImagePath"="system32\drivers\vmstorfl.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\storvsc]
"ImagePath"="\SystemRoot\system32\drivers\storvsc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\swenum]
"ImagePath"="\SystemRoot\system32\drivers\swenum.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\swprv]
"ServiceDll"="%Systemroot%\System32\swprv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Synth3dVsc]
"ImagePath"="System32\drivers\synth3dvsc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SysMain]
"ServiceDll"="%systemroot%\system32\sysmain.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TabletInputService]
"ServiceDll"="%SystemRoot%\System32\TabSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\taphss]
"ImagePath"="system32\DRIVERS\taphss.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\taphss6]
"ImagePath"="system32\DRIVERS\taphss6.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TBS]
"ServiceDll"="%SystemRoot%\System32\tbssvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Tcpip]
"ImagePath"="System32\drivers\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TCPIP6]
"ImagePath"="system32\DRIVERS\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TCPIP6TUNNEL]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tcpipreg]
"ImagePath"="System32\drivers\tcpipreg.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TCPIPTUNNEL]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TDPIPE]
"ImagePath"="system32\drivers\tdpipe.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TDTCP]
"ImagePath"="system32\drivers\tdtcp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tdx]
"ImagePath"="system32\DRIVERS\tdx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TeamViewer7]
"ImagePath"="c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TermDD]
"ImagePath"="\SystemRoot\system32\drivers\termdd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Themes]
"ServiceDll"="%SystemRoot%\system32\themeservice.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\THREADORDER]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TrkWks]
"ServiceDll"="%SystemRoot%\System32\trkwks.dll"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TrustedInstaller]
"ImagePath"="%SystemRoot%\servicing\TrustedInstaller.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TSDDD]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tssecsrv]
"ImagePath"="System32\DRIVERS\tssecsrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TsUsbFlt]
"ImagePath"="system32\drivers\tsusbflt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tsusbhub]
"ImagePath"="system32\drivers\tsusbhub.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tunnel]
"ImagePath"="system32\DRIVERS\tunnel.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\uagp35]
"ImagePath"="\SystemRoot\system32\DRIVERS\uagp35.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\udfs]
"ImagePath"="system32\DRIVERS\udfs.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\UGatherer]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\UGTHRSVC]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\UI0Detect]
"ImagePath"="%SystemRoot%\system32\UI0Detect.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\uliagpkx]
"ImagePath"="\SystemRoot\system32\drivers\uliagpkx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\umbus]
"ImagePath"="system32\DRIVERS\umbus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\UmPass]
"ImagePath"="\SystemRoot\system32\DRIVERS\umpass.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\UmRdpService]
"ServiceDll"="%SystemRoot%\System32\umrdp.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\UrlFilter]
"ImagePath"="\??\c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbccgp]
"ImagePath"="\SystemRoot\system32\drivers\usbccgp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbcir]
"ImagePath"="\SystemRoot\system32\drivers\usbcir.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbhub]
"ImagePath"="\SystemRoot\system32\drivers\usbhub.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbohci]
"ImagePath"="\SystemRoot\system32\drivers\usbohci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbprint]
"ImagePath"="\SystemRoot\system32\DRIVERS\usbprint.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\USBSTOR]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbuhci]
"ImagePath"="\SystemRoot\system32\drivers\usbuhci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\UxSms]
"ServiceDll"="%SystemRoot%\System32\uxsms.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VaultSvc]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VBoxDrv]
"ImagePath"="system32\DRIVERS\VBoxDrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VBoxNetAdp]
"ImagePath"="system32\DRIVERS\VBoxNetAdp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VBoxNetFlt]
"ImagePath"="system32\DRIVERS\VBoxNetFlt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VBoxUSBMon]
"ImagePath"="system32\DRIVERS\VBoxUSBMon.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vdrvroot]
"ImagePath"="system32\drivers\vdrvroot.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vds]
"ImagePath"="%SystemRoot%\System32\vds.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vga]
"ImagePath"="system32\DRIVERS\vgapnp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VGPU]
"ImagePath"="System32\drivers\rdvgkmd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vhdmp]
"ImagePath"="\SystemRoot\system32\drivers\vhdmp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\viaide]
"ImagePath"="\SystemRoot\system32\drivers\viaide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vmbus]
"ImagePath"="system32\drivers\vmbus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VMBusHID]
"ImagePath"="\SystemRoot\system32\drivers\VMBusHID.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vmci]
"ImagePath"="\??\c:\windows\system32\drivers\vmci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vmkbd]
"ImagePath"="\??\c:\windows\system32\drivers\VMkbd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VMnetAdapter]
"ImagePath"="system32\DRIVERS\vmnetadapter.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VMnetBridge]
"ImagePath"="system32\DRIVERS\vmnetbridge.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VMnetDHCP]
"ImagePath"="c:\windows\system32\vmnetdhcp.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VMnetuserif]
"ImagePath"="\??\c:\windows\system32\drivers\vmnetuserif.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VMware]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VMware NAT Service]
"ImagePath"="c:\windows\system32\vmnat.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vmx86]
"ImagePath"="\??\c:\windows\system32\drivers\vmx86.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\volmgr]
"ImagePath"="system32\drivers\volmgr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\volmgrx]
"ImagePath"="System32\drivers\volmgrx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\volsnap]
"ImagePath"="system32\drivers\volsnap.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vsmraid]
"ImagePath"="\SystemRoot\system32\DRIVERS\vsmraid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VSS]
"ImagePath"="%systemroot%\system32\vssvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vstor2-ws60]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vwifibus]
"ImagePath"="\SystemRoot\System32\drivers\vwifibus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VWiFiFlt]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\W3SVC]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WacomPen]
"ImagePath"="\SystemRoot\system32\DRIVERS\wacompen.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WANARP]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wanarpv6]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wbengine]
"ImagePath"="\"%systemroot%\system32\wbengine.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WbioSrvc]
"ServiceDll"="%SystemRoot%\System32\wbiosrvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wcncsvc]
"ServiceDll"="%SystemRoot%\System32\wcncsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WcsPlugInService]
"ServiceDll"="%SystemRoot%\System32\WcsPlugInService.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wd]
"ImagePath"="\SystemRoot\system32\DRIVERS\wd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wdf01000]
"ImagePath"="system32\drivers\Wdf01000.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WdiServiceHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WdiSystemHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wecsvc]
"ServiceDll"="%SystemRoot%\system32\wecsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wercplsupport]
"ServiceDll"="%SystemRoot%\System32\wercplsupport.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WerSvc]
"ServiceDll"="%SystemRoot%\System32\WerSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WfpLwf]
"ImagePath"="system32\DRIVERS\wfplwf.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WIMMount]
"ImagePath"="system32\drivers\wimmount.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinDefend]
"ServiceDll"="%ProgramFiles%\Windows Defender\mpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Windows Workflow Foundation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinHttpAutoProxySvc]
"ServiceDll"="winhttp.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinRM]
"ServiceDll"="%SystemRoot%\system32\WsmSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Winsock]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinSock2]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wlansvc]
"ServiceDll"="%SystemRoot%\System32\wlansvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wlidsvc]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WmiAcpi]
"ImagePath"="\SystemRoot\system32\drivers\wmiacpi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WmiApRpl]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wmiApSrv]
"ImagePath"="%systemroot%\system32\wbem\WmiApSrv.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WMPNetworkSvc]
"ImagePath"="\"%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WPCSvc]
"ServiceDll"="%SystemRoot%\System32\wpcsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WPDBusEnum]
"ServiceDll"="%SystemRoot%\system32\wpdbusenum.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ws2ifsl]
"ImagePath"="\SystemRoot\system32\drivers\ws2ifsl.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WSearch]
"ImagePath"="%systemroot%\system32\SearchIndexer.exe /Embedding"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WSearchIdxPi]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wuauserv]
"ServiceDll"="%systemroot%\system32\wuaueng.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WudfPf]
"ImagePath"="system32\drivers\WudfPf.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WUDFRd]
"ImagePath"="system32\DRIVERS\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wudfsvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WwanSvc]
"ServiceDll"="%SystemRoot%\System32\wwansvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\xmlprov]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\YahooAUService]
"ImagePath"="\"c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{07171AC2-0D2A-427d-BCE5-B6C2D6C7058B}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{2054F5A7-0F68-41F5-8F70-FC42E6A5C649}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{22EDEAD7-0040-4E66-86BD-DF51272798A6}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{7431E8F0-319D-48E9-ACB7-C825953D13AE}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{AEC6C2BC-B836-41E6-B740-1AB74403D2F5}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{C46D88A1-6AAE-4219-BC26-7B9B9A5D3794}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{E82B5682-302A-40B0-80C5-D1D9A530D73D}]
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,
eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,
06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}"=hex:51,66,7a,6c,4c,1d,38,12,3a,a3,f7,
fd,83,a7,ad,0e,fc,b5,35,e1,ab,2d,25,64
"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,
f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:33,00,01,e7,59,d8,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.URL"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.XHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.XHT"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\09\03\1c\17\"1?"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\PANDORA.TV\PanService\PanProcess.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
.
**************************************************************************
.
Completion time: 2013-02-03 00:56:30 - machine was rebooted

.
Pre-Run: 677,299,970,048 bytes free
Post-Run: 677,174,374,400 bytes free
.
- - End Of File - - 8C7043EE563314F035A17C8033AC788D

2nd) OTL logfile created on: 2/3/2013 9:46:42 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\WayneAdams\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 5.73 Gb Available Physical Memory | 71.82% Memory free
15.96 Gb Paging File | 13.22 Gb Available in Paging File | 82.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 630.68 Gb Free Space | 67.71% Space Free | Partition Type: NTFS

Computer Name: WAYNEADAMS-PC | User Name: WayneAdams | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/03 09:46:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\WayneAdams\Desktop\OTL.exe
PRC - [2013/01/14 17:24:00 | 000,703,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
PRC - [2013/01/14 17:23:38 | 000,465,232 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2013/01/09 05:36:40 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
PRC - [2012/12/29 05:34:47 | 001,260,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/12/29 02:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/11/06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2012/11/02 00:08:48 | 001,340,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/09/28 09:25:56 | 000,586,904 | ---- | M] (PandoraTV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
PRC - [2012/09/28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
PRC - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/14 17:24:58 | 000,349,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madexcept_.bpl
MOD - [2013/01/14 17:24:58 | 000,051,024 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\maddisAsm_.bpl
MOD - [2013/01/14 17:24:56 | 000,183,632 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madbasic_.bpl
MOD - [2013/01/14 17:24:30 | 000,893,264 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
MOD - [2012/06/23 17:20:18 | 006,307,928 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/08/13 16:27:44 | 000,292,736 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/01/22 17:37:00 | 000,115,608 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/14 17:23:38 | 000,465,232 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2013/01/09 05:36:41 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/29 05:34:47 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/12/29 02:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/11/06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/11/02 00:08:48 | 001,340,976 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/09/28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012/08/31 09:02:03 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/07/07 20:56:35 | 000,529,232 | ---- | M] (Valve Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/03/25 22:42:16 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011/03/25 22:42:00 | 000,404,080 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2010/09/13 12:02:00 | 000,039,408 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2010/07/16 05:48:26 | 000,354,288 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)
SRV - [2010/07/16 05:48:04 | 001,099,248 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/02 18:05:58 | 000,457,200 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/01/15 14:42:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/11/01 13:31:08 | 000,040,712 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2012/11/01 13:25:26 | 000,042,248 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2012/10/22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012/10/15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/10/10 11:30:40 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2012/10/05 03:32:50 | 000,111,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012/10/02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/09/21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/09/21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012/09/14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012/09/12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/09/09 13:15:29 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/09/04 10:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2012/07/03 10:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/03/14 17:23:00 | 000,147,248 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012/02/27 11:36:14 | 000,055,384 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2012/02/23 11:11:26 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/06 13:30:50 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2011/05/06 13:30:46 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2011/04/05 17:35:20 | 000,253,528 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)
DRV:64bit: - [2011/04/05 17:35:20 | 000,094,296 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbtis.sys -- (SbTis)
DRV:64bit: - [2011/04/05 17:35:20 | 000,060,504 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)
DRV:64bit: - [2011/03/25 22:43:06 | 000,068,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2011/03/25 22:43:04 | 000,081,008 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011/03/25 22:41:18 | 000,031,856 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2011/03/25 22:41:08 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2011/03/25 21:27:36 | 000,038,512 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011/03/25 19:04:58 | 000,045,104 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2011/03/25 19:04:58 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2011/02/10 13:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 13:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/02/08 09:14:20 | 000,084,568 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV:64bit: - [2011/02/08 09:14:20 | 000,084,568 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV:64bit: - [2010/11/26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 08:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/07/16 10:12:14 | 000,167,920 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\C2SCSI64.SYS -- (c2scsi64)
DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/11/17 18:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/08/02 06:56:28 | 000,900,608 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 00:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:64bit: - [2009/06/02 00:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:64bit: - [2009/06/02 00:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV:64bit: - [2005/09/23 21:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2012/07/05 13:53:22 | 000,021,904 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2012/07/05 13:53:18 | 000,033,224 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2012/01/05 18:07:14 | 000,021,384 | ---- | M] (IObit) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2010/04/12 10:36:26 | 000,044,344 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys -- (DualCoreCenter)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsof...obby/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsof...ss/allinone.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {E1C7D25E-7949-4E7E-AF86-73C9FFD173E1}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0006c626dbc0c11
IE - HKCU\..\SearchScopes\{35A11055-4C45-4B5C-BC63-CC3A88C0FF38}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{5106E20C-4472-4C45-800F-9488BE463818}: "URL" = http://search.yahoo....rtPage?}&fr=ie8
IE - HKCU\..\SearchScopes\{C56128EB-AF71-4174-86EA-A5CFE62A08DA}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{E1C7D25E-7949-4E7E-AF86-73C9FFD173E1}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=994519_yserp3tst"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:12.2.5.4
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\WayneAdams\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.5.4\ [2012/09/09 13:15:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/01/30 11:01:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/30 11:01:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/23 19:17:56 | 000,000,000 | ---D | M]

[2012/03/25 20:33:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Extensions
[2013/02/01 08:08:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\fk8bv7e2.default\extensions
[2013/01/15 14:25:48 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\fk8bv7e2.default\extensions\[email protected]
[2013/02/01 08:08:46 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\fk8bv7e2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/12/22 22:23:05 | 000,002,432 | ---- | M] () -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\fk8bv7e2.default\searchplugins\babylon1.xml
[2013/01/22 17:36:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/01/22 17:36:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/01/22 17:36:57 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/01/22 17:36:57 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak
[2013/01/22 17:36:57 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak
[2012/09/09 13:15:48 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\12.2.5.4
[2013/01/22 17:37:00 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/23 17:20:16 | 000,033,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2013/01/23 19:17:53 | 000,124,056 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2012/11/11 04:53:42 | 000,003,571 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/12/22 22:22:57 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/11/29 18:43:58 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/29 18:43:58 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U33 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\WayneAdams\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\WayneAdams\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\WayneAdams\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\WayneAdams\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\WayneAdams\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: AVG Secure Search = C:\Users\WayneAdams\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.2.5.4_0\
CHR - Extension: Gmail = C:\Users\WayneAdams\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/02/03 00:52:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [WinThemePack Logon] C:\Program Files (x86)\WinThemePack\Amazing Guns Logon Screen\tweak.exe (WinThemePack.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 147
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyGames = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserFolderInStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableThumbnailsOnNetworkFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 147
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...pdetect119b.cab (Reg Error: Key error.)
O16:64bit: - DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} http://clients.futur.../FMSI_v4110.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_07)
O16:64bit: - DPF: Garmin Communicator Plug-In https://static.garmi...xControl_64.CAB (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7431E8F0-319D-48E9-ACB7-C825953D13AE}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AEC6C2BC-B836-41E6-B740-1AB74403D2F5}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/04/11 18:17:47 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/07/21 12:40:24 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (RegistryDefragBootTime.exe)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/03 09:45:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\WayneAdams\Desktop\OTL.exe
[2013/02/03 01:30:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/02/03 01:23:43 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/02/03 00:56:31 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/02/03 00:34:24 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/02/03 00:34:24 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/02/03 00:34:24 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/02/03 00:33:01 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/02/03 00:32:30 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/02/02 22:43:58 | 005,029,149 | R--- | C] (Swearware) -- C:\Users\WayneAdams\Desktop\ComboFix.exe
[2013/02/02 22:13:13 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Desktop\You-Tube movies
[2013/02/02 22:11:49 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Desktop\fix it rkill
[2013/01/30 12:51:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
[2013/01/30 12:51:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileASSASSIN
[2013/01/30 12:30:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2013/01/30 08:32:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
[2013/01/30 08:29:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codecs for Windows 7 Pack
[2013/01/30 08:29:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\C2MP
[2013/01/29 23:04:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/01/29 22:47:00 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Coupon Companion
[2013/01/29 22:46:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Coupon Companion
[2013/01/29 20:44:16 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Desktop\security programs
[2013/01/29 20:07:59 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/01/28 23:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV
[2013/01/28 23:44:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PANDORA.TV
[2013/01/23 19:18:31 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\RealNetworks
[2013/01/23 19:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2013/01/23 19:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013/01/23 19:18:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2013/01/23 19:17:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2013/01/23 19:17:47 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2013/01/23 07:48:12 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\EAA Polymer 9mm
[2013/01/22 17:36:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/01/22 12:55:06 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\Mechelle-Job Search
[2013/01/22 06:50:07 | 000,000,000 | ---D | C] -- C:\Windows\tasks\TaskDisabled
[2013/01/18 18:44:49 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\Pinnacle
[2013/01/18 12:40:25 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\temp
[2013/01/18 12:40:18 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\InstantCDDVD
[2013/01/18 12:39:50 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Avid
[2013/01/18 12:37:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 16
[2013/01/18 12:35:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pegasus Imaging
[2013/01/18 12:34:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle
[2013/01/18 12:20:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013/01/18 12:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\PCTV Systems
[2013/01/17 20:11:05 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\Pinnacle Studio
[2013/01/17 20:09:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pinnacle
[2013/01/17 20:06:33 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Projects
[2013/01/17 20:00:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle
[2013/01/15 15:54:01 | 000,032,600 | ---- | C] (IObit) -- C:\Windows\SysNative\SmartDefragBootTime.exe
[2013/01/15 15:52:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2013/01/15 15:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2013/01/15 14:36:45 | 000,026,448 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2013/01/15 14:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013/01/15 14:19:10 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\IObit
[2013/01/15 14:19:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6
[2013/01/11 07:48:51 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\DMCache
[2013/01/10 20:50:20 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Garmin
[2013/01/10 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\My Garmin
[2013/01/10 20:50:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Garmin
[2013/01/10 20:50:14 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\GARMIN_Corp
[2013/01/10 20:49:45 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/02/03 09:46:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\WayneAdams\Desktop\OTL.exe
[2013/02/03 09:43:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/03 09:29:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/03 08:52:10 | 000,030,464 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/03 08:52:10 | 000,030,464 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/03 02:09:39 | 000,000,144 | ---- | M] () -- C:\Users\WayneAdams\Desktop\ComboFix - Deleted EVERYTHING.url
[2013/02/03 00:56:51 | 000,730,464 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/02/03 00:56:51 | 000,626,624 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/02/03 00:56:51 | 000,107,526 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/02/03 00:52:42 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/02/03 00:52:28 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/03 00:52:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/02 22:44:04 | 005,029,149 | R--- | M] (Swearware) -- C:\Users\WayneAdams\Desktop\ComboFix.exe
[2013/02/02 07:48:30 | 000,000,161 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Florida Housing Finance Corporation (2).url
[2013/02/02 07:48:04 | 002,970,719 | ---- | M] () -- C:\Users\WayneAdams\Documents\Citrus 10-13[1] SHIP.pdf
[2013/02/02 07:19:09 | 000,000,171 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Florida Housing Finance Corporation.url
[2013/01/31 18:44:25 | 000,154,048 | ---- | M] () -- C:\Users\WayneAdams\Documents\ringsizer[1].pdf
[2013/01/30 14:58:29 | 000,001,013 | ---- | M] () -- C:\Users\WayneAdams\Desktop\KMPlayer.lnk
[2013/01/30 14:58:02 | 026,039,992 | ---- | M] () -- C:\Users\WayneAdams\Desktop\KMPlayer_3-5-0-77_00_20130123015648.exe
[2013/01/30 12:51:21 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk
[2013/01/29 07:27:32 | 000,051,088 | ---- | M] () -- C:\Users\WayneAdams\Documents\habitat1.PNG
[2013/01/28 23:37:50 | 001,026,378 | ---- | M] () -- C:\Users\WayneAdams\Documents\Benefit Verification Letter 01282013.mht
[2013/01/25 20:36:31 | 000,000,183 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Penny Gun Auction.url
[2013/01/24 21:03:23 | 000,085,015 | ---- | M] () -- C:\Users\WayneAdams\Documents\Seal-and-Expunge-Application_Revised-06152010[1].pdf
[2013/01/24 19:15:26 | 000,561,751 | ---- | M] () -- C:\Users\WayneAdams\Documents\Habitat Orientation Jan 2013.jpg
[2013/01/23 19:18:19 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/01/23 19:17:47 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2013/01/22 09:56:35 | 000,001,210 | ---- | M] () -- C:\Users\WayneAdams\Documents\FLUID -- Florida Unemployment Internet Direct Claims.mht
[2013/01/19 18:55:37 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013/01/18 12:40:48 | 000,003,584 | ---- | M] () -- C:\Users\WayneAdams\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/18 12:37:46 | 000,002,222 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle Studio 16.lnk
[2013/01/18 12:14:26 | 005,508,818 | ---- | M] () -- C:\Users\WayneAdams\Documents\Studio 16 PDF.pdf
[2013/01/17 18:34:27 | 000,007,647 | ---- | M] () -- C:\Users\WayneAdams\AppData\Local\Resmon.ResmonCfg
[2013/01/15 22:43:26 | 000,560,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/15 15:52:55 | 000,001,152 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2013/01/15 15:52:31 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2013/01/15 14:19:10 | 000,001,264 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2013/01/15 14:19:10 | 000,001,207 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 6.lnk
[2013/01/14 17:25:40 | 000,026,448 | ---- | M] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2013/01/13 12:09:34 | 000,002,229 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Google Chrome.lnk
[2013/01/10 07:57:03 | 002,515,455 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Manual WOW.pdf
[2013/01/05 19:37:58 | 000,027,598 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Emotions-2.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/03 02:09:39 | 000,000,144 | ---- | C] () -- C:\Users\WayneAdams\Desktop\ComboFix - Deleted EVERYTHING.url
[2013/02/03 00:34:24 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/02/03 00:34:24 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/02/03 00:34:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/02/03 00:34:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/02/03 00:34:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/02/02 07:48:30 | 000,000,161 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Florida Housing Finance Corporation (2).url
[2013/02/02 07:48:04 | 002,970,719 | ---- | C] () -- C:\Users\WayneAdams\Documents\Citrus 10-13[1] SHIP.pdf
[2013/02/02 07:19:09 | 000,000,171 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Florida Housing Finance Corporation.url
[2013/01/31 18:44:25 | 000,154,048 | ---- | C] () -- C:\Users\WayneAdams\Documents\ringsizer[1].pdf
[2013/01/30 14:58:29 | 000,001,013 | ---- | C] () -- C:\Users\WayneAdams\Desktop\KMPlayer.lnk
[2013/01/30 14:57:32 | 026,039,992 | ---- | C] () -- C:\Users\WayneAdams\Desktop\KMPlayer_3-5-0-77_00_20130123015648.exe
[2013/01/30 12:51:21 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk
[2013/01/29 07:27:32 | 000,051,088 | ---- | C] () -- C:\Users\WayneAdams\Documents\habitat1.PNG
[2013/01/28 23:37:48 | 001,026,378 | ---- | C] () -- C:\Users\WayneAdams\Documents\Benefit Verification Letter 01282013.mht
[2013/01/25 20:36:31 | 000,000,183 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Penny Gun Auction.url
[2013/01/24 21:03:23 | 000,085,015 | ---- | C] () -- C:\Users\WayneAdams\Documents\Seal-and-Expunge-Application_Revised-06152010[1].pdf
[2013/01/24 19:15:26 | 000,561,751 | ---- | C] () -- C:\Users\WayneAdams\Documents\Habitat Orientation Jan 2013.jpg
[2013/01/23 19:18:19 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/01/22 09:56:34 | 000,001,210 | ---- | C] () -- C:\Users\WayneAdams\Documents\FLUID -- Florida Unemployment Internet Direct Claims.mht
[2013/01/18 12:40:47 | 000,003,584 | ---- | C] () -- C:\Users\WayneAdams\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/18 12:37:46 | 000,002,222 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle Studio 16.lnk
[2013/01/18 12:22:45 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013/01/18 12:14:25 | 005,508,818 | ---- | C] () -- C:\Users\WayneAdams\Documents\Studio 16 PDF.pdf
[2013/01/15 15:52:56 | 000,017,720 | ---- | C] () -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys
[2013/01/15 15:52:55 | 000,001,152 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2013/01/15 15:52:31 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2013/01/15 14:19:10 | 000,001,264 | ---- | C] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2013/01/15 14:19:10 | 000,001,207 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 6.lnk
[2013/01/10 07:57:03 | 002,515,455 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Manual WOW.pdf
[2013/01/05 19:38:05 | 000,027,598 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Emotions-2.jpg
[2012/11/28 19:22:33 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-WAYNEADAMS-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat
[2012/09/18 11:00:33 | 000,140,058 | ---- | C] () -- C:\Users\WayneAdams\AppData\Local\ars.cache
[2012/08/09 07:07:02 | 000,017,408 | ---- | C] () -- C:\Users\WayneAdams\AppData\Local\WebpageIcons.db
[2012/04/02 16:55:12 | 000,253,352 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/03/19 21:28:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dvdtest10024.dat
[2012/01/18 06:51:35 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2011/12/16 22:18:55 | 006,970,219 | ---- | C] () -- C:\Users\WayneAdams\AppData\Local\census.cache
[2011/12/16 18:43:34 | 000,000,036 | ---- | C] () -- C:\Users\WayneAdams\AppData\Local\housecall.guid.cache
[2011/12/14 22:55:24 | 000,007,647 | ---- | C] () -- C:\Users\WayneAdams\AppData\Local\Resmon.ResmonCfg
[2011/10/02 20:37:11 | 000,000,565 | ---- | C] () -- C:\Users\WayneAdams\AppData\Roaming\myMPQ.ini
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/27 06:22:18 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/09/27 06:08:06 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2011/09/26 13:44:42 | 000,730,464 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/01/15 14:46:59 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/01/15 14:47:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/09/09 18:37:43 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\AVG
[2012/09/09 13:28:19 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\AVG2013
[2013/02/03 00:52:48 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Azureus
[2012/03/04 00:29:05 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\CleanMyPC Software
[2012/11/11 12:33:08 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\CompuClever
[2013/01/12 19:33:15 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\DMCache
[2012/02/03 20:41:03 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\DreamDale
[2012/04/03 13:26:42 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\DVD-Cloner
[2011/09/26 11:31:48 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\EMCO
[2012/11/09 00:54:48 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\f-secure
[2013/01/10 20:59:12 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Garmin
[2012/08/06 18:55:03 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\GlarySoft
[2013/01/30 11:00:51 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\IObit
[2011/12/15 08:46:46 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\iolo
[2012/12/22 21:29:46 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\iWin
[2012/03/17 16:31:42 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\MAXON
[2012/04/02 07:18:40 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Mipony
[2011/12/16 18:00:29 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Oberon Media
[2012/09/09 21:03:59 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Prey
[2012/07/06 22:36:06 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Quest3D
[2011/09/28 22:21:41 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\SeriousBit
[2012/01/16 10:12:24 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\ShamanGS
[2011/09/26 21:13:29 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Simple Star
[2012/10/12 09:53:38 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\TeamViewer
[2011/10/04 23:59:12 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Thunderbird
[2011/12/08 08:46:28 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Trine2
[2012/12/23 10:08:55 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\TuneUp Software

========== Purity Check ==========



========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\system64] -> \systemroot\system32 -> Mount Point

========== Alternate Data Streams ==========

@Alternate Data Stream - 171 bytes -> C:\ProgramData\TEMP:ECF54A0E
@Alternate Data Stream - 169 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:FAC5BCF5

< End of report >


3rd) OTL Extras logfile created on: 2/3/2013 9:46:42 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\WayneAdams\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 5.73 Gb Available Physical Memory | 71.82% Memory free
15.96 Gb Paging File | 13.22 Gb Available in Paging File | 82.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 630.68 Gb Free Space | 67.71% Space Free | Partition Type: NTFS

Computer Name: WAYNEADAMS-PC | User Name: WayneAdams | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistUMP] -- "C:\Program Files (x86)\UMPlayer\umplayer.exe" -add-to-playlist "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithUMP] -- "C:\Program Files (x86)\UMPlayer\umplayer.exe" -play-dir "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistUMP] -- "C:\Program Files (x86)\UMPlayer\umplayer.exe" -add-to-playlist "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithUMP] -- "C:\Program Files (x86)\UMPlayer\umplayer.exe" -play-dir "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07AD936F-2474-4B73-8C9D-CBCA7388A46B}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{0FDF808F-2393-488B-B7BE-0EF122A62F3C}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{17309A31-AC67-4663-BE2B-0F94B372FF7B}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 16\programs\rm.exe |
"{41D784B7-1BED-4485-B6D1-68E0353308DF}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 16\programs\umi.exe |
"{46C332B5-F3C5-4EFD-A05B-C0680B85B5B8}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 16\programs\ngstudio.exe |
"{4AB65B99-E5A0-4991-B1E4-1B262C47867A}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe |
"{5560C342-4B50-43D7-8B25-E6A09D83C38F}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 16\programs\ngstudio.exe |
"{6141ECE8-13EB-44A6-A2E9-58D4E7B248E8}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{636A3846-1E23-4913-B9F3-EDB6D67E9BCF}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe |
"{8428AF0F-C00B-4B41-87F9-46B4FCDADE77}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{A22A8F9B-474B-4DF4-9137-C761681AA272}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{AE076E43-04F4-487A-ACDE-D2E2D979C852}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 16\programs\rm.exe |
"{D21CFF38-AEF7-4361-B289-37A47499A1C2}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 16\programs\umi.exe |
"{D5B3052F-868E-4CD0-9E3B-6C74DC5E772C}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe |
"{D7071D42-21A0-4F12-87C8-AE3A50F82AF5}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{D94DED66-AA89-44C4-9079-91DD7A466774}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{F5E6CE3C-2DA3-4F6D-9394-2007B6D83071}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe |
"{FBA71C77-53BF-47EB-B79F-E40A3C921B93}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe |
"{FC406721-295A-4FB4-BA1C-BBD29A09A3A7}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe |
"{FDB6E2F8-4A00-4D94-91AA-CF49B65CB66D}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00a8ce68-cb2e-4652-aecd-c05c0d9d53a7}.sdb" = Windows Media Player 64-bit Plug-in Fix
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{20150000-0011-0000-1000-0000000FF1CE}" = Microsoft Professional Plus 2013
"{20150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B4E0635D-5901-4984-B1BF-70A841B4115D}" = Update for Microsoft Outlook 2013 Previ
"{20150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{20150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{20150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{20150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{20150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{20150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{20150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 Preview - English
"{20150000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 Preview - French
"{20150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 Preview - Spanish
"{20150000-002C-0409-1000-0000000FF1CE}" = Microsoft Proofing (English) 2013
"{20150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{20150000-006E-0409-1000-0000000FF1CE}" = Microsoft Shared MUI (English) 2013
"{20150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{20150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{20150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{20150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{20150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Shared 32-bit MUI (English) 2013
"{20150000-00E1-0409-1000-0000000FF1CE}" = Microsoft OSM MUI (English) 2013
"{20150000-00E2-0409-1000-0000000FF1CE}" = Microsoft OSM UX MUI (English) 2013
"{20150000-0115-0409-1000-0000000FF1CE}" = Microsoft Shared Setup Metadata MUI (English) 2013
"{20150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{20150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{235FC8A2-FFDF-4F74-A829-BA20EC015EC7}" = HP Photosmart 5520 series Product Improvement Study
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema 1.6.1.4235 x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{502275B0-3DA3-44D8-8702-066525CAAE98}" = AVG 2013
"{53469789-996F-4193-9FBD-A053EE298C6F}" = HP Photosmart 5520 series Basic Device Software
"{550331CC-C34B-494F-BCDA-37CE4EF6E924}" = Garmin Communicator Plugin x64
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170070}" = Java SE Development Kit 7 Update 7 (64-bit)
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Driver
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B374E6A8-501F-4BC0-BA59-4EE78F06B3B2}" = Oracle VM VirtualBox 4.1.10
"{B9D80BD8-C6F4-467C-9717-0ABA9684DA29}" = AVG 2013
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"AVG" = AVG 2013
"CCleaner" = CCleaner
"EnhanceMySe7en_is1" = EnhanceMySe7en
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013 Preview
"Puran Utilities_is1" = Puran Utilities 1.0.2
"Speccy" = Speccy
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{18E928DE-ABBA-4CEB-A9E4-205769B03FE8}" = Garmin BaseCamp
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 33
"{284BFDBC-DAC6-43EC-85A8-E1CEC0D3A114}" = Pinnacle Studio 16
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{34AF0799-8123-41BA-885A-BDEB157607F9}" = Jewel Quest III
"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{4433FF9E-AF21-4E41-B296-4E13BF4D52F5}" = Roxio Creator 2011 Pro
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = USB Vibration Joystick
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"{4F38594F-2C4A-4C42-B2C4-505E225F6F80}" = HP Product Detection
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{67E4EF06-E0D6-42E0-A2BA-67199B0143FB}_is1" = Windows Media Player Plus! 2.1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7137E26A-10F7-4B1C-9980-0893579E92DA}" = HP Photosmart 5520 series Help
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729B89D0-946A-407E-A121-343BD3320C40}" = Roxio BackOnTrack
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD®
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77CDA026-3860-4C95-8233-34F3CEF121FB}" = Roxio Creator 2011 Pro
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A181D43-86AE-4362-91BF-5C01A19653D7}_is1" = MiniTool Partition Wizard Professional Edition 6.0
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9569E6BC-326A-432F-97AB-35263A327BF1}" = Roxio Burn - Secure
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A5F1282-D6F8-4F04-B73E-D9286924E9AC}" = Roxio Creator 2011 Pro
"{9AAD03E8-4F65-4DE2-8F6C-1B079C0C8521}" = Garmin Lifetime Updater
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9FAD220A-64E6-4CB7-8488-F728C8E25D6D}_is1" = 1.12.1
"{A044C900-5DE1-4986-B0B8-D6A40271A929}" = Sound Effects
"{A9024A22-FB0E-4DDC-AB93-44D686F7F491}" = Roxio CinePlayer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.5)
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{B98A34C0-A6A2-4087-B272-557C1C6D0A07}" = Microsoft Flight Simulator X Demo
"{BD3EAE4D-862D-4D41-8BB5-F5C2CFFE6022}" = Roxio BackOnTrackPE
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}" = Roxio CinePlayer
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.2.336
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}" = Windows Media Center Add-in for Flash
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FFAC39DA-CF79-434B-A6E0-4055689667D9}" = Roxio CinePlayer Decoder Pack
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"Battle vs. Chess_is1" = Battle vs. Chess
"CleanMyPC - Registry Cleaner_is1" = CleanMyPC - Registry Cleaner
"ControlCenterII_is1" = ControlCenterII
"Crysis WARHEAD®" = Crysis WARHEAD®
"Darksiders II_is1" = Darksiders II
"DualCoreCenter_is1" = DualCoreCenter
"Dungeon Defenders_is1" = Dungeon Defenders
"EMCO UnLock IT 3_is1" = EMCO UnLock IT 3.0
"FileASSASSIN" = FileASSASSIN
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"FormatFactory" = FormatFactory 2.95
"GFWL_{4D5308D2-DC8E-4658-A37C-351000048100}" = Microsoft Flight
"Glary Utilities_is1" = Glary Utilities Pro 2.16.0.758
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"Imikimi Plugin" = Imikimi Plugin
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"IObit Malware Fighter_is1" = IObit Malware Fighter
"Legends of Pegasus_is1" = Legends of Pegasus
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OverclockingCenter_is1" = OverclockingCenter
"Prey_R.G. Mechanics_is1" = Prey
"RealPlayer 16.0" = RealPlayer
"Ricochet Infinity_is1" = Ricochet Infinity
"Ricochet Xtreme Retail_is1" = Ricochet Xtreme
"Roxio PhotoShow" = Roxio PhotoShow
"Ship Simulator Extremes_is1" = Ship Simulator Extremes
"Shipsim2008" = Ship Simulator 2008
"Smart Defrag 2_is1" = Smart Defrag 2
"SMPlayer" = SMPlayer 0.8.3
"SpeedFan" = SpeedFan (remove only)
"TeamViewer 7" = TeamViewer 7
"The KMPlayer" = The KMPlayer (remove only)
"Tweaking.com - Registry Backup" = Tweaking.com - Registry Backup
"Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One)
"UMPlayer" = UMPlayer 0.98 [P4]
"VLC media player" = VLC media player 2.0.2
"War Chess" = War Chess
"Warhammer 40000 - Space Marine_is1" = Warhammer 40000 - Space Marine
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AIM" = AIM for Windows
"GoToMeeting" = GoToMeeting 5.4.0.1060
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/8/2012 11:43:39 AM | Computer Name = WayneAdams-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9017

Error - 9/8/2012 11:43:39 AM | Computer Name = WayneAdams-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9017

Error - 9/8/2012 11:43:40 AM | Computer Name = WayneAdams-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/8/2012 11:43:40 AM | Computer Name = WayneAdams-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10015

Error - 9/8/2012 11:43:40 AM | Computer Name = WayneAdams-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10015

Error - 9/8/2012 11:43:41 AM | Computer Name = WayneAdams-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/8/2012 11:43:41 AM | Computer Name = WayneAdams-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11014

Error - 9/8/2012 11:43:41 AM | Computer Name = WayneAdams-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11014

Error - 9/8/2012 3:04:44 PM | Computer Name = WayneAdams-PC | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.

Error - 9/8/2012 3:15:45 PM | Computer Name = WayneAdams-PC | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.

Error - 9/8/2012 6:08:07 PM | Computer Name = WayneAdams-PC | Source = VSS | ID = 8193
Description = Volume Shadow Copy Service error: Unexpected error calling routine
ConvertStringSidToSid(S-1-5-21-4170311062-3784861015-3588855755-1008.bak). hr
= 0x80070539, The security ID structure is invalid. . Operation: OnIdentify event

Gathering Writer Data Context: Execution Context: Shadow Copy Optimization Writer

Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Writer Name: Shadow
Copy Optimization Writer Writer Instance ID: {c81cc5c6-70d2-4f00-9647-2666dfaaab71}

[ Media Center Events ]
Error - 8/6/2012 3:47:35 AM | Computer Name = WayneAdams-PC | Source = MCUpdate | ID = 0
Description = 3:47:32 AM - Error connecting to the internet. 3:47:32 AM - Unable
to contact server..

Error - 8/6/2012 4:47:44 AM | Computer Name = WayneAdams-PC | Source = MCUpdate | ID = 0
Description = 4:47:42 AM - Error connecting to the internet. 4:47:42 AM - Unable
to contact server..

Error - 8/6/2012 5:47:52 AM | Computer Name = WayneAdams-PC | Source = MCUpdate | ID = 0
Description = 5:47:50 AM - Error connecting to the internet. 5:47:50 AM - Unable
to contact server..

Error - 8/6/2012 6:47:58 AM | Computer Name = WayneAdams-PC | Source = MCUpdate | ID = 0
Description = 6:47:58 AM - Error connecting to the internet. 6:47:58 AM - Unable
to contact server..

Error - 8/6/2012 6:48:05 AM | Computer Name = WayneAdams-PC | Source = MCUpdate | ID = 0
Description = 6:48:03 AM - Error connecting to the internet. 6:48:03 AM - Unable
to contact server..

Error - 8/11/2012 6:08:08 AM | Computer Name = WayneAdams-PC | Source = MCUpdate | ID = 0
Description = 6:08:08 AM - Error connecting to the internet. 6:08:08 AM - Unable
to contact server..

Error - 8/11/2012 6:08:22 AM | Computer Name = WayneAdams-PC | Source = MCUpdate | ID = 0
Description = 6:08:13 AM - Error connecting to the internet. 6:08:13 AM - Unable
to contact server..

Error - 8/15/2012 6:04:14 AM | Computer Name = WayneAdams-PC | Source = MCUpdate | ID = 0
Description = 6:04:10 AM - Failed to retrieve Broadband (Error: The underlying connection
was closed: An unexpected error occurred on a receive.)

Error - 2/2/2013 6:51:37 AM | Computer Name = WayneAdams-PC | Source = MCUpdate | ID = 0
Description = 5:51:37 AM - Error connecting to the internet. 5:51:37 AM - Unable
to contact server..

Error - 2/2/2013 6:51:49 AM | Computer Name = WayneAdams-PC | Source = MCUpdate | ID = 0
Description = 5:51:42 AM - Error connecting to the internet. 5:51:42 AM - Unable
to contact server..

[ System Events ]
Error - 2/3/2013 1:55:08 AM | Computer Name = WayneAdams-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058

Error - 2/3/2013 2:22:10 AM | Computer Name = WayneAdams-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 2/3/2013 3:22:10 AM | Computer Name = WayneAdams-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 2/3/2013 4:22:10 AM | Computer Name = WayneAdams-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 2/3/2013 5:22:10 AM | Computer Name = WayneAdams-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 2/3/2013 6:22:10 AM | Computer Name = WayneAdams-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 2/3/2013 7:22:10 AM | Computer Name = WayneAdams-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 2/3/2013 8:22:10 AM | Computer Name = WayneAdams-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 2/3/2013 9:22:10 AM | Computer Name = WayneAdams-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5

Error - 2/3/2013 10:22:10 AM | Computer Name = WayneAdams-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%5


< End of report >



OTL logfile created on: 3/19/2013 6:00:18 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\WayneAdams\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 4.81 Gb Available Physical Memory | 60.25% Memory free
15.96 Gb Paging File | 12.48 Gb Available in Paging File | 78.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 582.19 Gb Free Space | 62.51% Space Free | Partition Type: NTFS

Computer Name: WAYNEADAMS-PC | User Name: WayneAdams | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\WayneAdams\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\ytbb.exe (Yahoo! Inc.)
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Program Files (x86)\RegCure\RegCure.exe ()
PRC - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
PRC - C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\RegCure\RegCure.exe ()
MOD - C:\Program Files (x86)\RegCure\zlibwapi.dll ()
MOD - C:\Program Files (x86)\RegCure\AutoUpdate.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (PuranDefrag) -- C:\Windows\SysNative\PuranDefragS.exe (Puran Software)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (CISVC) -- C:\Windows\SysNative\CISVC.EXE (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (CinemaNow Service) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) -- C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SaibVdAd64) -- C:\Windows\SysNative\drivers\SaibVdAd64.sys (Sonic Solutions)
DRV:64bit: - (Sahdad64) -- C:\Windows\SysNative\drivers\Sahdad64.sys (Sonic Solutions)
DRV:64bit: - (Saibad64) -- C:\Windows\SysNative\drivers\Saibad64.sys (Sonic Solutions)
DRV - (NTIOLib_1_0_4) -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys (MSI)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-tyc9
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {D0073D66-AF66-4945-B4B4-9345E6AAD67A}
IE - HKCU\..\SearchScopes\{D0073D66-AF66-4945-B4B4-9345E6AAD67A}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\WayneAdams\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/17 19:30:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/02/20 21:51:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Extensions
[2013/03/09 19:50:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\1iwghh1z.default\extensions
[2013/03/08 19:57:42 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\1iwghh1z.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/03/04 00:56:54 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\1iwghh1z.default\extensions\[email protected]
[2013/02/23 18:21:28 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\1iwghh1z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/03/15 17:41:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/17 19:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2013/03/17 19:30:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/03/07 10:31:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/03/07 10:30:20 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/07 10:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2013/03/14 23:15:05 | 000,446,051 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15317 more lines...
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKCU..\Run: [HP Photosmart 5520 series (NET)] C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [WinThemePack Logon] C:\Program Files (x86)\WinThemePack\World Of WarCraft Logon Screen\tweak.exe (WinThemePack.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyGames = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C27EF250-A2EE-4DB1-AC09-15DAF292E389}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\SysNative\WPDShServiceObj.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/04/11 19:17:47 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a2a3569d-7b69-11e2-97b8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a2a3569d-7b69-11e2-97b8-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\ToolLauncher-Bootstrap.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\VZW_Software_upgrade_assistant_installer.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/19 17:58:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\WayneAdams\Desktop\OTL.exe
[2013/03/19 14:51:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/03/19 14:51:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/03/19 13:53:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013/03/18 22:39:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/03/18 15:42:11 | 000,203,320 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013/03/18 15:42:11 | 000,095,544 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013/03/18 15:41:09 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2013/03/18 15:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013/03/18 15:38:09 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Dropbox
[2013/03/18 15:34:36 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Dropbox
[2013/03/18 15:29:37 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Desktop\samsung appt
[2013/03/17 19:42:12 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\StarCraft II
[2013/03/17 19:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2013/03/17 19:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2013/03/17 19:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/03/17 19:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/03/17 17:53:59 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\{900E1508-395D-46EF-A28F-C6809B858857}
[2013/03/17 17:53:59 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\{7CD17FAE-0DC0-4D61-AEC2-F9ED8E0A9819}
[2013/03/17 12:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio 2010
[2013/03/17 08:49:18 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Unity
[2013/03/16 17:11:30 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
[2013/03/16 17:05:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013/03/16 16:44:40 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
[2013/03/16 16:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT
[2013/03/16 16:44:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OCCTPT
[2013/03/15 23:59:12 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure
[2013/03/15 23:59:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegCure
[2013/03/15 23:59:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegCure
[2013/03/15 22:49:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/03/15 17:46:19 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Macromedia
[2013/03/15 17:41:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/15 15:55:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/03/15 15:49:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013/03/15 12:50:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI
[2013/03/15 12:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transformers Windows Theme
[2013/03/15 11:33:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2013/03/15 11:33:23 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\SkyDrive
[2013/03/15 11:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013/03/14 22:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2013/03/14 22:52:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2013/03/14 20:51:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/03/14 20:51:32 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/03/14 17:18:47 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\GlarySoft
[2013/03/13 21:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2013/03/13 21:19:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2013/03/13 21:18:29 | 000,000,000 | ---D | C] -- C:\Upload
[2013/03/13 21:17:54 | 000,000,000 | ---D | C] -- C:\AllShare Play
[2013/03/13 17:31:52 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\{DD4E68DA-DBCD-4C1F-B85E-FF8A7BEBE383}
[2013/03/13 16:54:42 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/03/13 16:53:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
[2013/03/13 16:53:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileASSASSIN
[2013/03/13 15:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\RegInOut
[2013/03/13 14:22:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2013/03/13 14:22:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
[2013/03/13 00:45:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/13 00:45:11 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2013/03/12 06:55:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013/03/12 06:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/03/11 13:45:57 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2013/03/08 19:03:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013/03/07 21:59:14 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013/03/07 17:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/03/07 17:05:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/03/07 16:49:11 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/07 16:49:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/07 15:55:47 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\Verizon statements
[2013/03/07 10:21:33 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\SKIDROW
[2013/03/07 08:36:09 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Microsoft Help
[2013/03/07 04:07:32 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\PCFix
[2013/03/07 04:03:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCFix
[2013/03/07 04:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix 2011 Registry Cleaner
[2013/03/07 03:39:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2013/03/07 03:25:06 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\DriverCure
[2013/03/07 02:37:33 | 000,000,000 | ---D | C] -- C:\Encryption
[2013/03/06 11:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\God Of War Windows Theme
[2013/03/06 11:13:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World Of WarCraft Logon Screen
[2013/03/06 11:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D Forms Windows Theme
[2013/03/06 11:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinThemePack
[2013/03/06 11:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alien Form Logon Screen
[2013/03/05 17:06:33 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Supreme Savings
[2013/03/05 10:26:04 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\Flight Simulator Files
[2013/03/05 03:58:31 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/03/05 03:57:23 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/03/04 16:49:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XP Repair Pro 4.0
[2013/03/04 15:16:07 | 000,000,000 | ---D | C] -- C:\JRT
[2013/03/04 09:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/03/04 00:06:00 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\Fire Arm pdfs
[2013/03/03 23:07:05 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2013/03/03 23:07:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2013/03/03 21:44:00 | 000,000,000 | ---D | C] -- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
[2013/03/03 21:21:58 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Apple Computer
[2013/03/03 20:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/03/03 20:59:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/03/03 20:48:08 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\VS Revo Group
[2013/03/03 20:48:06 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2013/03/03 20:48:05 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/03/03 18:02:10 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\PC VITALWARE
[2013/03/03 18:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\PC VITALWARE
[2013/03/03 16:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/03 16:01:09 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/03/03 16:01:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/03/02 22:55:56 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\IsolatedStorage
[2013/03/01 07:18:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ballance
[2013/03/01 07:17:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio
[2013/02/28 20:37:29 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Open Download Manager
[2013/02/28 18:07:52 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Ant.com
[2013/02/28 17:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/02/28 14:15:35 | 000,000,000 | ---D | C] -- C:\ProgramData\GroupPolicy
[2013/02/28 12:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2013/02/28 12:27:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2013/02/28 12:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2013/02/28 10:40:08 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\SeriousBit
[2013/02/28 04:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zuxxez
[2013/02/28 04:42:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zuxxez
[2013/02/28 04:18:45 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\PowerISO
[2013/02/28 04:17:19 | 000,127,384 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys
[2013/02/28 04:17:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO
[2013/02/28 03:42:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/02/28 02:52:00 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\FedEx_files
[2013/02/27 19:13:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd
[2013/02/27 19:13:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2013/02/27 03:38:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CinemaNow
[2013/02/27 03:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildGames
[2013/02/27 03:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent
[2013/02/27 03:16:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildGames
[2013/02/27 03:03:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013/02/27 03:03:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2013/02/27 01:06:29 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Google
[2013/02/27 01:06:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/02/27 01:03:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013/02/27 01:03:02 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/02/26 20:06:04 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\Diablo III
[2013/02/26 01:05:45 | 000,000,000 | -H-D | C] -- C:\Windows\Icons
[2013/02/25 20:17:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2013/02/25 20:17:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2013/02/25 08:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2013/02/25 08:16:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2013/02/25 08:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013/02/25 01:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013/02/25 00:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ErrorEND64
[2013/02/25 00:39:53 | 000,000,000 | ---D | C] -- C:\inetpub
[2013/02/24 21:47:16 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Desktop\Games
[2013/02/24 21:23:55 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Desktop\Internet
[2013/02/24 18:13:09 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Diagnostics
[2013/02/24 15:43:15 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\VMware
[2013/02/24 14:55:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2013/02/24 14:38:53 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2013/02/24 14:38:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/02/24 14:33:42 | 000,011,832 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\acpimof.dll
[2013/02/24 14:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2013/02/24 14:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/02/24 13:54:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2013/02/24 13:53:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2013/02/24 13:52:33 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\Outlook Files
[2013/02/24 13:31:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Processor ID Utility
[2013/02/24 13:31:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Corporation
[2013/02/24 13:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Utilities
[2013/02/24 13:24:24 | 001,367,424 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranFD.exe
[2013/02/24 13:24:24 | 000,292,736 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragS.exe
[2013/02/24 13:24:24 | 000,287,616 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDC.exe
[2013/02/24 13:24:24 | 000,256,896 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefrag.dll
[2013/02/24 13:24:24 | 000,132,480 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragBT.exe
[2013/02/24 13:16:39 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\FullTiltPoker
[2013/02/24 12:50:56 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Macrovision
[2013/02/24 12:50:27 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Sonic_Solutions
[2013/02/23 23:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2013/02/23 21:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2013/02/23 00:36:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/02/23 00:36:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/02/22 22:31:27 | 000,025,472 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2013/02/22 22:22:03 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\AVG
[2013/02/22 22:21:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013/02/22 22:16:03 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\VirtualStore
[2013/02/22 21:44:46 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2013/02/22 16:05:11 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\RPPrivate
[2013/02/22 14:55:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2013/02/22 14:38:28 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\WinRAR
[2013/02/22 14:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/02/22 14:34:29 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Desktop\Security
[2013/02/22 14:18:45 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\mbar-1.01.0.1020[1]
[2013/02/22 07:59:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codecs for Windows 7 Pack
[2013/02/22 07:59:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\C2MP
[2013/02/22 01:23:13 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/02/22 01:19:43 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013/02/22 01:19:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2013/02/22 00:22:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Games
[2013/02/21 23:31:52 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\FreeFixer
[2013/02/21 23:31:52 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\FreeFixer
[2013/02/21 23:31:41 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFixer
[2013/02/21 23:07:42 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Media Player Classic
[2013/02/21 22:14:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2013/02/21 16:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\OEM Links
[2013/02/21 16:37:27 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\MPlayer
[2013/02/21 16:19:23 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\SUPERAntiSpyware.com
[2013/02/21 16:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/02/21 11:24:13 | 000,000,000 | ---D | C] -- C:\ProgramData\RegRun
[2013/02/21 11:24:03 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\RegRun2
[2013/02/21 11:23:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UnHackMe
[2013/02/21 11:02:37 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\Habitat
[2013/02/21 04:00:29 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2013/02/21 02:55:19 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013/02/21 02:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/02/21 02:55:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/02/21 02:54:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/02/21 02:53:35 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/02/21 02:46:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013/02/21 02:35:47 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Roxio
[2013/02/21 01:33:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013/02/21 01:30:33 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\PokerStars.NET
[2013/02/20 23:57:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/02/20 23:57:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/02/20 23:56:38 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Apple
[2013/02/20 23:56:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/02/20 23:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/02/20 23:51:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/02/20 23:48:19 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Skype
[2013/02/20 23:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/02/20 23:48:12 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/02/20 23:48:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/02/20 23:38:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013/02/20 23:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013/02/20 23:33:55 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Windows Live
[2013/02/20 23:33:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2013/02/20 23:15:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Backups
[2013/02/20 23:07:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/02/20 23:07:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/02/20 23:03:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/02/20 23:03:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/02/20 22:25:48 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\My Games
[2013/02/20 22:20:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2013/02/20 22:14:02 | 000,000,000 | ---D | C] -- C:\ProgramData\CinemaNow
[2013/02/20 22:13:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CinemaNow
[2013/02/20 22:12:46 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Simple Star
[2013/02/20 22:12:42 | 000,000,000 | ---D | C] -- C:\ProgramData\PhotoShow Shared Assets
[2013/02/20 22:12:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2013/02/20 22:11:36 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate
[2013/02/20 22:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc
[2013/02/20 22:11:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software
[2013/02/20 22:11:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/02/20 22:09:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2013/02/20 22:07:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013/02/20 22:06:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2013/02/20 22:06:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2013/02/20 22:06:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2013/02/20 22:06:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2013/02/20 22:03:02 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Roxio Log Files
[2013/02/20 21:48:47 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Mozilla
[2013/02/20 21:48:47 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Mozilla
[2013/02/20 21:48:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/02/20 21:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/02/20 21:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/02/20 21:34:17 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\NVIDIA
[2013/02/20 20:54:19 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Adobe
[2013/02/20 20:35:21 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2013/02/20 20:35:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Photo Creations
[2013/02/20 20:34:32 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\HpUpdate
[2013/02/20 20:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013/02/20 20:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013/02/20 20:33:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2013/02/20 20:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2013/02/20 20:31:02 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\HP
[2013/02/20 20:17:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013/02/20 19:18:16 | 000,000,000 | ---D | C] -- C:\Windows\w7sba
[2013/02/20 16:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/02/20 16:43:23 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Desktop\Media Players
[2013/02/20 12:34:01 | 000,039,768 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/02/20 12:29:33 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\MFAData
[2013/02/20 12:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/02/20 12:28:10 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Apple Computer
[2013/02/20 12:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013/02/20 12:14:38 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\Vuze Downloads
[2013/02/20 11:45:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2013/02/20 11:45:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2013/02/20 11:45:53 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Yahoo!
[2013/02/20 11:45:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2013/02/20 11:42:07 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\ElevatedDiagnostics
[2013/02/20 11:41:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/02/20 11:40:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2013/02/20 11:40:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics
[2013/02/20 10:28:26 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/02/20 10:26:27 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/02/20 09:25:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Files
[2013/02/20 09:22:05 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\.swt
[2013/02/20 09:20:49 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Azureus
[2013/02/20 09:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Vuze
[2013/02/20 09:05:36 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\vlc
[2013/02/20 09:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/02/20 09:05:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013/02/20 09:02:52 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Programs
[2013/02/20 09:00:22 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\.smtube
[2013/02/20 09:00:01 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\fontconfig
[2013/02/20 08:58:46 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\.smplayer
[2013/02/20 08:58:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer
[2013/02/20 08:58:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SMPlayer
[2013/02/20 08:58:24 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\OpenCandy
[2013/02/20 08:51:17 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2013/02/20 08:51:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer
[2013/02/20 08:45:33 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Malwarebytes
[2013/02/20 08:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/02/20 08:28:01 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady
[2013/02/20 08:22:04 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Microsoft Games
[2013/02/20 08:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/02/20 07:54:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013/02/20 07:49:43 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/02/20 07:49:43 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/02/20 07:49:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/02/20 07:48:45 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/02/20 07:48:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/02/20 07:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/02/20 07:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/02/20 07:47:26 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/02/20 07:44:49 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Macromedia
[2013/02/20 07:44:47 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Adobe
[2013/02/20 07:44:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/02/20 07:44:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013/02/20 07:43:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/02/20 07:37:15 | 000,900,608 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\netr28ux.sys
[2013/02/20 07:35:19 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/02/20 07:35:19 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Searches
[2013/02/20 07:35:19 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/02/20 07:35:18 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/02/20 07:35:07 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Identities
[2013/02/20 07:35:05 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Contacts
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\AppData\Local\Temporary Internet Files
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\Templates
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\Start Menu
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\SendTo
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\Recent
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\PrintHood
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\NetHood
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\Documents\My Videos
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\Documents\My Pictures
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\Documents\My Music
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\My Documents
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\Local Settings
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\AppData\Local\History
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\Cookies
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\Application Data
[2013/02/20 07:34:50 | 000,000,000 | -HSD | C] -- C:\Users\WayneAdams\AppData\Local\Application Data
[2013/02/20 07:34:49 | 000,000,000 | --SD | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft
[2013/02/20 07:34:49 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Videos
[2013/02/20 07:34:49 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Saved Games
[2013/02/20 07:34:49 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Pictures
[2013/02/20 07:34:49 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Music
[2013/02/20 07:34:49 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/02/20 07:34:49 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Links
[2013/02/20 07:34:49 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Favorites
[2013/02/20 07:34:49 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Downloads
[2013/02/20 07:34:49 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Documents
[2013/02/20 07:34:49 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Desktop
[2013/02/20 07:34:49 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/02/20 07:34:49 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Temp
[2013/02/20 07:34:49 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Microsoft
[2013/02/20 07:34:49 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Media Center Programs
[2013/02/20 07:34:49 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData
[2013/02/20 07:34:41 | 000,000,000 | -HSD | C] -- C:\Recovery
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/19 17:58:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\WayneAdams\Desktop\OTL.exe
[2013/03/19 17:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/19 17:00:00 | 000,000,424 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job
[2013/03/19 15:24:09 | 000,019,968 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/19 15:24:09 | 000,019,968 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/19 15:15:12 | 000,888,168 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/19 15:15:12 | 000,740,642 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/19 15:15:12 | 000,148,558 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/19 15:09:29 | 000,001,946 | ---- | M] () -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5520 series (Network).lnk
[2013/03/19 15:08:49 | 000,000,432 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2013/03/19 15:08:49 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\RegCure Startup.job
[2013/03/19 15:08:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/19 15:08:19 | 2132,991,999 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/19 14:37:46 | 000,000,263 | ---- | M] () -- C:\Users\WayneAdams\Desktop\After the First 48- Friends for Life Full Episode - The First 48 - A&E.url
[2013/03/19 05:08:05 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\PCFix.job
[2013/03/18 18:33:45 | 000,000,180 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Watch Big Fish Online Free - Crackle.url
[2013/03/18 18:32:13 | 000,000,238 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Root Verizon Samsung Galaxy S3 I535 Install Clockworkmod Recovery (2).url
[2013/03/18 17:07:13 | 000,000,238 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Root Verizon Samsung Galaxy S3 I535 Install Clockworkmod Recovery.url
[2013/03/18 16:24:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/17 20:00:00 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\RegCure.job
[2013/03/17 19:42:17 | 000,001,107 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013/03/17 19:30:56 | 000,001,161 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/17 18:32:29 | 000,001,975 | ---- | M] () -- C:\Users\WayneAdams\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/03/17 13:50:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}.ini
[2013/03/16 16:44:43 | 000,000,981 | ---- | M] () -- C:\Users\WayneAdams\Desktop\OCCT.lnk
[2013/03/16 15:51:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\attrib
[2013/03/16 15:48:42 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\type
[2013/03/16 14:54:28 | 000,409,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/03/16 14:30:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\]
[2013/03/16 13:44:51 | 000,000,091 | ---- | M] () -- C:\Windows\WININIT.INI
[2013/03/16 05:30:06 | 000,003,584 | ---- | M] () -- C:\Users\WayneAdams\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/16 00:17:50 | 000,000,168 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Google.url
[2013/03/15 23:59:12 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\RegCure.lnk
[2013/03/15 17:26:35 | 000,007,600 | ---- | M] () -- C:\Users\WayneAdams\AppData\Local\Resmon.ResmonCfg
[2013/03/15 16:16:10 | 000,002,001 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Skype.lnk
[2013/03/15 15:48:10 | 000,882,544 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/15 12:50:16 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2013/03/15 12:46:01 | 000,002,290 | ---- | M] () -- C:\Users\Public\Desktop\Apply Transformers Windows Theme.lnk
[2013/03/14 23:52:20 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2013/03/14 23:15:05 | 000,446,051 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/03/14 22:52:22 | 000,001,296 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2013/03/14 22:52:22 | 000,001,272 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Spybot - Search & Destroy.lnk
[2013/03/14 20:59:10 | 000,056,738 | ---- | M] () -- C:\Users\WayneAdams\Documents\cc_20130314_205832.reg backup 03.14.13.reg
[2013/03/14 20:51:34 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/14 06:53:45 | 008,246,053 | ---- | M] () -- C:\Users\WayneAdams\Documents\C_Spire_Wireless_L710_Galaxy_S_III_English_User_Manual_LI6_F5.pdf
[2013/03/13 23:20:51 | 000,000,246 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Memory Lane Shopping Cart.url
[2013/03/13 16:53:01 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk
[2013/03/13 14:22:19 | 000,001,026 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2013/03/12 06:56:01 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/03/12 00:12:36 | 000,128,201 | ---- | M] () -- C:\Users\WayneAdams\Desktop\GetSystemInfo_WAYNEADAMS-PC_WayneAdams_2013_03_12_00_12_21.zip
[2013/03/07 21:11:40 | 000,000,189 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Get rid of Babylon from your system - Process to delete Babylon infection Clean Spyware.url
[2013/03/07 07:27:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2013/03/07 03:39:05 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013/03/05 20:19:58 | 000,000,212 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Apps Safe to Remove on Samsung Galaxy S3 (Sprint Version, Stock Rooted) - xda-developers.url
[2013/03/03 23:58:15 | 000,000,016 | ---- | M] () -- C:\Users\WayneAdams\AppData\Roaming\mbam.context.scan
[2013/03/03 23:27:20 | 000,001,111 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/03/03 22:22:43 | 000,000,530 | ---- | M] () -- C:\Users\WayneAdams\Documents\Revo Uninstaller Pro 2.5.5 Complete License + Updates Allowed - BRiNGiT torrent - Windows - Other torrents - Software torrents - ExtraTorrent.com The World's Largest BitTorrent System.url
[2013/03/02 00:23:57 | 000,015,422 | ---- | M] () -- C:\Users\WayneAdams\Documents\MyContacts (1).csv.rtf
[2013/02/28 23:56:46 | 000,000,254 | ---- | M] () -- C:\Users\WayneAdams\Documents\Re-registering windows 64bit DLL's - Yahoo! Search Results.url
[2013/02/28 02:52:01 | 000,005,381 | ---- | M] () -- C:\Users\WayneAdams\Documents\FedEx.htm
[2013/02/28 01:56:56 | 000,001,451 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/02/28 00:15:48 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/02/28 00:15:44 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/02/27 23:43:06 | 000,001,112 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/02/27 19:16:20 | 000,001,385 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Logitech Webcam 200 - Shortcut.lnk
[2013/02/27 03:38:10 | 000,001,749 | ---- | M] () -- C:\Users\WayneAdams\Documents\CinemaNow.lnk
[2013/02/27 02:54:26 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/02/27 02:02:47 | 051,655,718 | ---- | M] () -- C:\Users\WayneAdams\Documents\WoW-BradyGAMES-enUS-Guide.pdf
[2013/02/24 18:58:56 | 000,000,277 | ---- | M] () -- C:\Users\WayneAdams\Documents\error_sxs_assembly_missing(0x80073701) - Google Search.url
[2013/02/24 13:17:22 | 000,001,095 | ---- | M] () -- C:\Users\WayneAdams\Desktop\FullTiltPoker.exe - Shortcut.lnk
[2013/02/24 11:17:47 | 000,053,425 | ---- | M] () -- C:\Users\WayneAdams\Documents\Equifax_FACT_Rpt_02242013.pdf
[2013/02/24 11:11:59 | 000,226,336 | ---- | M] () -- C:\Users\WayneAdams\Documents\credit report.PNG
[2013/02/23 21:04:07 | 000,473,172 | ---- | M] () -- C:\Users\WayneAdams\Documents\warcraft orders.PNG
[2013/02/22 22:43:07 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/02/22 22:42:26 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/02/22 20:51:54 | 000,034,308 | ---- | M] () -- C:\Windows\SysWow64\bassmod.dll
[2013/02/22 13:41:54 | 000,064,652 | ---- | M] () -- C:\Users\WayneAdams\Documents\phone order.PNG
[2013/02/22 13:37:18 | 000,085,722 | ---- | M] () -- C:\Users\WayneAdams\Documents\Order Confirmation.htm
[2013/02/22 01:21:36 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-WAYNEADAMS-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat
[2013/02/20 23:13:22 | 000,000,567 | ---- | M] () -- C:\Windows\SysNative\Settings.ini
[2013/02/20 20:35:21 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2013/02/20 20:34:30 | 000,002,216 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart 5520 series.lnk
[2013/02/20 20:34:30 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 5520 series.lnk
[2013/02/20 12:33:19 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/02/20 10:32:00 | 000,040,251 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/02/20 10:32:00 | 000,040,251 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/02/20 09:20:56 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/19 14:37:46 | 000,000,263 | ---- | C] () -- C:\Users\WayneAdams\Desktop\After the First 48- Friends for Life Full Episode - The First 48 - A&E.url
[2013/03/18 18:33:45 | 000,000,180 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Watch Big Fish Online Free - Crackle.url
[2013/03/18 18:32:13 | 000,000,238 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Root Verizon Samsung Galaxy S3 I535 Install Clockworkmod Recovery (2).url
[2013/03/18 17:07:13 | 000,000,238 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Root Verizon Samsung Galaxy S3 I535 Install Clockworkmod Recovery.url
[2013/03/18 16:24:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/17 19:42:12 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013/03/17 19:30:56 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/03/17 13:50:11 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}.ini
[2013/03/16 16:44:43 | 000,000,981 | ---- | C] () -- C:\Users\WayneAdams\Desktop\OCCT.lnk
[2013/03/16 15:50:31 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\attrib
[2013/03/16 15:48:42 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\type
[2013/03/16 14:30:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\]
[2013/03/16 13:44:44 | 000,000,091 | ---- | C] () -- C:\Windows\WININIT.INI
[2013/03/16 05:30:06 | 000,003,584 | ---- | C] () -- C:\Users\WayneAdams\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/16 00:22:57 | 000,000,398 | ---- | C] () -- C:\Windows\tasks\RegCure Startup.job
[2013/03/16 00:17:50 | 000,000,168 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Google.url
[2013/03/16 00:00:03 | 000,000,424 | ---- | C] () -- C:\Windows\tasks\RegCure Program Check.job
[2013/03/16 00:00:02 | 000,000,406 | ---- | C] () -- C:\Windows\tasks\RegCure.job
[2013/03/15 23:59:12 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\RegCure.lnk
[2013/03/15 17:26:35 | 000,007,600 | ---- | C] () -- C:\Users\WayneAdams\AppData\Local\Resmon.ResmonCfg
[2013/03/15 16:16:10 | 000,002,001 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Skype.lnk
[2013/03/15 12:50:16 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2013/03/15 12:46:01 | 000,002,290 | ---- | C] () -- C:\Users\Public\Desktop\Apply Transformers Windows Theme.lnk
[2013/03/15 08:56:17 | 000,001,946 | ---- | C] () -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5520 series (Network).lnk
[2013/03/15 08:39:35 | 000,002,216 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart 5520 series.lnk
[2013/03/15 08:39:35 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2013/03/15 08:39:35 | 000,001,190 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 5520 series.lnk
[2013/03/14 23:52:20 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/03/14 22:52:22 | 000,001,296 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2013/03/14 22:52:22 | 000,001,272 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Spybot - Search & Destroy.lnk
[2013/03/14 20:59:07 | 000,056,738 | ---- | C] () -- C:\Users\WayneAdams\Documents\cc_20130314_205832.reg backup 03.14.13.reg
[2013/03/14 20:51:34 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/14 06:53:45 | 008,246,053 | ---- | C] () -- C:\Users\WayneAdams\Documents\C_Spire_Wireless_L710_Galaxy_S_III_English_User_Manual_LI6_F5.pdf
[2013/03/13 23:20:51 | 000,000,246 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Memory Lane Shopping Cart.url
[2013/03/13 16:54:42 | 000,001,975 | ---- | C] () -- C:\Users\WayneAdams\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/03/13 16:53:01 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk
[2013/03/13 16:10:54 | 000,000,432 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2013/03/13 14:22:19 | 000,001,026 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2013/03/12 06:56:01 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/03/12 06:55:54 | 000,002,127 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/03/12 00:12:36 | 000,128,201 | ---- | C] () -- C:\Users\WayneAdams\Desktop\GetSystemInfo_WAYNEADAMS-PC_WayneAdams_2013_03_12_00_12_21.zip
[2013/03/07 21:11:40 | 000,000,189 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Get rid of Babylon from your system - Process to delete Babylon infection Clean Spyware.url
[2013/03/07 04:20:35 | 000,000,254 | ---- | C] () -- C:\Windows\tasks\PCFix.job
[2013/03/05 20:19:58 | 000,000,212 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Apps Safe to Remove on Samsung Galaxy S3 (Sprint Version, Stock Rooted) - xda-developers.url
[2013/03/03 23:58:15 | 000,000,016 | ---- | C] () -- C:\Users\WayneAdams\AppData\Roaming\mbam.context.scan
[2013/03/03 23:07:06 | 000,001,111 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/03/03 22:22:43 | 000,000,530 | ---- | C] () -- C:\Users\WayneAdams\Documents\Revo Uninstaller Pro 2.5.5 Complete License + Updates Allowed - BRiNGiT torrent - Windows - Other torrents - Software torrents - ExtraTorrent.com The World's Largest BitTorrent System.url
[2013/03/03 20:55:05 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/03/03 08:36:57 | 2132,991,999 | -HS- | C] () -- C:\hiberfil.sys
[2013/03/02 00:23:57 | 000,015,422 | ---- | C] () -- C:\Users\WayneAdams\Documents\MyContacts (1).csv.rtf
[2013/02/28 23:56:46 | 000,000,254 | ---- | C] () -- C:\Users\WayneAdams\Documents\Re-registering windows 64bit DLL's - Yahoo! Search Results.url
[2013/02/28 12:30:29 | 000,001,468 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2013/02/28 04:17:20 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013/02/28 02:51:59 | 000,005,381 | ---- | C] () -- C:\Users\WayneAdams\Documents\FedEx.htm
[2013/02/28 00:15:48 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/02/28 00:15:44 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/02/27 19:16:20 | 000,001,385 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Logitech Webcam 200 - Shortcut.lnk
[2013/02/27 19:13:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2013/02/27 02:02:46 | 051,655,718 | ---- | C] () -- C:\Users\WayneAdams\Documents\WoW-BradyGAMES-enUS-Guide.pdf
[2013/02/24 18:58:56 | 000,000,277 | ---- | C] () -- C:\Users\WayneAdams\Documents\error_sxs_assembly_missing(0x80073701) - Google Search.url
[2013/02/24 13:17:22 | 000,001,095 | ---- | C] () -- C:\Users\WayneAdams\Desktop\FullTiltPoker.exe - Shortcut.lnk
[2013/02/24 11:17:44 | 000,053,425 | ---- | C] () -- C:\Users\WayneAdams\Documents\Equifax_FACT_Rpt_02242013.pdf
[2013/02/24 11:11:59 | 000,226,336 | ---- | C] () -- C:\Users\WayneAdams\Documents\credit report.PNG
[2013/02/23 21:04:07 | 000,473,172 | ---- | C] () -- C:\Users\WayneAdams\Documents\warcraft orders.PNG
[2013/02/22 22:43:07 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/02/22 22:42:26 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/02/22 20:51:54 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2013/02/22 13:41:54 | 000,064,652 | ---- | C] () -- C:\Users\WayneAdams\Documents\phone order.PNG
[2013/02/22 13:37:18 | 000,085,722 | ---- | C] () -- C:\Users\WayneAdams\Documents\Order Confirmation.htm
[2013/02/22 01:26:02 | 000,882,544 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/02/22 01:21:36 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-WAYNEADAMS-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat
[2013/02/20 23:13:22 | 000,000,567 | ---- | C] () -- C:\Windows\SysNative\Settings.ini
[2013/02/20 22:14:00 | 000,001,749 | ---- | C] () -- C:\Users\WayneAdams\Documents\CinemaNow.lnk
[2013/02/20 21:48:44 | 000,001,161 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/02/20 20:35:21 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2013/02/20 07:53:53 | 003,035,306 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013/02/20 07:44:39 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/20 07:40:46 | 000,001,451 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/02/20 07:35:25 | 000,001,423 | ---- | C] () -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/02/20 07:35:20 | 000,001,457 | ---- | C] () -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/02/20 07:34:50 | 000,001,112 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/02/20 07:34:50 | 000,000,272 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/08/26 17:10:34 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe
[2012/08/20 23:15:22 | 003,978,240 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012/08/20 23:14:04 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/08/20 23:12:48 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012/08/20 23:12:34 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2012/08/20 23:12:32 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2012/08/20 23:12:30 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2012/08/20 23:12:28 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2012/08/20 23:12:28 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2012/08/20 23:12:28 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2012/08/20 23:12:24 | 000,330,240 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2012/07/19 14:56:08 | 000,172,544 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012/07/19 14:56:02 | 006,894,331 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2012/07/19 14:56:02 | 001,111,581 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2012/07/19 14:56:02 | 000,401,685 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012/07/19 14:56:02 | 000,232,895 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012/07/19 14:56:02 | 000,162,743 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2012/07/19 14:56:02 | 000,101,820 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-0.dll
[2012/01/18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/12/07 15:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011/09/08 10:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011/09/08 10:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011/09/08 10:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011/09/08 10:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011/09/08 10:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011/09/08 10:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011/09/08 10:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011/09/08 10:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011/09/08 09:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011/09/08 09:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011/05/30 09:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/05/23 03:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

========== ZeroAccess Check ==========

[2013/03/13 00:37:11 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/23 15:03:11 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/23 15:03:12 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\Windows\sysWOW64\wbem\fastprox.dll -- [2009/07/13 21:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/03/02 23:26:56 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Ant.com
[2013/03/04 09:05:02 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\AVG
[2013/03/19 18:41:01 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Azureus
[2013/03/07 03:25:06 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\DriverCure
[2013/03/19 16:20:36 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Dropbox
[2013/02/22 00:03:14 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\FreeFixer
[2013/03/14 17:18:47 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\GlarySoft
[2013/02/28 20:37:29 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Open Download Manager
[2013/03/05 06:27:15 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\OpenCandy
[2013/03/03 18:02:10 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\PC VITALWARE
[2013/03/07 04:08:59 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\PCFix
[2013/03/03 11:27:12 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\PowerISO
[2013/03/06 16:38:01 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\RPPrivate
[2013/03/03 11:27:13 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\SeriousBit
[2013/02/20 22:12:46 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Simple Star

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >

Edited by Dakeyras, 20 March 2013 - 08:00 AM.
Added new OTL log.

  • 0

Advertisements

#2
Essexboy
Posted 24 March 2013 - 05:45 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi and sorry for the delay could you update me on the current problems please

Download OTL to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    winsock.*
    /md5stop
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#3
AdamsWorld333
Posted 24 March 2013 - 07:25 AM

AdamsWorld333

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hows it going Essexboy and thank you for looking into my issues.

My main issue now is with the very strong stubborn Virus called,(ToolLauncher-Bootstrap.exe) located in a virtual drive G: that doesn't exit on my computer as far as I can see anyways. Total path is this; O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\ToolLauncher-Bootstrap.exe I don't beleive I have any issues with ComboFix anymore. After scanning completed, it only gave me one copy of the OTL and not the other called Extras. I'm also having issues with.NetFramework which popped up during OTL scan. I do have a copy of the OTL Extras folder from a previous scan. Here are my results.
Attached File  Extras.Txt   57.75KB   139 downloadsAttached File  OTL.Txt   384.07KB   117 downloads

OTL logfile created on: 3/24/2013 8:14:21 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\WayneAdams\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 5.40 Gb Available Physical Memory | 67.65% Memory free
15.96 Gb Paging File | 13.21 Gb Available in Paging File | 82.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 724.97 Gb Free Space | 77.84% Space Free | Partition Type: NTFS

Computer Name: WAYNEADAMS-PC | User Name: WayneAdams | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/22 05:35:57 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/03/22 05:31:09 | 000,706,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
PRC - [2013/03/19 17:58:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\WayneAdams\Desktop\OTL.exe
PRC - [2013/03/04 09:24:22 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/17 18:14:14 | 000,059,872 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012/11/26 07:14:06 | 000,213,344 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\ytbb.exe
PRC - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2010/11/17 10:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/06/23 18:40:12 | 000,127,352 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2009/06/02 20:05:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/11 22:56:46 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/10/11 22:56:22 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/03/04 09:24:22 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2013/01/17 17:23:56 | 000,292,736 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag)
SRV:64bit: - [2012/07/11 14:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2013/03/22 07:02:34 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/07 10:30:44 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/07/13 21:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/06/23 18:40:12 | 000,127,352 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/02 20:05:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/02/22 22:39:09 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/02/20 12:33:19 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/02/20 11:07:40 | 000,058,416 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013/02/20 11:07:38 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/01/27 09:35:46 | 000,127,384 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2013/01/10 15:08:16 | 000,190,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013/01/10 15:08:16 | 000,059,440 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2013/01/10 15:08:14 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/12/19 01:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/01/18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/10/04 06:22:16 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2011/10/04 06:22:16 | 000,095,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/10 15:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 15:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/10/20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009/12/30 12:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/09/22 21:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009/09/22 21:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009/08/02 07:56:28 | 000,900,608 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/07 14:48:44 | 000,035,376 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\purendis.sys -- (purendis)
DRV:64bit: - [2009/07/07 14:48:44 | 000,033,328 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\pnarp.sys -- (pnarp)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 02:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:64bit: - [2009/06/02 02:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:64bit: - [2009/06/02 02:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV - [2010/10/22 10:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-tyc9
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\..\SearchScopes,DefaultScope = {D0073D66-AF66-4945-B4B4-9345E6AAD67A}
IE - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\..\SearchScopes\{D0073D66-AF66-4945-B4B4-9345E6AAD67A}: "URL" = http://www.google.co...1I7NDKB_enUS528
IE - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\WayneAdams\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/17 19:30:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/03/24 00:11:51 | 000,000,000 | ---D | M]

[2013/02/20 21:51:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Extensions
[2013/03/09 19:50:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\1iwghh1z.default\extensions
[2013/03/08 19:57:42 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\1iwghh1z.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/03/04 00:56:54 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\1iwghh1z.default\extensions\[email protected]
[2013/02/23 18:21:28 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\1iwghh1z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/03/15 17:41:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/17 19:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2013/03/17 19:30:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/03/07 10:31:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/03/07 10:30:20 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/07 10:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\WayneAdams\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

O1 HOSTS File: ([2013/03/22 17:27:03 | 000,446,115 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 systweak.com
O1 - Hosts: 127.0.0.1 www.systweak.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 15319 more lines...
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3:64bit: - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [Linksys Wireless Manager] C:\Program Files (x86)\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000..\Run: [WinThemePack Logon] C:\Program Files (x86)\WinThemePack\World Of WarCraft Logon Screen\tweak.exe (WinThemePack.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O7 - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O7 - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O7 - HKU\S-1-5-21-2629703898-4215698026-1282701747-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C27EF250-A2EE-4DB1-AC09-15DAF292E389}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (EXPLORER.EXE) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\SysNative\WPDShServiceObj.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2012/04/11 19:17:47 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/03/22 17:40:23 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{a2a3569d-7b69-11e2-97b8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a2a3569d-7b69-11e2-97b8-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\ToolLauncher-Bootstrap.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\VZW_Software_upgrade_assistant_installer.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/03/24 05:49:34 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2013/03/24 05:48:49 | 026,947,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013/03/24 05:48:49 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013/03/24 05:48:49 | 020,534,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013/03/24 05:48:49 | 015,038,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013/03/24 05:48:49 | 009,422,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013/03/24 05:48:49 | 007,964,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013/03/24 05:48:49 | 007,569,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013/03/24 05:48:49 | 006,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013/03/24 05:48:49 | 002,911,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013/03/24 05:48:49 | 002,726,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013/03/24 05:48:49 | 002,350,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013/03/24 05:48:49 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013/03/24 05:48:49 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll
[2013/03/24 05:48:49 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll
[2013/03/24 05:48:49 | 000,963,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013/03/24 05:48:49 | 000,250,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013/03/24 05:48:49 | 000,205,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013/03/24 05:48:48 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013/03/24 00:14:57 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\ESET
[2013/03/24 00:14:57 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\ESET
[2013/03/24 00:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2013/03/24 00:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013/03/24 00:11:19 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/03/22 20:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERSetup
[2013/03/22 17:40:23 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2013/03/22 13:02:07 | 000,000,000 | ---D | C] -- C:\wifidata
[2013/03/22 13:01:43 | 005,350,120 | ---- | C] (IO3O LLC ) -- C:\Users\WayneAdams\Documents\mywifi216.exe
[2013/03/22 12:59:04 | 000,040,208 | ---- | C] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2013/03/22 12:58:27 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.new
[2013/03/22 05:32:53 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Google
[2013/03/22 05:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/22 05:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/03/22 05:31:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013/03/22 05:14:07 | 006,393,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013/03/22 05:14:07 | 003,472,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013/03/22 05:14:07 | 002,558,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013/03/22 05:14:07 | 000,237,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013/03/22 05:14:07 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013/03/22 05:13:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/03/22 04:45:31 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/03/22 04:28:47 | 000,000,000 | ---D | C] -- C:\@RestoreQuarantine
[2013/03/21 19:50:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reanimator
[2013/03/21 19:02:14 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\RegRun2
[2013/03/21 18:45:37 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/03/21 18:45:28 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/03/21 18:45:28 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/03/21 18:45:28 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/03/21 17:51:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IO3O LLC
[2013/03/21 07:21:49 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/03/20 09:31:54 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Systweak
[2013/03/20 09:31:53 | 000,020,312 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2013/03/20 09:31:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2013/03/20 09:31:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegClean Pro
[2013/03/20 08:19:17 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\f-secure
[2013/03/20 08:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2013/03/20 06:51:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013/03/20 06:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Linksys Wireless Manager
[2013/03/20 06:13:14 | 000,033,328 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\SysNative\drivers\pnarp.sys
[2013/03/20 06:13:09 | 000,035,376 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\SysNative\drivers\purendis.sys
[2013/03/19 20:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pure Networks
[2013/03/19 20:33:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Linksys
[2013/03/19 20:33:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pure Networks Shared
[2013/03/19 20:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Pure Networks
[2013/03/19 19:09:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/03/19 17:58:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\WayneAdams\Desktop\OTL.exe
[2013/03/19 14:51:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/03/19 14:51:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/03/19 13:53:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013/03/18 22:39:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/03/18 15:42:11 | 000,203,320 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013/03/18 15:42:11 | 000,095,544 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013/03/18 15:41:09 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2013/03/18 15:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013/03/18 15:38:09 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Dropbox
[2013/03/18 15:29:37 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Desktop\samsung appt
[2013/03/17 19:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2013/03/17 19:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2013/03/17 19:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/03/17 19:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/03/17 17:53:59 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\{900E1508-395D-46EF-A28F-C6809B858857}
[2013/03/17 17:53:59 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\{7CD17FAE-0DC0-4D61-AEC2-F9ED8E0A9819}
[2013/03/17 12:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio 2010
[2013/03/17 08:49:18 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Unity
[2013/03/16 17:11:30 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
[2013/03/16 16:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT
[2013/03/16 16:44:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OCCTPT
[2013/03/15 23:59:12 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure
[2013/03/15 22:49:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/03/15 17:46:19 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Macromedia
[2013/03/15 17:41:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/15 15:55:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/03/15 15:49:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013/03/15 12:50:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI
[2013/03/15 12:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transformers Windows Theme
[2013/03/15 11:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013/03/15 08:38:09 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/03/15 00:01:39 | 000,712,552 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\HPDiscoPMB111.dll
[2013/03/14 22:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2013/03/14 22:52:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2013/03/14 20:51:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/03/14 20:51:32 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/03/14 17:18:47 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\GlarySoft
[2013/03/13 21:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2013/03/13 21:18:29 | 000,000,000 | ---D | C] -- C:\Upload
[2013/03/13 21:17:54 | 000,000,000 | ---D | C] -- C:\AllShare Play
[2013/03/13 17:31:52 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\{DD4E68DA-DBCD-4C1F-B85E-FF8A7BEBE383}
[2013/03/13 16:54:42 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/03/13 16:53:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
[2013/03/13 16:53:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileASSASSIN
[2013/03/13 15:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\RegInOut
[2013/03/13 14:22:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2013/03/13 14:22:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
[2013/03/13 00:45:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/13 00:45:47 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/13 00:45:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/13 00:45:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/13 00:45:46 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/13 00:45:46 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/13 00:45:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/13 00:45:46 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/13 00:45:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/13 00:45:45 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/13 00:45:45 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/13 00:45:45 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/13 00:45:44 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/13 00:45:44 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/13 00:45:44 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/13 00:45:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/13 00:45:11 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2013/03/12 06:55:16 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2013/03/12 05:33:35 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisRtl.dll
[2013/03/12 05:33:35 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisRtl.dll
[2013/03/12 05:33:35 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ahadmin.dll
[2013/03/12 05:33:35 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admwprox.dll
[2013/03/12 05:33:35 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admwprox.dll
[2013/03/12 05:33:35 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ahadmin.dll
[2013/03/12 05:33:35 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisreset.exe
[2013/03/12 05:33:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisreset.exe
[2013/03/12 05:33:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wamregps.dll
[2013/03/12 05:33:35 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisrstap.dll
[2013/03/12 05:33:35 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wamregps.dll
[2013/03/12 05:33:35 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisrstap.dll
[2013/03/11 13:55:59 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/03/11 13:55:51 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/03/11 13:55:51 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/03/11 13:55:51 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/03/11 13:45:57 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2013/03/07 21:59:14 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013/03/07 17:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/03/07 17:05:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/03/07 16:49:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/07 10:21:33 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\SKIDROW
[2013/03/07 08:36:09 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Microsoft Help
[2013/03/07 04:07:32 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\PCFix
[2013/03/07 03:39:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2013/03/07 03:25:06 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\DriverCure
[2013/03/07 02:37:33 | 000,000,000 | ---D | C] -- C:\Encryption
[2013/03/06 11:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\God Of War Windows Theme
[2013/03/06 11:13:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World Of WarCraft Logon Screen
[2013/03/06 11:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D Forms Windows Theme
[2013/03/06 11:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinThemePack
[2013/03/06 11:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alien Form Logon Screen
[2013/03/05 17:06:33 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Supreme Savings
[2013/03/05 03:58:31 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/03/05 03:57:23 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/03/04 16:49:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XP Repair Pro 4.0
[2013/03/04 09:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/03/03 23:07:05 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2013/03/03 23:07:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2013/03/03 21:21:58 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Apple Computer
[2013/03/03 20:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/03/03 20:59:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/03/03 20:48:08 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\VS Revo Group
[2013/03/03 20:48:06 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2013/03/03 20:48:05 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/03/03 18:02:10 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\PC VITALWARE
[2013/03/03 18:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\PC VITALWARE
[2013/03/03 16:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/03 16:01:09 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/03/03 16:01:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/03/02 22:55:56 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\IsolatedStorage
[2013/03/01 07:18:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ballance
[2013/03/01 07:17:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio
[2013/02/28 20:37:29 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Open Download Manager
[2013/02/28 18:07:52 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Ant.com
[2013/02/28 17:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/02/28 14:15:35 | 000,000,000 | ---D | C] -- C:\ProgramData\GroupPolicy
[2013/02/28 12:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2013/02/28 12:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2013/02/28 10:40:08 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\SeriousBit
[2013/02/28 04:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zuxxez
[2013/02/28 04:18:45 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\PowerISO
[2013/02/28 04:17:19 | 000,127,384 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys
[2013/02/28 04:17:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO
[2013/02/28 03:42:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/02/28 00:15:49 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/02/28 00:15:48 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/02/28 00:15:48 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/02/28 00:15:48 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/02/28 00:15:48 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/02/28 00:15:48 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2013/02/28 00:15:48 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/02/28 00:15:48 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/02/28 00:15:48 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/02/28 00:15:48 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/02/28 00:15:48 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/02/28 00:15:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2013/02/28 00:15:48 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/02/28 00:15:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/02/28 00:15:48 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/02/28 00:15:48 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/02/28 00:15:47 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/02/28 00:15:47 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/02/28 00:15:47 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/02/28 00:15:47 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/02/28 00:15:47 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/02/28 00:15:47 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/02/28 00:15:47 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/02/28 00:15:46 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2013/02/28 00:15:46 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/02/28 00:15:46 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/02/28 00:15:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2013/02/28 00:15:46 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2013/02/28 00:15:46 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/02/28 00:15:45 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/02/28 00:15:45 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/02/28 00:15:45 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/02/28 00:15:45 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/02/28 00:15:45 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/02/28 00:15:45 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2013/02/28 00:15:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2013/02/28 00:15:45 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2013/02/28 00:15:45 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/02/28 00:15:45 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/02/28 00:15:45 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/02/28 00:15:45 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2013/02/28 00:15:45 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/02/28 00:15:45 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/02/28 00:15:45 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/02/28 00:15:45 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/02/28 00:15:45 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/02/28 00:15:45 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/02/28 00:15:45 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/02/28 00:15:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/02/28 00:15:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/02/28 00:15:45 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/02/28 00:15:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/02/28 00:15:44 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/02/28 00:15:44 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/02/28 00:15:44 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/02/28 00:15:44 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/02/28 00:15:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/02/27 19:13:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd
[2013/02/27 19:13:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2013/02/27 03:38:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CinemaNow
[2013/02/27 03:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildGames
[2013/02/27 03:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent
[2013/02/27 03:16:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildGames
[2013/02/27 03:03:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013/02/27 03:03:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2013/02/27 01:06:29 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Google
[2013/02/27 01:06:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/02/27 01:03:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013/02/27 01:03:02 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/02/26 19:48:45 | 001,085,344 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013/02/26 19:48:45 | 000,963,488 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013/02/26 01:05:45 | 000,000,000 | -H-D | C] -- C:\Windows\Icons
[2013/02/25 20:17:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2013/02/25 20:17:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2013/02/25 08:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2013/02/25 08:16:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2013/02/25 08:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013/02/25 01:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013/02/25 00:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ErrorEND64
[2013/02/25 00:39:53 | 000,000,000 | ---D | C] -- C:\inetpub
[2013/02/24 19:25:19 | 069,796,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2013/02/24 18:13:09 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Diagnostics
[2013/02/24 15:43:15 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\VMware
[2013/02/24 14:55:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2013/02/24 14:38:53 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2013/02/24 14:38:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/02/24 14:33:42 | 000,011,832 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\acpimof.dll
[2013/02/24 14:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2013/02/24 14:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/02/24 13:54:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2013/02/24 13:52:33 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\Outlook Files
[2013/02/24 13:43:40 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcvmm.sys.mui
[2013/02/24 13:43:40 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpchbus.sys.mui
[2013/02/24 13:43:40 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpchbus.sys.mui
[2013/02/24 13:43:40 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpchbus.sys.mui
[2013/02/24 13:43:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcnfltr.sys.mui
[2013/02/24 13:43:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcnfltr.sys.mui
[2013/02/24 13:43:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcnfltr.sys.mui
[2013/02/24 13:43:35 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpchbus.sys.mui
[2013/02/24 13:43:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpchbus.sys.mui
[2013/02/24 13:43:34 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys
[2013/02/24 13:43:34 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys
[2013/02/24 13:43:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpchbuspipe.dll
[2013/02/24 13:43:34 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpchbus.sys.mui
[2013/02/24 13:43:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcuxd.sys.mui
[2013/02/24 13:43:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcuxd.sys.mui
[2013/02/24 13:43:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcusb.sys.mui
[2013/02/24 13:43:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcusb.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcuxd.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcuxd.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcuxd.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcuxd.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcuxd.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcuxd.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcuxd.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcuxd.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcuxd.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcuxd.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcuxd.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcusb.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcusb.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcusb.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcusb.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcusb.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcusb.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcusb.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcusb.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcusb.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcusb.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcusb.sys.mui
[2013/02/24 13:43:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcusb.sys.mui
[2013/02/24 13:43:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcuxd.sys.mui
[2013/02/24 13:43:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcuxd.sys.mui
[2013/02/24 13:43:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcuxd.sys.mui
[2013/02/24 13:43:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcuxd.sys.mui
[2013/02/24 13:43:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcusb.sys.mui
[2013/02/24 13:43:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcusb.sys.mui
[2013/02/24 13:43:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcusb.sys.mui
[2013/02/24 13:43:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcusb.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcuxd.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcuxd.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcuxd.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcuxd.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcuxd.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcuxd.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcuxd.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcuxd.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcusb.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcusb.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcusb.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcusb.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcusb.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcusb.sys.mui
[2013/02/24 13:43:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcusb.sys.mui
[2013/02/24 13:31:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Processor ID Utility
[2013/02/24 13:31:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Corporation
[2013/02/24 13:27:25 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2013/02/24 13:27:25 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2013/02/24 13:27:24 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2013/02/24 13:27:24 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2013/02/24 13:27:24 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2013/02/24 13:27:24 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2013/02/24 13:27:23 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2013/02/24 13:27:19 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/02/24 13:27:19 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/02/24 13:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Utilities
[2013/02/24 13:24:24 | 001,367,424 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranFD.exe
[2013/02/24 13:24:24 | 000,292,736 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragS.exe
[2013/02/24 13:24:24 | 000,287,616 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDC.exe
[2013/02/24 13:24:24 | 000,256,896 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefrag.dll
[2013/02/24 13:24:24 | 000,132,480 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragBT.exe
[2013/02/24 13:16:39 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\FullTiltPoker
[2013/02/24 12:50:56 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Macrovision
[2013/02/24 12:50:27 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Sonic_Solutions
[2013/02/24 09:00:17 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2013/02/24 09:00:17 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2013/02/24 09:00:11 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/02/24 09:00:11 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/02/24 08:59:55 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2013/02/24 08:59:40 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2013/02/24 08:59:40 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2013/02/23 23:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2013/02/23 21:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2013/02/23 15:16:00 | 005,500,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/02/23 15:16:00 | 003,957,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/02/23 15:16:00 | 003,902,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/02/23 15:14:55 | 000,287,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/02/23 15:13:47 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/02/23 15:13:47 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/02/23 15:13:47 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/02/23 15:13:47 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/02/23 15:13:47 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/02/23 15:13:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/02/23 15:13:47 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/02/23 15:13:46 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/02/23 15:13:46 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/02/23 15:13:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/02/23 15:13:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/02/23 15:13:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/02/23 15:13:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/02/23 15:13:46 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/02/23 15:13:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/02/23 15:13:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/02/23 15:13:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/02/23 15:13:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/02/23 15:13:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/02/23 15:13:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/02/23 15:13:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/02/23 15:13:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/02/23 15:13:15 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/02/23 15:12:37 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/02/23 15:12:37 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/02/23 15:12:37 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/02/23 15:12:37 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/02/23 15:12:37 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/02/23 15:12:37 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/02/23 15:12:37 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/02/23 15:12:37 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/02/23 15:12:37 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/02/23 15:12:37 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/02/23 15:12:37 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/02/23 15:12:37 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/02/23 15:12:37 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/02/23 15:12:37 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/02/23 15:12:37 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/02/23 15:12:37 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/02/23 15:12:37 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/02/23 15:12:37 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/02/23 15:12:37 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/02/23 15:12:37 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/02/23 15:12:37 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/02/23 15:12:37 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/02/23 15:12:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/02/23 15:12:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/02/23 15:12:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/02/23 15:12:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/02/23 15:12:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/02/23 15:12:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/02/23 15:12:37 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/02/23 15:12:37 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/02/23 15:12:36 | 002,745,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/02/23 15:12:36 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/02/23 15:11:24 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/02/23 15:11:24 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/02/23 15:10:29 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/02/23 15:08:15 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2013/02/23 15:08:14 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2013/02/23 15:06:52 | 001,462,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/02/23 15:06:52 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/02/23 15:06:19 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2013/02/23 15:05:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2013/02/23 15:05:14 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/02/23 15:04:28 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/02/23 15:04:04 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013/02/23 15:02:20 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2013/02/23 15:02:20 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2013/02/23 15:02:19 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2013/02/23 15:01:12 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2013/02/23 14:58:39 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/02/23 14:58:39 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/02/23 14:58:39 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/02/23 14:58:38 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/02/23 14:58:38 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/02/23 14:57:46 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2013/02/23 14:57:31 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2013/02/23 14:57:30 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2013/02/23 14:57:05 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2013/02/23 14:56:53 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/02/23 14:56:40 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2013/02/23 14:56:40 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/02/23 14:56:39 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/02/23 14:56:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/02/23 14:56:39 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/02/23 14:56:38 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2013/02/23 14:56:26 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2013/02/23 14:56:26 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013/02/23 14:56:26 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/02/23 14:56:26 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/02/23 14:55:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/02/23 14:55:35 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2013/02/23 14:55:34 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2013/02/23 14:54:46 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2013/02/23 14:54:46 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2013/02/23 14:54:46 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2013/02/23 14:54:46 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2013/02/23 14:54:46 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2013/02/23 14:54:46 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2013/02/23 14:54:46 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2013/02/23 14:54:46 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2013/02/23 14:54:46 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2013/02/23 14:54:46 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2013/02/23 14:54:34 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013/02/23 14:54:34 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2013/02/23 14:54:15 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2013/02/23 14:54:04 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2013/02/23 14:54:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2013/02/23 14:54:04 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2013/02/23 14:54:04 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2013/02/23 14:54:04 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2013/02/23 14:54:03 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2013/02/23 14:54:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2013/02/23 14:54:03 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2013/02/23 14:54:03 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2013/02/23 14:52:49 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2013/02/23 14:52:49 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2013/02/23 14:52:29 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2013/02/23 14:52:28 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2013/02/23 14:52:28 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2013/02/23 14:52:28 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2013/02/23 14:52:28 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2013/02/23 14:52:28 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2013/02/23 14:52:28 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2013/02/23 14:52:28 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2013/02/23 14:52:28 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2013/02/23 14:52:27 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2013/02/23 14:52:27 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2013/02/23 14:52:27 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2013/02/23 14:52:27 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2013/02/23 14:50:08 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/02/23 14:50:08 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013/02/23 14:49:47 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2013/02/23 14:49:47 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2013/02/23 14:49:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2013/02/23 14:49:38 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2013/02/23 14:49:17 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2013/02/23 14:49:17 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2013/02/23 14:49:17 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2013/02/23 14:49:17 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2013/02/23 14:49:06 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013/02/23 14:49:06 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013/02/23 14:49:06 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013/02/23 14:49:06 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013/02/23 14:49:06 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2013/02/23 14:49:06 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2013/02/23 14:49:06 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2013/02/23 14:48:53 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/02/23 14:48:53 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/02/23 14:48:22 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2013/02/23 14:48:22 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2013/02/23 14:48:22 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2013/02/23 14:48:22 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2013/02/23 14:48:22 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2013/02/23 14:48:22 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2013/02/23 14:47:39 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013/02/23 14:47:39 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013/02/23 14:47:38 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2013/02/23 14:47:38 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2013/02/23 14:47:37 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2013/02/23 14:47:37 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2013/02/23 14:46:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2013/02/23 14:46:30 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2013/02/23 14:46:30 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2013/02/23 14:46:30 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013/02/23 14:46:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2013/02/23 14:46:29 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2013/02/23 14:46:29 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2013/02/23 14:46:11 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2013/02/23 14:46:11 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2013/02/23 14:45:59 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2013/02/23 14:45:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2013/02/23 14:45:41 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2013/02/23 14:45:27 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/02/23 14:45:15 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2013/02/23 14:45:15 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2013/02/23 14:45:08 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013/02/23 14:44:59 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2013/02/23 14:44:59 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2013/02/23 14:44:59 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2013/02/23 14:44:59 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2013/02/23 14:44:59 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2013/02/23 14:44:58 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2013/02/23 14:44:58 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2013/02/23 14:44:58 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2013/02/23 14:44:50 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2013/02/23 14:44:44 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2013/02/23 14:44:33 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2013/02/23 14:44:27 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2013/02/23 14:43:30 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2013/02/23 14:43:30 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2013/02/23 14:43:30 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2013/02/23 14:43:30 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2013/02/23 14:43:28 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2013/02/23 14:43:28 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2013/02/23 14:43:28 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2013/02/23 14:43:27 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2013/02/23 14:43:25 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2013/02/23 14:43:25 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2013/02/23 14:43:24 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2013/02/23 14:43:24 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2013/02/23 14:43:21 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2013/02/23 14:43:20 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2013/02/23 14:43:20 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2013/02/23 14:43:19 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2013/02/23 00:36:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/02/23 00:36:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/02/22 22:44:49 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/02/22 22:44:49 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/02/22 22:44:49 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/02/22 22:44:49 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/02/22 22:43:40 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2013/02/22 22:43:40 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2013/02/22 22:43:07 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013/02/22 22:43:07 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013/02/22 22:43:07 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013/02/22 22:43:07 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013/02/22 22:42:26 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/02/22 22:42:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013/02/22 22:41:13 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2013/02/22 22:41:13 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2013/02/22 22:41:12 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2013/02/22 22:39:09 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/02/22 22:39:09 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2013/02/22 22:36:00 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/02/22 22:36:00 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/02/22 22:35:59 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/02/22 22:35:59 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/02/22 22:34:18 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2013/02/22 22:34:18 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2013/02/22 22:33:33 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/02/22 22:33:33 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/02/22 22:33:32 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013/02/22 22:33:32 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013/02/22 22:31:27 | 000,025,472 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2013/02/22 22:22:03 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\AVG
[2013/02/22 22:21:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013/02/22 22:16:03 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\VirtualStore
[2013/02/22 21:44:46 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2013/02/22 16:05:11 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\RPPrivate
[2013/02/22 14:55:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2013/02/22 14:38:28 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\WinRAR
[2013/02/22 14:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/02/22 14:34:29 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Desktop\Security
[2013/02/22 11:47:05 | 001,510,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2013/02/22 11:47:05 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013/02/22 11:47:05 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013/02/22 11:33:28 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/02/22 11:33:28 | 000,782,240 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/24 07:57:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/24 07:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/24 05:57:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/24 05:52:59 | 000,888,168 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/24 05:52:59 | 000,739,030 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/24 05:52:59 | 000,147,956 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/24 05:07:17 | 000,019,968 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/24 05:07:17 | 000,019,968 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/24 05:02:02 | 000,000,432 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2013/03/24 05:01:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/24 05:01:48 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2013/03/24 05:01:41 | 2132,991,999 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/24 00:01:35 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/03/22 20:06:13 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.new
[2013/03/22 19:27:01 | 000,000,100 | ---- | M] () -- C:\Windows\SysNative\Partizan.RRI
[2013/03/22 17:27:03 | 000,446,115 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/03/22 17:25:29 | 000,446,115 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130322-172703.backup
[2013/03/22 17:25:07 | 000,446,115 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130322-172529.backup
[2013/03/22 16:29:18 | 000,446,115 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130322-172507.backup
[2013/03/22 15:01:10 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2013/03/22 13:01:49 | 005,350,120 | ---- | M] (IO3O LLC ) -- C:\Users\WayneAdams\Documents\mywifi216.exe
[2013/03/22 13:00:52 | 000,002,293 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/22 12:59:04 | 000,040,208 | ---- | M] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2013/03/22 12:21:27 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2013/03/22 12:21:27 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\CONFIG.NT
[2013/03/22 12:21:27 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2013/03/22 07:02:34 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/22 07:02:34 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/22 05:58:06 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/22 05:12:43 | 000,409,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/03/21 19:41:56 | 000,004,608 | ---- | M] () -- C:\backupvbr
[2013/03/21 19:02:14 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\UnHackMe Task Scheduler.job
[2013/03/21 18:56:55 | 000,000,256 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Mecklenburg County, NC Full Episode - Beyond Scared Straight - A&E.url
[2013/03/21 18:45:24 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/03/21 18:45:23 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/03/21 18:45:23 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/03/21 18:45:23 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/03/21 18:45:22 | 001,085,344 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013/03/21 18:45:22 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013/03/20 10:22:51 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2013/03/20 10:21:46 | 000,001,680 | ---- | M] () -- C:\Windows\SysNative\ASOROSet.bin
[2013/03/20 10:03:22 | 000,446,115 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130322-162918.backup
[2013/03/20 09:16:52 | 000,000,981 | ---- | M] () -- C:\Users\WayneAdams\Desktop\OCCT.lnk
[2013/03/19 20:03:06 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\cd
[2013/03/19 17:58:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\WayneAdams\Desktop\OTL.exe
[2013/03/18 18:33:45 | 000,000,180 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Watch Big Fish Online Free - Crackle.url
[2013/03/18 17:07:13 | 000,000,238 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Root Verizon Samsung Galaxy S3 I535 Install Clockworkmod Recovery.url
[2013/03/18 16:24:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/17 19:42:17 | 000,001,107 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013/03/17 19:30:56 | 000,001,161 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/16 15:51:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\attrib
[2013/03/16 15:48:42 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\type
[2013/03/16 14:30:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\]
[2013/03/16 13:44:51 | 000,000,091 | ---- | M] () -- C:\Windows\WININIT.INI
[2013/03/16 05:30:06 | 000,003,584 | ---- | M] () -- C:\Users\WayneAdams\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/16 00:17:50 | 000,000,168 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Google.url
[2013/03/15 17:26:35 | 000,007,600 | ---- | M] () -- C:\Users\WayneAdams\AppData\Local\Resmon.ResmonCfg
[2013/03/15 16:16:10 | 000,002,001 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Skype.lnk
[2013/03/15 15:48:10 | 000,882,544 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/15 12:50:16 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2013/03/15 12:46:01 | 000,002,290 | ---- | M] () -- C:\Users\Public\Desktop\Apply Transformers Windows Theme.lnk
[2013/03/14 23:52:20 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2013/03/14 22:52:22 | 000,001,296 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2013/03/14 22:52:22 | 000,001,272 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Spybot - Search & Destroy.lnk
[2013/03/13 14:22:19 | 000,001,026 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2013/03/11 13:55:46 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/03/11 13:55:45 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/03/11 13:55:45 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/03/11 13:55:45 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/03/11 13:55:45 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/03/11 13:55:45 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/03/07 03:39:05 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013/03/05 20:19:58 | 000,000,212 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Apps Safe to Remove on Samsung Galaxy S3 (Sprint Version, Stock Rooted) - xda-developers.url
[2013/03/04 14:15:42 | 069,796,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2013/03/03 23:27:20 | 000,001,111 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/02/28 16:27:28 | 000,020,312 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2013/02/28 01:56:56 | 000,001,451 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/02/28 00:15:49 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/02/28 00:15:48 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/02/28 00:15:48 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/02/28 00:15:48 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/02/28 00:15:48 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/02/28 00:15:48 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2013/02/28 00:15:48 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/02/28 00:15:48 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/02/28 00:15:48 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/02/28 00:15:48 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/02/28 00:15:48 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/02/28 00:15:48 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2013/02/28 00:15:48 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/02/28 00:15:48 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/02/28 00:15:48 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/02/28 00:15:48 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/02/28 00:15:48 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/02/28 00:15:47 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/02/28 00:15:47 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/02/28 00:15:47 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/02/28 00:15:47 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/02/28 00:15:47 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/02/28 00:15:47 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/02/28 00:15:47 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/02/28 00:15:46 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2013/02/28 00:15:46 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/02/28 00:15:46 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/02/28 00:15:46 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2013/02/28 00:15:46 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2013/02/28 00:15:46 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/02/28 00:15:45 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/02/28 00:15:45 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/02/28 00:15:45 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/02/28 00:15:45 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/02/28 00:15:45 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/02/28 00:15:45 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2013/02/28 00:15:45 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2013/02/28 00:15:45 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2013/02/28 00:15:45 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/02/28 00:15:45 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/02/28 00:15:45 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/02/28 00:15:45 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2013/02/28 00:15:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/02/28 00:15:45 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/02/28 00:15:45 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/02/28 00:15:45 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/02/28 00:15:45 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/02/28 00:15:45 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/02/28 00:15:45 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/02/28 00:15:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/02/28 00:15:45 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/02/28 00:15:45 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/02/28 00:15:45 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/02/28 00:15:44 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/02/28 00:15:44 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/02/28 00:15:44 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/02/28 00:15:44 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/02/28 00:15:44 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/02/28 00:15:44 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/02/27 23:43:06 | 000,001,112 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/02/27 19:16:20 | 000,001,385 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Logitech Webcam 200 - Shortcut.lnk
[2013/02/27 03:38:10 | 000,001,749 | ---- | M] () -- C:\Users\WayneAdams\Documents\CinemaNow.lnk
[2013/02/27 02:54:26 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/02/24 18:34:50 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013/02/24 13:17:22 | 000,001,095 | ---- | M] () -- C:\Users\WayneAdams\Desktop\FullTiltPoker.exe - Shortcut.lnk
[2013/02/23 15:16:00 | 005,500,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/02/23 15:16:00 | 003,957,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/02/23 15:16:00 | 003,902,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/02/23 15:14:55 | 000,287,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/02/23 15:13:47 | 001,161,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/02/23 15:13:47 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/02/23 15:13:47 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/02/23 15:13:47 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/02/23 15:13:47 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/02/23 15:13:47 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/02/23 15:13:47 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/02/23 15:13:46 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/02/23 15:13:46 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/02/23 15:13:46 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/02/23 15:13:46 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/02/23 15:13:46 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/02/23 15:13:46 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/02/23 15:13:46 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/02/23 15:13:46 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/02/23 15:13:46 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/02/23 15:13:46 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/02/23 15:13:46 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/02/23 15:13:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/02/23 15:13:46 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/02/23 15:13:45 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/02/23 15:13:45 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/02/23 15:13:45 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/02/23 15:13:45 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/02/23 15:13:45 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/02/23 15:13:15 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/02/23 15:12:37 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/02/23 15:12:37 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/02/23 15:12:37 | 000,055,296 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/02/23 15:12:37 | 000,055,296 | ---- | M] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/02/23 15:12:37 | 000,051,712 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/02/23 15:12:37 | 000,051,712 | ---- | M] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/02/23 15:12:37 | 000,046,592 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/02/23 15:12:37 | 000,046,592 | ---- | M] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/02/23 15:12:37 | 000,045,568 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/02/23 15:12:37 | 000,045,568 | ---- | M] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/02/23 15:12:37 | 000,044,544 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/02/23 15:12:37 | 000,044,544 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/02/23 15:12:37 | 000,043,520 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/02/23 15:12:37 | 000,043,520 | ---- | M] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/02/23 15:12:37 | 000,040,960 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/02/23 15:12:37 | 000,040,960 | ---- | M] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/02/23 15:12:37 | 000,030,720 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/02/23 15:12:37 | 000,030,720 | ---- | M] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/02/23 15:12:37 | 000,023,552 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/02/23 15:12:37 | 000,023,552 | ---- | M] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/02/23 15:12:37 | 000,021,504 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/02/23 15:12:37 | 000,021,504 | ---- | M] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/02/23 15:12:37 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/02/23 15:12:37 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/02/23 15:12:37 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/02/23 15:12:37 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/02/23 15:12:37 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/02/23 15:12:37 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/02/23 15:12:37 | 000,015,360 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/02/23 15:12:37 | 000,015,360 | ---- | M] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/02/23 15:12:36 | 002,745,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/02/23 15:12:36 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/02/23 15:11:24 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/02/23 15:11:24 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/02/23 15:10:29 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/02/23 15:08:15 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2013/02/23 15:08:14 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2013/02/23 15:06:52 | 001,462,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/02/23 15:06:52 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/02/23 15:06:19 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2013/02/23 15:05:57 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2013/02/23 15:05:14 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/02/23 15:04:28 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/02/23 15:04:04 | 000,956,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013/02/23 15:02:20 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2013/02/23 15:02:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2013/02/23 15:02:19 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2013/02/23 15:01:12 | 003,213,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2013/02/23 14:58:39 | 001,837,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/02/23 14:58:39 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/02/23 14:58:39 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/02/23 14:58:38 | 001,541,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/02/23 14:58:38 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/02/23 14:57:46 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2013/02/23 14:57:31 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2013/02/23 14:57:30 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2013/02/23 14:57:05 | 000,634,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2013/02/23 14:56:53 | 001,739,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/02/23 14:56:40 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2013/02/23 14:56:40 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/02/23 14:56:39 | 001,446,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/02/23 14:56:39 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/02/23 14:56:39 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/02/23 14:56:38 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2013/02/23 14:56:26 | 001,572,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2013/02/23 14:56:26 | 001,328,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013/02/23 14:56:26 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/02/23 14:56:26 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/02/23 14:55:44 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/02/23 14:55:35 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2013/02/23 14:55:34 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2013/02/23 14:54:46 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2013/02/23 14:54:46 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2013/02/23 14:54:46 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2013/02/23 14:54:46 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2013/02/23 14:54:46 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2013/02/23 14:54:46 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2013/02/23 14:54:46 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2013/02/23 14:54:46 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2013/02/23 14:54:46 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2013/02/23 14:54:46 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2013/02/23 14:54:34 | 000,861,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013/02/23 14:54:34 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2013/02/23 14:54:15 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2013/02/23 14:54:04 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2013/02/23 14:54:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2013/02/23 14:54:04 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2013/02/23 14:54:04 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2013/02/23 14:54:04 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2013/02/23 14:54:03 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2013/02/23 14:54:03 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2013/02/23 14:54:03 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2013/02/23 14:54:03 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2013/02/23 14:52:49 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2013/02/23 14:52:49 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2013/02/23 14:52:29 | 001,553,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2013/02/23 14:52:28 | 002,326,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2013/02/23 14:52:28 | 001,401,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2013/02/23 14:52:28 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2013/02/23 14:52:28 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2013/02/23 14:52:28 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2013/02/23 14:52:28 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2013/02/23 14:52:28 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2013/02/23 14:52:28 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2013/02/23 14:52:27 | 002,228,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2013/02/23 14:52:27 | 000,779,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2013/02/23 14:52:27 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2013/02/23 14:52:27 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2013/02/23 14:50:08 | 002,870,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/02/23 14:50:08 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013/02/23 14:49:47 | 000,356,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2013/02/23 14:49:47 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2013/02/23 14:49:47 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2013/02/23 14:49:38 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2013/02/23 14:49:17 | 001,395,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2013/02/23 14:49:17 | 001,359,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2013/02/23 14:49:17 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2013/02/23 14:49:17 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2013/02/23 14:49:06 | 000,640,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013/02/23 14:49:06 | 000,603,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013/02/23 14:49:06 | 000,556,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013/02/23 14:49:06 | 000,518,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013/02/23 14:49:06 | 000,020,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2013/02/23 14:49:06 | 000,019,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2013/02/23 14:49:06 | 000,017,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2013/02/23 14:48:53 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/02/23 14:48:53 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/02/23 14:48:22 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2013/02/23 14:48:22 | 000,961,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2013/02/23 14:48:22 | 000,850,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2013/02/23 14:48:22 | 000,642,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2013/02/23 14:48:22 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2013/02/23 14:48:22 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2013/02/23 14:47:39 | 000,265,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013/02/23 14:47:39 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013/02/23 14:47:38 | 001,863,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2013/02/23 14:47:38 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2013/02/23 14:47:37 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2013/02/23 14:47:37 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2013/02/23 14:46:32 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2013/02/23 14:46:30 | 000,264,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2013/02/23 14:46:30 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2013/02/23 14:46:30 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013/02/23 14:46:30 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2013/02/23 14:46:29 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2013/02/23 14:46:29 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2013/02/23 14:46:11 | 000,720,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2013/02/23 14:46:11 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2013/02/23 14:45:59 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2013/02/23 14:45:59 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2013/02/23 14:45:41 | 002,085,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2013/02/23 14:45:27 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/02/23 14:45:15 | 001,024,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2013/02/23 14:45:15 | 000,738,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2013/02/23 14:45:08 | 000,112,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013/02/23 14:44:59 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2013/02/23 14:44:59 | 000,496,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2013/02/23 14:44:59 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2013/02/23 14:44:59 | 000,464,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2013/02/23 14:44:59 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2013/02/23 14:44:58 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2013/02/23 14:44:58 | 000,305,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2013/02/23 14:44:58 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2013/02/23 14:44:50 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2013/02/23 14:44:44 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2013/02/23 14:44:33 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2013/02/23 14:44:27 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2013/02/23 14:43:30 | 000,306,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2013/02/23 14:43:30 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2013/02/23 14:43:30 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2013/02/23 14:43:30 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2013/02/23 14:43:28 | 000,277,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2013/02/23 14:43:28 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2013/02/23 14:43:28 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2013/02/23 14:43:27 | 000,305,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2013/02/23 14:43:25 | 000,369,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2013/02/23 14:43:25 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2013/02/23 14:43:24 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2013/02/23 14:43:24 | 000,356,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2013/02/23 14:43:21 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2013/02/23 14:43:20 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2013/02/23 14:43:20 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2013/02/23 14:43:19 | 000,422,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2013/02/22 22:44:49 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/02/22 22:44:49 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/02/22 22:44:49 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/02/22 22:44:49 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/02/22 22:43:40 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2013/02/22 22:43:40 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2013/02/22 22:43:07 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013/02/22 22:43:07 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013/02/22 22:43:07 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013/02/22 22:43:07 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013/02/22 22:43:07 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/02/22 22:42:26 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/02/22 22:42:26 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013/02/22 22:42:26 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\wdf01000.sys.mui
[2013/02/22 22:42:26 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/02/22 22:41:13 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2013/02/22 22:41:13 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2013/02/22 22:41:12 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2013/02/22 22:39:09 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/02/22 22:39:09 | 000,022,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2013/02/22 22:36:00 | 001,097,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/02/22 22:36:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/02/22 22:35:59 | 003,138,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/02/22 22:35:59 | 002,690,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/02/22 22:34:18 | 000,954,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2013/02/22 22:34:18 | 000,954,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2013/02/22 22:33:33 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/02/22 22:33:33 | 011,406,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/02/22 22:33:32 | 014,627,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013/02/22 22:33:32 | 012,625,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013/02/22 20:51:54 | 000,034,308 | ---- | M] () -- C:\Windows\SysWow64\bassmod.dll
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/22 12:53:36 | 000,000,100 | ---- | C] () -- C:\Windows\SysNative\Partizan.RRI
[2013/03/22 12:36:43 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/03/22 05:32:14 | 000,002,293 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/22 05:32:14 | 000,002,193 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/22 05:31:18 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/22 05:31:17 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/22 05:14:07 | 003,035,306 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013/03/21 19:41:56 | 000,004,608 | ---- | C] () -- C:\backupvbr
[2013/03/21 19:02:15 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2013/03/21 19:02:15 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\CONFIG.NT
[2013/03/21 19:02:15 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2013/03/21 19:02:14 | 000,000,418 | ---- | C] () -- C:\Windows\tasks\UnHackMe Task Scheduler.job
[2013/03/21 18:56:55 | 000,000,256 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Mecklenburg County, NC Full Episode - Beyond Scared Straight - A&E.url
[2013/03/20 10:17:29 | 000,001,680 | ---- | C] () -- C:\Windows\SysNative\ASOROSet.bin
[2013/03/20 09:31:59 | 000,000,286 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2013/03/20 09:31:58 | 000,000,294 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2013/03/19 20:00:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\cd
[2013/03/18 18:33:45 | 000,000,180 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Watch Big Fish Online Free - Crackle.url
[2013/03/18 17:07:13 | 000,000,238 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Root Verizon Samsung Galaxy S3 I535 Install Clockworkmod Recovery.url
[2013/03/18 16:24:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/17 19:42:12 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013/03/17 19:30:56 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/03/16 16:44:43 | 000,000,981 | ---- | C] () -- C:\Users\WayneAdams\Desktop\OCCT.lnk
[2013/03/16 15:50:31 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\attrib
[2013/03/16 15:48:42 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\type
[2013/03/16 14:30:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\]
[2013/03/16 13:44:44 | 000,000,091 | ---- | C] () -- C:\Windows\WININIT.INI
[2013/03/16 05:30:06 | 000,003,584 | ---- | C] () -- C:\Users\WayneAdams\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/16 00:17:50 | 000,000,168 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Google.url
[2013/03/15 17:26:35 | 000,007,600 | ---- | C] () -- C:\Users\WayneAdams\AppData\Local\Resmon.ResmonCfg
[2013/03/15 16:16:10 | 000,002,001 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Skype.lnk
[2013/03/15 12:50:16 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2013/03/15 12:46:01 | 000,002,290 | ---- | C] () -- C:\Users\Public\Desktop\Apply Transformers Windows Theme.lnk
[2013/03/15 08:39:35 | 000,002,216 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart 5520 series.lnk
[2013/03/15 08:39:35 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2013/03/15 08:39:35 | 000,001,190 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 5520 series.lnk
[2013/03/14 23:52:20 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/03/14 22:52:22 | 000,001,296 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2013/03/14 22:52:22 | 000,001,272 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Spybot - Search & Destroy.lnk
[2013/03/13 16:10:54 | 000,000,432 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2013/03/13 14:22:19 | 000,001,026 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2013/03/12 06:56:01 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/03/05 20:19:58 | 000,000,212 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Apps Safe to Remove on Samsung Galaxy S3 (Sprint Version, Stock Rooted) - xda-developers.url
[2013/03/03 23:07:06 | 000,001,111 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/03/03 20:55:05 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/03/03 08:36:57 | 2132,991,999 | -HS- | C] () -- C:\hiberfil.sys
[2013/02/28 04:17:20 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013/02/28 00:15:48 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/02/28 00:15:44 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/02/27 19:16:20 | 000,001,385 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Logitech Webcam 200 - Shortcut.lnk
[2013/02/27 19:13:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2013/02/24 13:17:22 | 000,001,095 | ---- | C] () -- C:\Users\WayneAdams\Desktop\FullTiltPoker.exe - Shortcut.lnk
[2013/02/22 22:43:07 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/02/22 22:42:26 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/02/22 20:51:54 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2013/02/22 01:26:02 | 000,882,544 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/02/22 01:21:36 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-WAYNEADAMS-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat
[2012/01/18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe

========== ZeroAccess Check ==========

[2013/03/13 00:37:11 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/23 15:03:11 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/23 15:03:12 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\Windows\sysWOW64\wbem\fastprox.dll -- [2009/07/13 21:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 21:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2009/07/13 21:40:01 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 21:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2009/07/13 21:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2009/07/13 21:40:10 | 000,703,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2013/02/23 14:56:39 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2013/02/22 22:41:13 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/02/23 15:06:52 | 000,182,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/02/23 15:06:52 | 000,139,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2009/07/13 21:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 21:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2013/02/23 14:49:47 | 000,182,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 21:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 21:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2009/07/13 21:41:10 | 000,500,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 21:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 21:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 21:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2009/07/13 21:41:52 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2013/02/23 14:52:49 | 000,404,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2013/02/23 15:05:58 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2013/02/23 14:56:39 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 21:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2009/07/13 21:41:53 | 000,343,552 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2009/07/13 21:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2009/07/13 21:41:53 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2013/02/23 14:56:39 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2013/02/23 14:46:29 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2013/02/23 14:44:50 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2009/07/13 21:41:54 | 000,369,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/13 21:16:14 | 000,328,192 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2013/02/23 14:44:59 | 001,114,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2009/07/13 21:41:55 | 000,316,416 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/13 21:16:15 | 000,241,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2013/02/24 18:34:47 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2013/02/23 15:01:29 | 000,208,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2009/07/13 21:39:50 | 001,598,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2009/07/13 21:40:04 | 000,676,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2009/07/13 21:40:04 | 000,676,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:41:56 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2009/07/13 21:41:27 | 000,824,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,578,560 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2009/07/13 21:39:21 | 000,127,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2009/07/13 21:14:25 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 18:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2009/07/13 21:40:32 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2013/02/23 14:50:08 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2013/02/23 14:50:08 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2013/02/23 14:50:07 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2013/02/23 14:50:08 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/07/02 20:06:46 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2013/02/23 14:50:08 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2013/02/23 14:50:08 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2013/02/23 14:50:07 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2009/11/10 16:05:56 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=3972CD8D104D6DC9D526FCB1618D3C28 -- C:\Windows\Resources\Themes\Desirez\System files\explorer.exe
[2013/02/23 14:50:07 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 05:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/07/02 20:06:42 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2013/02/23 14:50:07 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/07/02 20:06:46 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/07/02 20:06:42 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 06:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/07/02 20:06:46 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/07/02 20:06:42 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/07/02 20:06:46 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2013/02/23 14:50:07 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/07/02 20:06:42 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: SERVICES >
[2009/06/10 17:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.CFG >
[2012/09/23 21:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2012/12/18 15:08:30 | 000,559,043 | ---- | M] () MD5=BA25E8F1460C7453B7488FE4B42F6919 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 22:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2009/07/13 22:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.MOF >
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/13 22:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 22:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SERVICES.SBS >
[2011/03/01 08:58:44 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files (x86)\Spybot - Search & Destroy\Includes\Services.sbs

< MD5 for: SVCHOST.EXE >
[2012/12/14 17:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 05:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 06:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 06:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/12/14 17:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/07/02 20:06:46 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/07/02 20:06:46 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2010/07/02 20:06:46 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >
  • 0

#4
Essexboy
Posted 24 March 2013 - 07:45 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

I get a error stating C:\Users|WayneAdams\Desktop.ini Illegal operation attempted on a registry key that has been marked for deletion. I will atempt to show these errors and some system folders by using snapshot which I can still use as administrator!

This is a known combofix error and a reboot will cure that
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

I can see no sign of the PUP but we will run a quick check for that next, but first I will remove the mount point

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\ToolLauncher-Bootstrap.exe

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that
  • 0

#5
AdamsWorld333
Posted 24 March 2013 - 09:13 PM

AdamsWorld333

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hello Essexboy & thank you for giving me your time. I still have some issues concerning the autorun-bootstrap.exe in my system folders. The applications folders icon are black in color. I no longer have System Restore, Services & Snipping Tool from the start menue. Since following your instructions, My IE 9 works & Media Player are in their default mode. I have been using Modzilla Firefox for your messages here. Here are the scan results;
Attached File  OTL.Txt   141.14KB   142 downloads
Attached File  03242013_222309.log   4.22KB   107 downloads
Attached File  AdwCleanerS1.txt   4.31KB   129 downloads

OTL logfile created on: 3/24/2013 10:30:59 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\WayneAdams\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 6.37 Gb Available Physical Memory | 79.79% Memory free
15.96 Gb Paging File | 14.17 Gb Available in Paging File | 88.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 718.52 Gb Free Space | 77.14% Space Free | Partition Type: NTFS

Computer Name: WAYNEADAMS-PC | User Name: WayneAdams | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/24 21:10:50 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/03/22 07:02:34 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013/03/19 17:58:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\WayneAdams\Desktop\OTL.exe
PRC - [2013/03/07 10:30:42 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/03/06 02:23:50 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2013/03/06 02:21:50 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/03/04 09:24:22 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2010/11/17 10:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/06/23 18:40:12 | 000,127,352 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2009/06/02 20:05:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/22 07:02:33 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/03/07 10:30:45 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/03/04 09:24:22 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2013/01/17 17:23:56 | 000,292,736 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag)
SRV:64bit: - [2012/07/11 14:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2013/03/22 07:02:34 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/07 10:30:44 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/06 02:21:50 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/07/13 21:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/06/23 18:40:12 | 000,127,352 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/02 20:05:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/02/22 22:39:09 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/02/20 12:33:19 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/02/20 11:07:40 | 000,058,416 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013/02/20 11:07:38 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/01/27 09:35:46 | 000,127,384 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2013/01/10 15:08:16 | 000,190,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013/01/10 15:08:16 | 000,059,440 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2013/01/10 15:08:14 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/12/19 01:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/01/18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/10/04 06:22:16 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2011/10/04 06:22:16 | 000,095,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/10 15:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 15:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/10/20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009/12/30 12:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/09/22 21:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009/09/22 21:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009/08/02 07:56:28 | 000,900,608 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/07 14:48:44 | 000,035,376 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\purendis.sys -- (purendis)
DRV:64bit: - [2009/07/07 14:48:44 | 000,033,328 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\pnarp.sys -- (pnarp)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 02:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:64bit: - [2009/06/02 02:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:64bit: - [2009/06/02 02:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV - [2010/10/22 10:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-tyc9
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {D0073D66-AF66-4945-B4B4-9345E6AAD67A}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{D0073D66-AF66-4945-B4B4-9345E6AAD67A}: "URL" = http://www.google.co...1I7NDKB_enUS528
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7BDAC3F861-B30D-40dd-9166-F4E75327FAC7%7D:1.3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\WayneAdams\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/03/24 21:11:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/17 19:30:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/03/24 20:44:23 | 000,000,000 | ---D | M]

[2013/02/20 21:51:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Extensions
[2013/03/09 19:50:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\1iwghh1z.default\extensions
[2013/03/08 19:57:42 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\1iwghh1z.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/03/04 00:56:54 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\1iwghh1z.default\extensions\[email protected]
[2013/02/23 18:21:28 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\WayneAdams\AppData\Roaming\Mozilla\Firefox\Profiles\1iwghh1z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/03/15 17:41:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/17 19:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2013/03/17 19:30:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/03/24 21:11:11 | 000,000,000 | ---D | M] (RealDownloader) -- C:\PROGRAMDATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2013/03/07 10:31:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/03/07 10:30:20 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/07 10:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\WayneAdams\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

O1 HOSTS File: ([2013/03/24 22:23:10 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [Linksys Wireless Manager] C:\Program Files (x86)\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [WinThemePack Logon] C:\Program Files (x86)\WinThemePack\World Of WarCraft Logon Screen\tweak.exe (WinThemePack.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C27EF250-A2EE-4DB1-AC09-15DAF292E389}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (EXPLORER.EXE) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\SysNative\WPDShServiceObj.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2012/04/11 19:17:47 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/03/22 17:40:23 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{a2a3569d-7b69-11e2-97b8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a2a3569d-7b69-11e2-97b8-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\VZW_Software_upgrade_assistant_installer.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/24 22:23:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/24 21:11:31 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\RealNetworks
[2013/03/24 21:11:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2013/03/24 21:11:09 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013/03/24 21:11:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2013/03/24 21:10:51 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2013/03/24 21:10:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2013/03/24 21:10:22 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Real
[2013/03/24 20:48:25 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\HTML Executable
[2013/03/24 20:44:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2013/03/24 20:44:06 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013/03/24 20:44:06 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/03/24 00:14:57 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\ESET
[2013/03/24 00:14:57 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\ESET
[2013/03/22 20:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERSetup
[2013/03/22 17:40:23 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2013/03/22 13:02:07 | 000,000,000 | ---D | C] -- C:\wifidata
[2013/03/22 13:01:43 | 005,350,120 | ---- | C] (IO3O LLC ) -- C:\Users\WayneAdams\Documents\mywifi216.exe
[2013/03/22 12:59:04 | 000,040,208 | ---- | C] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2013/03/22 05:32:53 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Google
[2013/03/22 05:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/22 05:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/03/22 05:31:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013/03/22 05:13:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/03/22 04:45:31 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/03/22 04:28:47 | 000,000,000 | ---D | C] -- C:\@RestoreQuarantine
[2013/03/21 19:50:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reanimator
[2013/03/21 19:02:14 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\RegRun2
[2013/03/21 17:51:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IO3O LLC
[2013/03/21 07:21:49 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/03/20 09:31:54 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Systweak
[2013/03/20 09:31:53 | 000,020,312 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2013/03/20 09:31:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2013/03/20 09:31:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegClean Pro
[2013/03/20 08:19:17 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\f-secure
[2013/03/20 08:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2013/03/20 06:51:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013/03/20 06:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Linksys Wireless Manager
[2013/03/19 20:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pure Networks
[2013/03/19 20:33:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Linksys
[2013/03/19 20:33:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pure Networks Shared
[2013/03/19 20:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Pure Networks
[2013/03/19 19:09:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/03/19 17:58:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\WayneAdams\Desktop\OTL.exe
[2013/03/19 14:51:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/03/19 14:51:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/03/19 13:53:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013/03/18 22:39:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/03/18 15:42:11 | 000,203,320 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013/03/18 15:42:11 | 000,095,544 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013/03/18 15:41:09 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2013/03/18 15:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013/03/18 15:38:09 | 000,000,000 | R--D | C] -- C:\Users\WayneAdams\Dropbox
[2013/03/18 15:29:37 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Desktop\samsung appt
[2013/03/17 19:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2013/03/17 19:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2013/03/17 19:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/03/17 19:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/03/17 17:53:59 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\{900E1508-395D-46EF-A28F-C6809B858857}
[2013/03/17 17:53:59 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\{7CD17FAE-0DC0-4D61-AEC2-F9ED8E0A9819}
[2013/03/17 12:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio 2010
[2013/03/17 08:49:18 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Unity
[2013/03/16 17:11:30 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
[2013/03/16 16:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT
[2013/03/16 16:44:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OCCTPT
[2013/03/15 23:59:12 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure
[2013/03/15 22:49:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/03/15 17:46:19 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Macromedia
[2013/03/15 17:41:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/15 15:55:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/03/15 15:49:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013/03/15 12:50:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI
[2013/03/15 12:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transformers Windows Theme
[2013/03/15 11:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013/03/14 22:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2013/03/14 22:52:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2013/03/14 20:51:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/03/14 20:51:32 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/03/14 17:18:47 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\GlarySoft
[2013/03/13 21:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2013/03/13 21:18:29 | 000,000,000 | ---D | C] -- C:\Upload
[2013/03/13 21:17:54 | 000,000,000 | ---D | C] -- C:\AllShare Play
[2013/03/13 17:31:52 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\{DD4E68DA-DBCD-4C1F-B85E-FF8A7BEBE383}
[2013/03/13 16:54:42 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/03/13 15:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\RegInOut
[2013/03/13 14:22:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2013/03/13 14:22:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
[2013/03/13 00:45:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/13 00:45:11 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2013/03/11 13:45:57 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2013/03/07 21:59:14 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013/03/07 17:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/03/07 17:05:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/03/07 16:49:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/07 10:21:33 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\SKIDROW
[2013/03/07 08:36:09 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Microsoft Help
[2013/03/07 04:07:32 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\PCFix
[2013/03/07 03:39:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2013/03/07 03:25:06 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\DriverCure
[2013/03/07 02:37:33 | 000,000,000 | ---D | C] -- C:\Encryption
[2013/03/06 11:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\God Of War Windows Theme
[2013/03/06 11:13:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World Of WarCraft Logon Screen
[2013/03/06 11:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D Forms Windows Theme
[2013/03/06 11:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinThemePack
[2013/03/06 11:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alien Form Logon Screen
[2013/03/05 17:06:33 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Supreme Savings
[2013/03/05 03:58:31 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/03/05 03:57:23 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/03/04 16:49:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XP Repair Pro 4.0
[2013/03/04 09:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/03/03 23:07:05 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2013/03/03 23:07:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2013/03/03 21:21:58 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Apple Computer
[2013/03/03 20:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/03/03 20:59:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/03/03 20:48:08 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\VS Revo Group
[2013/03/03 20:48:06 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2013/03/03 20:48:05 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/03/03 18:02:10 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\PC VITALWARE
[2013/03/03 18:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\PC VITALWARE
[2013/03/03 16:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/03 16:01:09 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/03/03 16:01:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/03/02 22:55:56 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\IsolatedStorage
[2013/03/01 07:18:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ballance
[2013/03/01 07:17:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio
[2013/02/28 20:37:29 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Open Download Manager
[2013/02/28 18:07:52 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Ant.com
[2013/02/28 17:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/02/28 14:15:35 | 000,000,000 | ---D | C] -- C:\ProgramData\GroupPolicy
[2013/02/28 12:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2013/02/28 12:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2013/02/28 10:40:08 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\SeriousBit
[2013/02/28 04:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zuxxez
[2013/02/28 04:18:45 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\PowerISO
[2013/02/28 04:17:19 | 000,127,384 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys
[2013/02/28 04:17:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO
[2013/02/28 03:42:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/02/27 19:13:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd
[2013/02/27 19:13:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2013/02/27 03:38:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CinemaNow
[2013/02/27 03:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildGames
[2013/02/27 03:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent
[2013/02/27 03:16:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildGames
[2013/02/27 03:03:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013/02/27 03:03:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2013/02/27 01:06:29 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Google
[2013/02/27 01:06:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/02/27 01:03:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013/02/27 01:03:02 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/02/26 01:05:45 | 000,000,000 | -H-D | C] -- C:\Windows\Icons
[2013/02/25 20:17:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2013/02/25 20:17:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2013/02/25 08:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2013/02/25 08:16:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2013/02/25 08:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013/02/25 01:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013/02/25 00:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ErrorEND64
[2013/02/25 00:39:53 | 000,000,000 | ---D | C] -- C:\inetpub
[2013/02/24 18:13:09 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Diagnostics
[2013/02/24 15:43:15 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\VMware
[2013/02/24 14:55:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2013/02/24 14:38:53 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2013/02/24 14:38:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/02/24 14:33:42 | 000,011,832 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\acpimof.dll
[2013/02/24 14:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2013/02/24 14:11:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2013/02/24 14:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/02/24 13:54:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2013/02/24 13:52:33 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\Documents\Outlook Files
[2013/02/24 13:31:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Processor ID Utility
[2013/02/24 13:31:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Corporation
[2013/02/24 13:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Utilities
[2013/02/24 13:24:24 | 001,367,424 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranFD.exe
[2013/02/24 13:24:24 | 000,292,736 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragS.exe
[2013/02/24 13:24:24 | 000,287,616 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDC.exe
[2013/02/24 13:24:24 | 000,256,896 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefrag.dll
[2013/02/24 13:24:24 | 000,132,480 | ---- | C] (Puran Software) -- C:\Windows\SysNative\PuranDefragBT.exe
[2013/02/24 13:16:39 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\FullTiltPoker
[2013/02/24 12:50:56 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Roaming\Macrovision
[2013/02/24 12:50:27 | 000,000,000 | ---D | C] -- C:\Users\WayneAdams\AppData\Local\Sonic_Solutions
[2013/02/23 23:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2013/02/23 21:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2013/02/23 00:36:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/02/23 00:36:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat

========== Files - Modified Within 30 Days ==========

[2013/03/24 22:32:56 | 000,019,968 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/24 22:32:56 | 000,019,968 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/24 22:27:57 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/24 22:27:56 | 000,000,432 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2013/03/24 22:27:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/24 22:27:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2013/03/24 22:27:24 | 2132,991,999 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/24 22:23:10 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013/03/24 21:57:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/24 21:56:39 | 005,436,596 | ---- | M] () -- C:\Users\WayneAdams\Desktop\License Keys For all Antivirus.zip
[2013/03/24 21:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/24 21:11:17 | 000,001,278 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/03/24 21:10:51 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2013/03/24 09:40:08 | 000,888,168 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/24 09:40:08 | 000,739,030 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/24 09:40:08 | 000,147,956 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/24 08:55:51 | 000,880,290 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/24 08:46:38 | 000,000,140 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Microsoft .NET Framework 4 Readme.htm.url
[2013/03/24 00:01:35 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/03/22 19:27:01 | 000,000,100 | ---- | M] () -- C:\Windows\SysNative\Partizan.RRI
[2013/03/22 17:25:29 | 000,446,115 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130322-172703.backup
[2013/03/22 17:25:07 | 000,446,115 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130322-172529.backup
[2013/03/22 16:29:18 | 000,446,115 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130322-172507.backup
[2013/03/22 15:01:10 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2013/03/22 13:01:49 | 005,350,120 | ---- | M] (IO3O LLC ) -- C:\Users\WayneAdams\Documents\mywifi216.exe
[2013/03/22 13:00:52 | 000,002,293 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/22 12:59:04 | 000,040,208 | ---- | M] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2013/03/22 12:21:27 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2013/03/22 12:21:27 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\CONFIG.NT
[2013/03/22 12:21:27 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2013/03/22 05:58:06 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/22 05:12:43 | 000,409,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/03/21 19:41:56 | 000,004,608 | ---- | M] () -- C:\backupvbr
[2013/03/21 19:02:14 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\UnHackMe Task Scheduler.job
[2013/03/21 18:56:55 | 000,000,256 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Mecklenburg County, NC Full Episode - Beyond Scared Straight - A&E.url
[2013/03/20 10:22:51 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2013/03/20 10:21:46 | 000,001,680 | ---- | M] () -- C:\Windows\SysNative\ASOROSet.bin
[2013/03/20 10:03:22 | 000,446,115 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130322-162918.backup
[2013/03/20 09:16:52 | 000,000,981 | ---- | M] () -- C:\Users\WayneAdams\Desktop\OCCT.lnk
[2013/03/19 20:03:06 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\cd
[2013/03/19 17:58:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\WayneAdams\Desktop\OTL.exe
[2013/03/18 18:33:45 | 000,000,180 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Watch Big Fish Online Free - Crackle.url
[2013/03/18 17:07:13 | 000,000,238 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Root Verizon Samsung Galaxy S3 I535 Install Clockworkmod Recovery.url
[2013/03/18 16:24:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/17 19:42:17 | 000,001,107 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013/03/17 19:30:56 | 000,001,161 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/16 15:51:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\attrib
[2013/03/16 15:48:42 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\type
[2013/03/16 14:30:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\]
[2013/03/16 13:44:51 | 000,000,091 | ---- | M] () -- C:\Windows\WININIT.INI
[2013/03/16 05:30:06 | 000,003,584 | ---- | M] () -- C:\Users\WayneAdams\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/16 00:17:50 | 000,000,168 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Google.url
[2013/03/15 17:26:35 | 000,007,600 | ---- | M] () -- C:\Users\WayneAdams\AppData\Local\Resmon.ResmonCfg
[2013/03/15 16:16:10 | 000,002,001 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Skype.lnk
[2013/03/15 12:50:16 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2013/03/15 12:46:01 | 000,002,290 | ---- | M] () -- C:\Users\Public\Desktop\Apply Transformers Windows Theme.lnk
[2013/03/14 23:52:20 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2013/03/14 22:52:22 | 000,001,296 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2013/03/14 22:52:22 | 000,001,272 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Spybot - Search & Destroy.lnk
[2013/03/13 14:22:19 | 000,001,026 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2013/03/07 03:39:05 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013/03/05 20:19:58 | 000,000,212 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Apps Safe to Remove on Samsung Galaxy S3 (Sprint Version, Stock Rooted) - xda-developers.url
[2013/03/03 23:27:20 | 000,001,111 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/02/28 16:27:28 | 000,020,312 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2013/02/28 01:56:56 | 000,001,451 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/02/28 00:15:48 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/02/28 00:15:44 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/02/27 23:43:06 | 000,001,112 | ---- | M] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/02/27 19:16:20 | 000,001,385 | ---- | M] () -- C:\Users\WayneAdams\Desktop\Logitech Webcam 200 - Shortcut.lnk
[2013/02/27 03:38:10 | 000,001,749 | ---- | M] () -- C:\Users\WayneAdams\Documents\CinemaNow.lnk
[2013/02/27 02:54:26 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/02/24 13:17:22 | 000,001,095 | ---- | M] () -- C:\Users\WayneAdams\Desktop\FullTiltPoker.exe - Shortcut.lnk
[2013/02/22 22:43:07 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/02/22 22:42:26 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

========== Files Created - No Company Name ==========

[2013/03/24 21:56:31 | 005,436,596 | ---- | C] () -- C:\Users\WayneAdams\Desktop\License Keys For all Antivirus.zip
[2013/03/24 21:11:17 | 000,001,278 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/03/24 08:46:38 | 000,000,140 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Microsoft .NET Framework 4 Readme.htm.url
[2013/03/22 12:53:36 | 000,000,100 | ---- | C] () -- C:\Windows\SysNative\Partizan.RRI
[2013/03/22 12:36:43 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/03/22 05:32:14 | 000,002,293 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/22 05:32:14 | 000,002,193 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/22 05:31:18 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/22 05:31:17 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/22 05:14:07 | 003,035,306 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013/03/21 19:41:56 | 000,004,608 | ---- | C] () -- C:\backupvbr
[2013/03/21 19:02:15 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2013/03/21 19:02:15 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\CONFIG.NT
[2013/03/21 19:02:15 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2013/03/21 19:02:14 | 000,000,418 | ---- | C] () -- C:\Windows\tasks\UnHackMe Task Scheduler.job
[2013/03/21 18:56:55 | 000,000,256 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Mecklenburg County, NC Full Episode - Beyond Scared Straight - A&E.url
[2013/03/20 10:17:29 | 000,001,680 | ---- | C] () -- C:\Windows\SysNative\ASOROSet.bin
[2013/03/20 09:31:59 | 000,000,286 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2013/03/20 09:31:58 | 000,000,294 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2013/03/19 20:00:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\cd
[2013/03/18 18:33:45 | 000,000,180 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Watch Big Fish Online Free - Crackle.url
[2013/03/18 17:07:13 | 000,000,238 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Root Verizon Samsung Galaxy S3 I535 Install Clockworkmod Recovery.url
[2013/03/18 16:24:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/17 19:42:12 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013/03/17 19:30:56 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/03/16 16:44:43 | 000,000,981 | ---- | C] () -- C:\Users\WayneAdams\Desktop\OCCT.lnk
[2013/03/16 15:50:31 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\attrib
[2013/03/16 15:48:42 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\type
[2013/03/16 14:30:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\]
[2013/03/16 13:44:44 | 000,000,091 | ---- | C] () -- C:\Windows\WININIT.INI
[2013/03/16 05:30:06 | 000,003,584 | ---- | C] () -- C:\Users\WayneAdams\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/16 00:17:50 | 000,000,168 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Google.url
[2013/03/15 17:26:35 | 000,007,600 | ---- | C] () -- C:\Users\WayneAdams\AppData\Local\Resmon.ResmonCfg
[2013/03/15 16:16:10 | 000,002,001 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Skype.lnk
[2013/03/15 12:50:16 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2013/03/15 12:46:01 | 000,002,290 | ---- | C] () -- C:\Users\Public\Desktop\Apply Transformers Windows Theme.lnk
[2013/03/15 08:39:35 | 000,002,216 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart 5520 series.lnk
[2013/03/15 08:39:35 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2013/03/15 08:39:35 | 000,001,190 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 5520 series.lnk
[2013/03/14 23:52:20 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/03/14 22:52:22 | 000,001,296 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2013/03/14 22:52:22 | 000,001,272 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Spybot - Search & Destroy.lnk
[2013/03/13 16:10:54 | 000,000,432 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2013/03/13 14:22:19 | 000,001,026 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2013/03/12 06:56:01 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/03/05 20:19:58 | 000,000,212 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Apps Safe to Remove on Samsung Galaxy S3 (Sprint Version, Stock Rooted) - xda-developers.url
[2013/03/03 23:07:06 | 000,001,111 | ---- | C] () -- C:\Users\WayneAdams\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/03/03 20:55:05 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/03/03 08:36:57 | 2132,991,999 | -HS- | C] () -- C:\hiberfil.sys
[2013/02/28 04:17:20 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013/02/28 00:15:48 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/02/28 00:15:44 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/02/27 19:16:20 | 000,001,385 | ---- | C] () -- C:\Users\WayneAdams\Desktop\Logitech Webcam 200 - Shortcut.lnk
[2013/02/27 19:13:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2013/02/24 13:17:22 | 000,001,095 | ---- | C] () -- C:\Users\WayneAdams\Desktop\FullTiltPoker.exe - Shortcut.lnk
[2013/02/22 22:43:07 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/02/22 22:42:26 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/02/22 20:51:54 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2013/02/22 01:26:02 | 000,880,290 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/02/22 01:21:36 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-WAYNEADAMS-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat
[2012/01/18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe

========== ZeroAccess Check ==========

[2013/03/13 00:37:11 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/23 15:03:11 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/23 15:03:12 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\Windows\sysWOW64\wbem\fastprox.dll -- [2009/07/13 21:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/03/02 23:26:56 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Ant.com
[2013/03/04 09:05:02 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\AVG
[2013/03/24 22:26:04 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Azureus
[2013/03/07 03:25:06 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\DriverCure
[2013/03/24 00:14:57 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\ESET
[2013/03/20 08:19:17 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\f-secure
[2013/02/22 00:03:14 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\FreeFixer
[2013/03/14 17:18:47 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\GlarySoft
[2013/03/24 20:48:25 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\HTML Executable
[2013/02/28 20:37:29 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Open Download Manager
[2013/03/05 06:27:15 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\OpenCandy
[2013/03/03 18:02:10 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\PC VITALWARE
[2013/03/07 04:08:59 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\PCFix
[2013/03/03 11:27:12 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\PowerISO
[2013/03/06 16:38:01 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\RPPrivate
[2013/03/03 11:27:13 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\SeriousBit
[2013/02/20 22:12:46 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Simple Star
[2013/03/23 20:27:11 | 000,000,000 | ---D | M] -- C:\Users\WayneAdams\AppData\Roaming\Systweak

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >
  • 0

#6
Essexboy
Posted 25 March 2013 - 05:14 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets now run some repairs, once done let me know of any outstanding problems

Download Windows Repair (all in one) from this site

Install the programme then run

Posted Image

Go to step 3 and allow it to run SFC
Posted Image


On the start repairs tab click start
Posted Image

Select the following items and tick restart system when finished
Posted Image
  • 0

#7
AdamsWorld333
Posted 25 March 2013 - 07:49 AM

AdamsWorld333

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hows it going Essexboy. Just a quick question for you, Should I be doing these scans your advising me to do in safe mode? That auto-run (Bootstrap.exe) I mentioned earlier in our discusions is very stubborn. When I start my computer @ bootup, I can see some writting at top left of screen, which is part of the virus. It doesn't stay up long enough for me to read. I`m assuming you want the log from Tweaking Windows Repair, for there was nothing at the end of your message stating what to do? Here is the repair log from Tweaking repair tool. Also, My hosts files that were reset from previous scan is not the default host file it should be. I have 4 hosts backups 3 dated 3/22/2013 & the other dated 3/20/2013. This is what I see after opening my host file.
127.0.0.1 localhost
::1 localhost
Attached File  _Windows_Repair_Log.txt   42.2KB   142 downloads
  • 0

#8
Essexboy
Posted 25 March 2013 - 08:31 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What make is your computer as bootstrap can be legitimate
Have the icons returned to normal and is system restore now available

Please RIGHT-CLICK HERE and Save As (in IE it's "Save Target As", in FF it's "Save Link As") to download Silent Runners.
  • Save it to the desktop.
  • Run Silent Runner's by doubleclicking the "Silent Runners" icon on your desktop.
  • You will receive a prompt:
    • Do you want to skip supplementary searches?
      click NO
  • If you receive an error just click OK and double-click it to run it again - sometimes it won't run as it's supposed to the first time but will in subsequent runs.
  • You will see a text file appear on the desktop - it's not done, let it run (it won't appear to be doing anything!)
  • Once you receive the prompt All Done!, open the text file on the desktop, copy that entire log, and paste it here.
*NOTE* If you receive any warning message about scripts, please choose to allow the script to run.
  • 0

#9
AdamsWorld333
Posted 26 March 2013 - 08:39 AM

AdamsWorld333

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
The file you sent dose not open correctly. It only opens in notepad. & yes my icons are still black (application icons in system folders). My Operating System is Microsoft Windows Ultimate 64 bit, Cpu Intel Core i5 2500K @ 3.30GHz, Ram 8.00 GB single channel DDR3 @ 649 MHz (9-9-9-24), Mother board MSI P67A-C43 (MS-7673) (SOCKET 0). I cant open my firewall settings from control panel or anywhere else. IE 9 has stopped working. I can only use Firefox luckly. System restore in still unavailable & I still don't have windows update or snipping tool in start menue either.
  • 0

#10
Essexboy
Posted 26 March 2013 - 09:04 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You need to right click the file and select Save as..... As it is a VBS file
  • 0

Advertisements

#11
AdamsWorld333
Posted 26 March 2013 - 09:16 AM

AdamsWorld333

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I have done everything you've requested of me Essexboy. I did the right click & save to desktop & it automatically opens in notepad. I'm in Central Florida. Can you call me @ 352-795-8681 if allowed.
  • 0

#12
Essexboy
Posted 26 March 2013 - 09:20 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Does the file have a VBS extension ?

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop ( it will be randomly named )

First we will run a virus scan
On the first tab select all elements down to Computer and then select start scan
Once it has finished select report and post that.
Posted Image
Posted Image

Do not close AVPTool or it will self uninstall, if it does uninstall - - then just rerun the setup file on your desktop

Now an analysis scan
Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip

Posted Image
  • 0

#13
AdamsWorld333
Posted 26 March 2013 - 09:25 AM

AdamsWorld333

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Yes it does have vbsAttached File  Silent Runners.vbs.txt   500.76KB   305 downloads
  • 0

#14
AdamsWorld333
Posted 26 March 2013 - 09:28 AM

AdamsWorld333

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Everything you have me doing,I have already run. But I'll do it again with you. Maybe I missed something. The file is downloading now in Firefox & the symbol folder in black in color.
  • 0

#15
Essexboy
Posted 26 March 2013 - 09:30 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK hold on AVP for the moment as I can see the problem the file you have downloaded has a double extension Silent runners.vbs.txt
You need to remove the .TXT from the end

Go to Control Panel > Folder Options . View
And then remove the tick from "hide extensions for known file types"


Then delete the .txt part of the file
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP