Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

multiple iexplorer.exe's showing in task manager [Solved]


  • This topic is locked This topic is locked

#1
cartoonistmusician

cartoonistmusician

    Member

  • Member
  • PipPip
  • 26 posts
Hey! So I've got this problem with my laptop. While working on the computer (usually working on digital art/comics or music). I noticed it would sometimes act like it's loading something or trying to run something sometimes. The loading icon would appear, and it would lag just a little bit. After paying attention to the task manager, I noticed that this happens when these random iexplorer.exe's appear out of nowhere... and while I don't even have the internet explore open. I push "end process" on these, and they always seem to come back sooner or later. I used to have the problem where I'd search something on google and click on a link, but it would redirect me somewhere else. Also had a few times internet explorer tried to pop up on it's own. And lately, I'm noticing a lot more ads on certain sites I go to on internet explorer, like on youtube... a lot more ads than usual.

I've tried running a few anti-virus programs, but I can't seem to find anything to get rid of it. Recently, I've been using this program called Advanced SystemCare and it found a ton of stuff (junk files, privacy issues, registry errors, and a lot more). But I seem to think there's something still in the computer that it's not finding, that keeps making more stuff and causing errors (because the Advanced SystemCare keeps finding more errors when I continue to scan it more). I have had times when the CPU would be at 100%, but dad usually just restored it to an earlier date and that usually fixed it for a while. Anyway, I'd like to get this thing fixed before it causes any damage to the computer or completely kills it. :P I'm rather new to this site, so for the most part I'm not sure what I'm doing. But I see that people post logs from HijackThis. I have a log, and I'll put it here. :)

I'm also not great with computers, but I'm a little more knowledgeable about them then a beginner. :)

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 2:26:48 AM, on 11/28/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Users\mullins4\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Windows\SysWOW64\regsvr32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\mullins4\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...B42ADEF5F&SSPV=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.nation...tbid=1012895687
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ScorpionSaver - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll
O2 - BHO: CrossriderApp0043628 - {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho.dll
O2 - BHO: CrossriderApp0044178 - {11111111-1111-1111-1111-110411411178} - C:\Program Files (x86)\Allyrics-16\Allyrics-16-bho.dll
O2 - BHO: Bizzybolt - {13070af0-bc6c-4185-8baa-40a4cf05b323} - C:\Program Files (x86)\Bizzybolt\Bizzyboltbho.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.1\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Nation Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Nation Toolbar\tbunst6854.tmp\tbcore3.dll
O3 - Toolbar: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.1\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [F-Secure Hoster (42626)] "C:\Program Files (x86)\Charter Security Suite\fshoster32.exe" -app -hosterid:1
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [Amazon Cloud Player] C:\Users\mullins4\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [TLworks Update] regsvr32.exe C:\Users\mullins4\AppData\Local\TLworks\remotedownload.dll
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\adpeakproxy.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\adpeakproxy.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\adpeakproxy.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\adpeakproxy.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\adpeakproxy.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.line6.net
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.3\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdpeakProxy - Adpeak, Inc. - C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Level Quality Watcher - Unknown owner - C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Bizzybolt - Unknown owner - C:\Program Files (x86)\Bizzybolt\updateBizzybolt.exe
O23 - Service: Updater Service for AMZN - Unknown owner - C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
O23 - Service: Util Bizzybolt - Unknown owner - C:\Program Files (x86)\Bizzybolt\bin\utilBizzybolt.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater17.1.3 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

--
End of file - 16187 bytes
  • 0

Advertisements


#2
nathdep

nathdep

    Member

  • Member
  • PipPipPip
  • 587 posts
Hello, cartoonistmusician and :welcome:

I am nathdep and I will be helping you with your malware problems.

Note: Just to let you know, I am still in the process of training to become a malware expert. I want you to know that I have a teacher who will be reviewing all the fixes that I post here. Thank you for being part of my learning process! :)

Also, I ask that you please stay here through the entire malware removal process. Leaving midway can cause more complications as the malware will not be fully removed. Once agian, please stay here until the malware removal process is complete.


Here are some general steps to follow during the clean up procedure:


  • Please print these instructions as well as future instructions as you may have to boot in safe mode and will not be able to access this site via the internet. Another solution is saving these instructions by copying and pasting them into notebook and saving the file in a convenient location.
  • Please be patient as the malware removal process could be lengthy, complex, and at times frustrating. Your cooperation throughout the entire process will benefit you as it will expedite your removal time. Please keep this issue in this post and do not post this same issue on a different site. Doing so can be compared to a patient seeing two different doctors. If the two different doctors are not aware of what medication the other doctor is prescribing, the patient could be risking his life. This is synonymous to a computer's health.
  • Please read (and re-read) the instructions entirely as not following the instructions carefully can produce damaging results.
  • Please tell me how your computer is running in the beginning of each post. Tell me both recurring and new
    issues
    as this added information can shed even more light to the problems you are experiencing.

I have to get my first fix approved by my teacher. I will be back ASAP!
  • 0

#3
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hey, thanks so much for the response! :)

I will copy these instructions into my notepad just in case. My laptop is the one with the problem, so I usually use another desktop computer for internet.

Here's a few things I've been noticing lately. Its harder to get on websites on the internet explorer because ads keep popping up and making it go slow (which is why I use a different computer for internet). Also, I've been noticing that the computer has been having a little bit harder time starting up and shutting down.

Also I don't know if you'd need this info, but the laptop with the problems is an HP Pavilion g7 with Windows 7. :)
  • 0

#4
nathdep

nathdep

    Member

  • Member
  • PipPipPip
  • 587 posts
Hello again cartoonistmusician! :)

Thank you for that extra information!

64bit Operating System Advice:

Your log shows signs that this is a 64 bit machine. HijackThis is not truly compatible on a 64 bit system like yours and it's scan results can not be relied upon. I'm going to need you to run a different scan for myself in due course.

Please follow these instructions very carefully:

First, Scan with OTL:

Please download OTL and save it to your Desktop.

Alternate downloads are here and here.

  • Right-click on OTL.exe and select Run as Administrator to start OTL.
  • Ensure Include 64bit Scans is selected.
  • Under Output, ensure that Standard Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan/Fixes box cut & paste this in:-
netsvcs
baseservices
%systemdrive%\*.exe
C:\program files (x86)\Google\Desktop
C:\program files\Google\Desktop 
dir "%systemdrive%\*" /S /A:L /C
CreateRestorePoint

  • Now click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
  • Please post the contents of these two Notepad files in your next reply.

In your next post be sure to include the following:
  • OTL.txt
  • Extras.txt
  • A report on if you are experiencing any new problems

  • 0

#5
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Ok! Yes, it's 64-bit. :)

Ok, here's the reports from the OCT text file.

OTL logfile created on: 11/29/2013 8:34:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mullins4\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 36.98% Memory free
7.20 Gb Paging File | 4.11 Gb Available in Paging File | 57.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.78 Gb Total Space | 370.63 Gb Free Space | 82.77% Space Free | Partition Type: NTFS
Drive D: | 13.82 Gb Total Space | 1.54 Gb Free Space | 11.17% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.10 Gb Free Space | 27.74% Space Free | Partition Type: FAT32
Drive G: | 3.73 Gb Total Space | 2.07 Gb Free Space | 55.61% Space Free | Partition Type: FAT32

Computer Name: MULLINS4-HP | User Name: mullins4 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/29 20:14:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mullins4\Desktop\OTL.exe
PRC - [2013/11/27 13:10:33 | 000,066,848 | ---- | M] () -- C:\Program Files (x86)\Bizzybolt\bin\utilBizzybolt.exe
PRC - [2013/11/26 04:40:53 | 002,334,384 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
PRC - [2013/11/26 04:40:53 | 001,643,696 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe
PRC - [2013/11/26 04:40:53 | 000,161,968 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\loggingserver.exe
PRC - [2013/11/20 13:46:10 | 000,066,848 | ---- | M] () -- C:\Program Files (x86)\Bizzybolt\updateBizzybolt.exe
PRC - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2013/11/11 19:31:48 | 002,283,808 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
PRC - [2013/11/11 15:42:02 | 000,764,192 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
PRC - [2013/11/09 18:46:18 | 001,162,280 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2013/11/09 18:46:18 | 000,621,608 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
PRC - [2013/11/09 18:42:03 | 000,060,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe
PRC - [2013/11/07 22:03:50 | 004,956,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
PRC - [2013/10/23 13:43:27 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013/10/23 13:43:19 | 001,673,680 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013/10/16 10:18:44 | 003,688,448 | ---- | M] (Adpeak, Inc.) -- C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe
PRC - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/09/08 11:12:26 | 000,860,480 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
PRC - [2013/08/16 18:09:02 | 001,549,120 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2013/08/14 07:23:06 | 000,310,208 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE
PRC - [2013/08/14 07:23:06 | 000,216,000 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2013/05/15 16:05:58 | 000,191,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
PRC - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2013/03/21 13:24:12 | 000,222,368 | ---- | M] () -- C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
PRC - [2012/12/18 05:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/16 04:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
PRC - [2012/10/08 15:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012/09/06 09:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/03/05 12:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 12:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/08/19 13:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/06/27 12:41:08 | 000,168,504 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/06/15 19:58:28 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009/07/13 20:14:30 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\regsvr32.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/26 04:40:53 | 002,334,384 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/11/26 04:40:53 | 000,521,904 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\log4cplusU.dll
MOD - [2013/11/26 04:40:53 | 000,145,072 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\SiteSafety.dll
MOD - [2013/11/22 19:56:03 | 000,599,552 | ---- | M] () -- C:\Users\mullins4\AppData\Local\TLworks\remotedownload.dll
MOD - [2013/11/05 16:06:53 | 000,593,464 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
MOD - [2013/10/10 09:12:04 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/10 09:10:29 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/09/19 17:37:54 | 003,889,152 | ---- | M] () -- C:\Program Files (x86)\MyPC Backup\MPCBIconOverlays.dll
MOD - [2013/09/19 17:32:28 | 000,904,704 | ---- | M] () -- C:\Program Files (x86)\MyPC Backup\x86\System.Data.SQLite.dll
MOD - [2013/09/12 10:47:56 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll
MOD - [2013/08/17 10:29:03 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/15 06:06:31 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5970036570c1e44e8ae0f6f94c1039aa\System.EnterpriseServices.ni.dll
MOD - [2013/08/15 06:06:28 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4ada2213cefea889a5ed6e2fb6839b93\System.Transactions.ni.dll
MOD - [2013/08/15 06:06:25 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/08/15 06:04:23 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/15 06:03:05 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/15 06:02:45 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/08/14 07:22:50 | 000,056,256 | ---- | M] () -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\FSGUI\fsavures.eng
MOD - [2013/07/10 14:22:55 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madbasic_.bpl
MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
MOD - [2012/10/16 04:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
MOD - [2010/11/20 22:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/06/10 16:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/28 03:04:56 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/27 12:55:34 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/10/31 15:12:20 | 000,511,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe -- (Level Quality Watcher)
SRV:64bit: - [2013/10/16 10:18:44 | 003,688,448 | ---- | M] (Adpeak, Inc.) [Auto | Running] -- C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe -- (AdpeakProxy)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/15 22:01:18 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/12/11 12:07:04 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/11/27 13:10:33 | 000,066,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Bizzybolt\bin\utilBizzybolt.exe -- (Util Bizzybolt)
SRV - [2013/11/26 04:40:53 | 001,643,696 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe -- (vToolbarUpdater17.1.3)
SRV - [2013/11/20 13:46:10 | 000,066,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Bizzybolt\updateBizzybolt.exe -- (Update Bizzybolt)
SRV - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/11/09 18:42:03 | 000,060,352 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013/10/23 13:43:27 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013/10/08 15:36:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/09/19 17:45:18 | 000,038,440 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/08/14 07:23:06 | 000,216,000 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2013/05/15 16:05:58 | 000,191,424 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Charter Security Suite\fshoster32.exe -- (fshoster)
SRV - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2013/04/17 18:02:42 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2013/03/21 13:24:12 | 000,222,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe -- (Updater Service for AMZN)
SRV - [2012/12/18 05:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/27 10:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/09/06 09:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/05 12:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/03/01 23:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/27 13:01:24 | 000,883,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013/11/27 12:55:34 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/11/27 12:55:34 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/11/27 12:54:41 | 000,082,600 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/11/27 12:54:41 | 000,042,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2013/11/27 01:20:34 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/11/27 01:20:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/11/27 01:20:34 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/26 04:40:53 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/11/09 19:41:19 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts)
DRV:64bit: - [2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/10/24 22:25:58 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/10/01 00:52:08 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/09/10 00:43:02 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/08/01 16:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/05/22 18:49:32 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2013/05/15 22:06:08 | 000,878,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2013/05/15 22:01:19 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013/04/17 18:05:29 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/04/17 18:02:42 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012/12/03 15:36:34 | 000,081,824 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2012/12/03 15:36:34 | 000,013,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2012/11/15 08:41:06 | 000,015,776 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012/08/21 12:14:10 | 000,772,224 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L6UX264.sys -- (L6UX2)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/23 15:35:56 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/23 15:35:56 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/09 21:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/11/29 19:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/07/28 11:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/02/18 11:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/11/09 19:33:41 | 000,203,120 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2013/11/09 18:46:20 | 000,069,296 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2013/08/14 07:22:44 | 000,013,248 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2013/04/25 12:52:40 | 000,080,832 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\fsni64.sys -- (fsni)
DRV - [2013/03/26 19:34:08 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2013/03/26 19:33:52 | 000,034,336 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2013/03/23 15:48:46 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.nation...tbid=1012895687
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.nation...q={searchTerms}
IE - HKLM\..\SearchScopes\{1}: "URL" = http://www.google.co...utputEncoding?}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\..\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}: "URL" = http://www.amazon.co...s={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...B42ADEF5F&SSPV=
IE - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.nation...q={searchTerms}
IE - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\..\SearchScopes\{1}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....sa&d=2013-11-26 04:42:46&v=17.1.3.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\..\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.1.3.1 [2013/11/26 04:43:30 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (weDownload Manager Pro) - {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho64.dll (weDownload)
O2:64bit: - BHO: (Allyrics-16) - {11111111-1111-1111-1111-110411411178} - C:\Program Files (x86)\Allyrics-16\Allyrics-16-bho64.dll (ExploreKERD)
O2:64bit: - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (ScorpionSaver) - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll ()
O2 - BHO: (weDownload Manager Pro) - {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho.dll (weDownload)
O2 - BHO: (Allyrics-16) - {11111111-1111-1111-1111-110411411178} - C:\Program Files (x86)\Allyrics-16\Allyrics-16-bho.dll (ExploreKERD)
O2 - BHO: (Bizzybolt) - {13070af0-bc6c-4185-8baa-40a4cf05b323} - C:\Program Files (x86)\Bizzybolt\BizzyboltBHO.dll (Bizzybolt)
O2 - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.1\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Nation Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Nation Toolbar\tbunst6854.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.1\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\..\Toolbar\WebBrowser: (Nation Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Nation Toolbar\tbunst6854.tmp\tbcore3.dll ()
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [F-Secure Hoster (42626)] C:\Program Files (x86)\Charter Security Suite\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001..\Run: [Advanced SystemCare 7] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001..\Run: [Amazon Cloud Player] C:\Users\mullins4\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
O4 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001..\Run: [TLworks Update] C:\Windows\SysWow64\regsvr32.exe (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9901F41-210A-4DC0-A46A-C1E440C2AC31}: DhcpNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.3\ViProtocol.dll (AVG Secure Search)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (digest.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (msnsspc.dll) - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/08/04 18:13:52 | 000,000,110 | -H-- | M] () - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{addeee64-1043-11e3-914e-101f74c7470b}\Shell - "" = AutoRun
O33 - MountPoints2\{addeee64-1043-11e3-914e-101f74c7470b}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2703072250-3418364838-736424028-1001\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/11/29 20:22:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mullins4\Desktop\OTL.exe
[2013/11/29 03:21:33 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\Adobe
[2013/11/28 09:56:50 | 000,000,000 | ---D | C] -- C:\Users\mullins4\SyncFolder
[2013/11/28 03:14:01 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013/11/28 03:09:25 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\Amazon Browser Bar
[2013/11/28 03:05:29 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/28 03:05:29 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/28 03:05:18 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/28 03:05:18 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/28 03:05:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/28 03:05:17 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/28 03:05:17 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/28 03:05:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/11/28 03:05:16 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/28 03:05:15 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/28 03:05:15 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/28 03:05:15 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/28 03:05:15 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/28 03:05:14 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/28 03:05:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/11/28 03:05:14 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/11/28 03:05:14 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/11/28 03:05:13 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/28 03:05:13 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/28 03:05:13 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/28 03:05:13 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/11/28 03:05:12 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/28 03:05:12 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/28 03:05:12 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/11/28 03:05:11 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/28 03:05:10 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/28 03:05:09 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/28 03:05:09 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/28 03:05:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/11/28 03:05:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/11/28 03:05:08 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/28 03:05:08 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/28 03:05:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/28 03:05:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/28 03:05:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/11/28 03:05:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/11/28 03:05:07 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/28 03:05:07 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/28 03:05:06 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/28 03:05:06 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/28 03:05:05 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/28 03:05:05 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/28 03:05:05 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/28 03:05:05 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/28 03:05:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/11/28 03:05:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/11/28 03:05:04 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/28 03:05:04 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/28 03:05:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/28 03:05:04 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/28 03:05:03 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/28 03:05:03 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/28 03:05:03 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/28 03:05:03 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/28 03:05:03 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/28 03:05:02 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/28 03:05:02 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/28 03:05:02 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/28 03:05:02 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/28 03:05:02 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/28 03:05:02 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/28 03:05:01 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/28 03:05:01 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/28 03:05:01 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/28 03:05:01 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/28 03:05:01 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/11/28 03:05:00 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/28 03:05:00 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/28 03:05:00 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/28 03:04:59 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/28 03:04:58 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/28 03:04:58 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/11/28 03:04:57 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/11/28 03:04:56 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/28 03:04:56 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/28 03:04:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/11/28 03:04:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/11/28 03:04:55 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/28 03:04:55 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/28 03:04:55 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/11/28 02:10:14 | 000,439,296 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysNative\AdpeakProxy64.dll
[2013/11/28 02:10:03 | 000,338,944 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysWow64\AdpeakProxy.dll
[2013/11/28 02:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\ScorpionSaver Services
[2013/11/28 02:09:21 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\mullins4\Desktop\HijackThis.exe
[2013/11/28 02:09:21 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\mullins4\Desktop\ATF-Cleaner.exe
[2013/11/27 13:01:24 | 000,883,928 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013/11/27 13:01:24 | 000,074,456 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2013/11/27 12:55:37 | 000,118,584 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013/11/27 12:55:37 | 000,076,800 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_12.104.dll
[2013/11/27 12:55:37 | 000,076,288 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2013/11/27 12:55:37 | 000,065,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
[2013/11/27 12:55:37 | 000,064,000 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2013/11/27 12:55:37 | 000,056,320 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
[2013/11/27 12:55:36 | 006,985,624 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013/11/27 12:55:36 | 005,000,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013/11/27 12:55:36 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013/11/27 12:55:36 | 000,112,440 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013/11/27 12:55:35 | 019,870,720 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013/11/27 12:55:34 | 024,229,376 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013/11/27 12:55:34 | 016,082,944 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013/11/27 12:55:34 | 011,658,752 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013/11/27 12:55:34 | 007,233,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013/11/27 12:55:34 | 000,581,120 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013/11/27 12:55:34 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2013/11/27 12:55:34 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013/11/27 12:55:34 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013/11/27 12:55:34 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013/11/27 12:55:34 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013/11/27 12:55:34 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2013/11/27 12:55:34 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013/11/27 12:55:34 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013/11/27 12:55:34 | 000,044,032 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013/11/27 12:55:34 | 000,034,816 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013/11/27 12:55:34 | 000,026,112 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/11/27 12:55:34 | 000,017,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013/11/27 12:55:34 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013/11/27 12:55:34 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2013/11/27 12:55:32 | 013,703,168 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013/11/27 12:55:32 | 000,430,080 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013/11/27 12:55:32 | 000,163,840 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013/11/27 12:55:32 | 000,054,784 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/11/27 12:55:32 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013/11/27 12:55:32 | 000,050,176 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/11/27 12:55:32 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013/11/27 12:55:32 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013/11/27 12:55:32 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2013/11/27 12:55:30 | 029,150,720 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2013/11/27 12:55:27 | 023,810,560 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2013/11/27 12:54:41 | 000,082,600 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_sata.sys
[2013/11/27 12:54:41 | 000,042,664 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_xata.sys
[2013/11/27 12:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2013/11/27 12:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2013/11/27 12:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
[2013/11/27 12:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2013/11/27 04:34:57 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\AVG2014
[2013/11/27 04:33:35 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\TuneUp Software
[2013/11/27 04:33:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/11/27 04:32:47 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/11/27 04:32:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2013/11/27 04:31:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/11/27 04:28:44 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\MFAData
[2013/11/27 04:28:44 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/11/27 04:28:44 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\Avg2014
[2013/11/27 04:28:23 | 004,436,944 | ---- | C] (AVG Technologies) -- C:\Users\mullins4\Desktop\avg_free_stb_all_2014_4259_cnet.exe
[2013/11/27 03:48:17 | 000,027,456 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2013/11/27 01:20:34 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/11/27 01:20:34 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/11/27 01:20:34 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/11/27 01:20:34 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/11/27 01:20:34 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/11/27 01:20:34 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/11/27 01:20:34 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/11/27 01:20:34 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/11/27 01:20:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/11/27 01:20:34 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/11/27 01:20:34 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/11/27 01:20:34 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/11/27 01:20:34 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/11/27 01:20:34 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/11/27 01:20:34 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/11/27 01:20:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/11/27 01:20:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/11/27 01:20:34 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/11/27 01:20:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/11/27 01:17:25 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/11/27 01:17:25 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/11/27 00:48:39 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\Apple Computer
[2013/11/27 00:48:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2013/11/27 00:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2013/11/27 00:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013/11/27 00:48:00 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\IObit
[2013/11/27 00:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
[2013/11/27 00:46:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2013/11/27 00:46:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\weDownload Manager Pro
[2013/11/27 00:46:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Allyrics-16
[2013/11/27 00:46:11 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2013/11/27 00:46:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/11/27 00:44:45 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\SearchProtect
[2013/11/27 00:33:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon Browser Bar
[2013/11/27 00:32:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bizzybolt
[2013/11/27 00:32:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScorpionSaver
[2013/11/27 00:31:21 | 000,000,000 | ---D | C] -- C:\temp
[2013/11/27 00:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\Level Quality Watcher
[2013/11/26 04:43:28 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\AVG SafeGuard toolbar
[2013/11/26 04:42:14 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/11/26 04:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013/11/26 04:41:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013/11/26 04:41:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/11/26 04:39:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/11/25 04:36:49 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Boys of GI cover photo 11-25-13
[2013/11/24 02:14:27 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\{D7CC5DF7-72C0-4F0C-ADC9-F7D0DF454899}
[2013/11/23 02:14:05 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Joel Jameson 11-23-13
[2013/11/22 19:32:12 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\TLworks
[2013/11/20 22:59:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013/11/20 22:59:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2013/11/20 22:59:13 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/11/19 19:28:30 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Phil and Monica 11-19-13
[2013/11/18 17:57:35 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall profile pic 11-18-13
[2013/11/18 14:54:38 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\Malwarebytes
[2013/11/18 14:54:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/14 00:15:00 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall cover photo 11-14-13
[2013/11/13 07:40:16 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/11/13 07:39:41 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/11/13 07:39:39 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/11/13 07:39:39 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/11/13 07:39:39 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/11/13 07:39:38 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/11/13 07:39:08 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/11/13 07:39:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/11/13 07:39:05 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/11/13 07:39:05 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/11/13 07:39:05 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/11/13 07:38:50 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/11/13 07:38:42 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/11/13 07:38:41 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/11/13 07:38:41 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/11/13 07:38:40 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/11/10 03:46:47 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Brandi and Jess picture 11-10-13
[2013/11/09 06:36:00 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall profile picture 11-7-13 full
[2013/11/06 00:08:16 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall profile picture 11-6-13
[2013/11/05 21:55:48 | 000,150,808 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2013/11/05 16:07:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Charter Security Suite
[2013/11/05 16:06:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Charter Security Suite
[2013/11/05 16:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2013/11/05 15:58:37 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\lptmp2142391410
[2013/11/04 21:52:42 | 000,240,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2013/10/31 23:00:18 | 000,212,280 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2013/10/31 22:49:46 | 000,294,712 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2013/05/01 16:25:12 | 009,842,040 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe

========== Files - Modified Within 30 Days ==========

[2013/11/29 20:27:19 | 000,726,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/29 20:27:19 | 000,624,358 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/29 20:27:19 | 000,106,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/29 20:27:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/29 20:14:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mullins4\Desktop\OTL.exe
[2013/11/29 20:03:02 | 000,001,416 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-updater.job
[2013/11/29 20:02:36 | 000,001,348 | ---- | M] () -- C:\Windows\tasks\Allyrics-16-updater.job
[2013/11/29 20:02:34 | 000,002,048 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-chromeinstaller.job
[2013/11/29 20:02:32 | 000,001,318 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-codedownloader.job
[2013/11/29 20:02:32 | 000,001,254 | ---- | M] () -- C:\Windows\tasks\Allyrics-16-codedownloader.job
[2013/11/29 20:02:32 | 000,001,154 | ---- | M] () -- C:\Windows\tasks\Allyrics-16-enabler.job
[2013/11/29 20:02:27 | 000,001,218 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-enabler.job
[2013/11/29 14:25:07 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/29 14:25:07 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/29 14:16:53 | 000,000,596 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2013/11/29 14:16:12 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job
[2013/11/29 14:15:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/29 14:15:53 | 2901,467,136 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/29 03:00:43 | 133,200,385 | ---- | M] () -- C:\Users\mullins4\Documents\Manga Studio Artwork.zip
[2013/11/28 09:56:51 | 000,001,596 | ---- | M] () -- C:\Users\mullins4\Desktop\Sync Folder.lnk
[2013/11/28 03:05:29 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/28 03:05:29 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/28 03:05:18 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/28 03:05:18 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/28 03:05:18 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/28 03:05:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/28 03:05:17 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/28 03:05:16 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/11/28 03:05:16 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/28 03:05:15 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/28 03:05:15 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/28 03:05:15 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/28 03:05:15 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/28 03:05:14 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/28 03:05:14 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/11/28 03:05:14 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/11/28 03:05:14 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/11/28 03:05:14 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/28 03:05:13 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/28 03:05:13 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/28 03:05:13 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/28 03:05:13 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/11/28 03:05:12 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/28 03:05:12 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/28 03:05:12 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/11/28 03:05:11 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/28 03:05:10 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/28 03:05:09 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/28 03:05:09 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/28 03:05:09 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/11/28 03:05:09 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/11/28 03:05:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/28 03:05:08 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/28 03:05:08 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/28 03:05:08 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/28 03:05:08 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/11/28 03:05:08 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/11/28 03:05:07 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/28 03:05:07 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/28 03:05:06 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/28 03:05:06 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/28 03:05:05 | 005,765,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/28 03:05:05 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/28 03:05:05 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/28 03:05:05 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/28 03:05:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/11/28 03:05:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/11/28 03:05:04 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/28 03:05:04 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/28 03:05:04 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/28 03:05:04 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/28 03:05:03 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/28 03:05:03 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/28 03:05:03 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/28 03:05:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/28 03:05:03 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/28 03:05:02 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/28 03:05:02 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/28 03:05:02 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/28 03:05:02 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/28 03:05:02 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/28 03:05:02 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/28 03:05:02 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/28 03:05:01 | 001,993,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/28 03:05:01 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/28 03:05:01 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/28 03:05:01 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/28 03:05:01 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/11/28 03:05:00 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/28 03:05:00 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/28 03:05:00 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/28 03:04:59 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/28 03:04:58 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/28 03:04:58 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/11/28 03:04:57 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/11/28 03:04:57 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/11/28 03:04:56 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/28 03:04:56 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/28 03:04:56 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/11/28 03:04:55 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/28 03:04:55 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/28 03:04:55 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/11/28 02:04:44 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\mullins4\Desktop\HijackThis.exe
[2013/11/28 02:02:22 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\mullins4\Desktop\ATF-Cleaner.exe
[2013/11/27 13:11:21 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFormullins4.job
[2013/11/27 13:07:02 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2013/11/27 13:06:49 | 000,350,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/27 13:01:24 | 000,883,928 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013/11/27 13:01:24 | 000,108,760 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2013/11/27 13:01:24 | 000,074,456 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2013/11/27 12:55:37 | 005,944,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2013/11/27 12:55:37 | 004,450,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2013/11/27 12:55:37 | 003,342,768 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/11/27 12:55:37 | 000,230,836 | ---- | M] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013/11/27 12:55:37 | 000,230,064 | ---- | M] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013/11/27 12:55:37 | 000,222,720 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
[2013/11/27 12:55:37 | 000,204,952 | ---- | M] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/11/27 12:55:37 | 000,204,952 | ---- | M] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/11/27 12:55:37 | 000,157,144 | ---- | M] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/11/27 12:55:37 | 000,157,144 | ---- | M] () -- C:\Windows\SysNative\ativvsva.dat
[2013/11/27 12:55:37 | 000,139,696 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2013/11/27 12:55:37 | 000,118,584 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013/11/27 12:55:37 | 000,076,800 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_12.104.dll
[2013/11/27 12:55:37 | 000,076,288 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2013/11/27 12:55:37 | 000,075,600 | ---- | M] () -- C:\Windows\SysNative\ativce02.dat
[2013/11/27 12:55:37 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
[2013/11/27 12:55:37 | 000,064,000 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2013/11/27 12:55:37 | 000,056,320 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
[2013/11/27 12:55:36 | 019,870,720 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013/11/27 12:55:36 | 006,985,624 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013/11/27 12:55:36 | 005,000,320 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013/11/27 12:55:36 | 003,309,936 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/11/27 12:55:36 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013/11/27 12:55:36 | 000,112,440 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013/11/27 12:55:36 | 000,092,304 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2013/11/27 12:55:36 | 000,003,917 | ---- | M] () -- C:\Windows\SysWow64\atipblag.dat
[2013/11/27 12:55:36 | 000,003,917 | ---- | M] () -- C:\Windows\SysNative\atipblag.dat
[2013/11/27 12:55:35 | 024,229,376 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013/11/27 12:55:35 | 000,044,066 | ---- | M] () -- C:\Windows\atiogl.xml
[2013/11/27 12:55:34 | 016,082,944 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013/11/27 12:55:34 | 013,703,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013/11/27 12:55:34 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013/11/27 12:55:34 | 008,272,136 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2013/11/27 12:55:34 | 007,233,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013/11/27 12:55:34 | 001,155,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2013/11/27 12:55:34 | 000,970,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2013/11/27 12:55:34 | 000,695,006 | ---- | M] () -- C:\Windows\SysNative\atiicdxx.dat
[2013/11/27 12:55:34 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013/11/27 12:55:34 | 000,562,688 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013/11/27 12:55:34 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2013/11/27 12:55:34 | 000,241,152 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013/11/27 12:55:34 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013/11/27 12:55:34 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013/11/27 12:55:34 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013/11/27 12:55:34 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013/11/27 12:55:34 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2013/11/27 12:55:34 | 000,051,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013/11/27 12:55:34 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013/11/27 12:55:34 | 000,044,032 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013/11/27 12:55:34 | 000,034,816 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013/11/27 12:55:34 | 000,026,112 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/11/27 12:55:34 | 000,017,920 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013/11/27 12:55:34 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013/11/27 12:55:34 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2013/11/27 12:55:32 | 000,636,416 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2013/11/27 12:55:32 | 000,522,872 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/11/27 12:55:32 | 000,522,872 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/11/27 12:55:32 | 000,430,080 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013/11/27 12:55:32 | 000,163,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013/11/27 12:55:32 | 000,054,784 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/11/27 12:55:32 | 000,053,248 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013/11/27 12:55:32 | 000,050,176 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/11/27 12:55:32 | 000,044,544 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013/11/27 12:55:32 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013/11/27 12:55:32 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2013/11/27 12:55:31 | 029,150,720 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2013/11/27 12:55:31 | 001,187,342 | ---- | M] () -- C:\Windows\SysNative\amdocl_as64.exe
[2013/11/27 12:55:31 | 001,061,902 | ---- | M] () -- C:\Windows\SysNative\amdocl_ld64.exe
[2013/11/27 12:55:31 | 000,995,342 | ---- | M] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/11/27 12:55:31 | 000,798,734 | ---- | M] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/11/27 12:55:30 | 023,810,560 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2013/11/27 12:54:41 | 000,082,600 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_sata.sys
[2013/11/27 12:54:41 | 000,042,664 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_xata.sys
[2013/11/27 12:40:22 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2013/11/27 12:37:44 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2013/11/27 12:37:27 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2013/11/27 12:35:15 | 000,001,173 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2013/11/27 04:33:35 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/11/27 04:25:42 | 004,436,944 | ---- | M] (AVG Technologies) -- C:\Users\mullins4\Desktop\avg_free_stb_all_2014_4259_cnet.exe
[2013/11/27 01:20:34 | 005,773,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/11/27 01:20:34 | 004,916,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/11/27 01:20:34 | 003,174,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/11/27 01:20:34 | 001,123,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/11/27 01:20:34 | 001,048,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/11/27 01:20:34 | 000,384,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/11/27 01:20:34 | 000,322,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/11/27 01:20:34 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/11/27 01:20:34 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/11/27 01:20:34 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/11/27 01:20:34 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/11/27 01:20:34 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/11/27 01:20:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/11/27 01:20:34 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/11/27 01:20:34 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/11/27 01:20:34 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/11/27 01:20:34 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/11/27 01:20:34 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/11/27 01:20:34 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/11/27 01:20:34 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\tsusbflt.sys.mui
[2013/11/27 01:17:25 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/11/27 01:17:25 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/11/27 00:46:12 | 000,001,097 | ---- | M] () -- C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2013/11/27 00:46:11 | 000,001,087 | ---- | M] () -- C:\Users\mullins4\Desktop\MyPC Backup.lnk
[2013/11/26 04:40:53 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/11/21 17:13:21 | 003,563,102 | ---- | M] () -- C:\Users\mullins4\Desktop\For A Reason (acoustic version).MP3
[2013/11/10 08:30:24 | 004,454,616 | ---- | M] () -- C:\Users\mullins4\Desktop\DB - Meaning of The Word (original Christmas song).mp3
[2013/11/09 19:41:19 | 000,056,016 | ---- | M] () -- C:\Windows\SysNative\drivers\fsbts.sys
[2013/11/09 18:42:48 | 000,019,903 | ---- | M] () -- C:\Windows\prodsett_copy.ini
[2013/11/06 16:07:04 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMULLINS4-HP$.job
[2013/11/06 15:42:12 | 000,005,360 | ---- | M] () -- C:\Windows\SysWow64\AdpeakProxy.ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | M] () -- C:\Windows\SysNative\AdpeakProxy.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | M] () -- C:\Windows\SysWow64\AdpeakProxyOff.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | M] () -- C:\Windows\SysNative\AdpeakProxyOff.ini
[2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2013/11/05 16:07:12 | 000,002,049 | ---- | M] () -- C:\Users\Public\Desktop\Charter Security Suite.lnk
[2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys

========== Files Created - No Company Name ==========

[2013/11/29 02:55:31 | 133,200,385 | ---- | C] () -- C:\Users\mullins4\Documents\Manga Studio Artwork.zip
[2013/11/28 09:56:51 | 000,001,596 | ---- | C] () -- C:\Users\mullins4\Desktop\Sync Folder.lnk
[2013/11/28 03:05:14 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/28 03:05:02 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/27 13:06:32 | 000,350,160 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/27 12:55:37 | 003,342,768 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/11/27 12:55:37 | 000,230,836 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013/11/27 12:55:37 | 000,230,064 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013/11/27 12:55:37 | 000,222,720 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2013/11/27 12:55:37 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/11/27 12:55:37 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/11/27 12:55:37 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/11/27 12:55:37 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2013/11/27 12:55:37 | 000,075,600 | ---- | C] () -- C:\Windows\SysNative\ativce02.dat
[2013/11/27 12:55:36 | 003,309,936 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/11/27 12:55:36 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/11/27 12:55:36 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2013/11/27 12:55:35 | 000,044,066 | ---- | C] () -- C:\Windows\atiogl.xml
[2013/11/27 12:55:34 | 000,695,006 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013/11/27 12:55:32 | 000,522,872 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/11/27 12:55:32 | 000,522,872 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/11/27 12:55:31 | 001,187,342 | ---- | C] () -- C:\Windows\SysNative\amdocl_as64.exe
[2013/11/27 12:55:31 | 001,061,902 | ---- | C] () -- C:\Windows\SysNative\amdocl_ld64.exe
[2013/11/27 12:55:31 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/11/27 12:55:31 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/11/27 12:40:22 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2013/11/27 12:37:45 | 000,017,720 | ---- | C] () -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys
[2013/11/27 12:37:44 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2013/11/27 12:37:32 | 000,000,286 | ---- | C] () -- C:\Windows\tasks\Driver Booster Update.job
[2013/11/27 12:37:27 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2013/11/27 12:35:15 | 000,001,173 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2013/11/27 04:33:35 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/11/27 00:48:00 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2013/11/27 00:47:11 | 000,001,416 | ---- | C] () -- C:\Windows\tasks\weDownload Manager Pro-updater.job
[2013/11/27 00:47:04 | 000,001,218 | ---- | C] () -- C:\Windows\tasks\weDownload Manager Pro-enabler.job
[2013/11/27 00:46:53 | 000,001,348 | ---- | C] () -- C:\Windows\tasks\Allyrics-16-updater.job
[2013/11/27 00:46:51 | 000,001,318 | ---- | C] () -- C:\Windows\tasks\weDownload Manager Pro-codedownloader.job
[2013/11/27 00:46:48 | 000,001,154 | ---- | C] () -- C:\Windows\tasks\Allyrics-16-enabler.job
[2013/11/27 00:46:27 | 000,001,254 | ---- | C] () -- C:\Windows\tasks\Allyrics-16-codedownloader.job
[2013/11/27 00:46:18 | 000,002,048 | ---- | C] () -- C:\Windows\tasks\weDownload Manager Pro-chromeinstaller.job
[2013/11/27 00:46:12 | 000,001,097 | ---- | C] () -- C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2013/11/27 00:46:11 | 000,001,087 | ---- | C] () -- C:\Users\mullins4\Desktop\MyPC Backup.lnk
[2013/11/20 18:47:58 | 003,563,102 | ---- | C] () -- C:\Users\mullins4\Desktop\For A Reason (acoustic version).MP3
[2013/11/10 08:28:33 | 004,454,616 | ---- | C] () -- C:\Users\mullins4\Desktop\DB - Meaning of The Word (original Christmas song).mp3
[2013/11/09 19:34:39 | 000,000,596 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
[2013/11/09 18:43:43 | 000,056,016 | ---- | C] () -- C:\Windows\SysNative\drivers\fsbts.sys
[2013/11/09 18:42:48 | 000,019,903 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | C] () -- C:\Windows\SysWow64\AdpeakProxy.ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | C] () -- C:\Windows\SysNative\AdpeakProxy.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | C] () -- C:\Windows\SysWow64\AdpeakProxyOff.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | C] () -- C:\Windows\SysNative\AdpeakProxyOff.ini
[2013/11/05 16:07:12 | 000,002,049 | ---- | C] () -- C:\Users\Public\Desktop\Charter Security Suite.lnk
[2013/07/17 02:59:01 | 001,229,097 | ---- | C] () -- C:\Windows\unins000.exe
[2013/07/17 02:59:01 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2013/07/17 02:59:01 | 000,076,348 | ---- | C] () -- C:\Windows\unins000.dat
[2013/04/27 08:07:53 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2013/04/27 07:58:40 | 000,005,937 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2013/04/17 08:05:05 | 005,703,413 | ---- | C] () -- C:\Users\mullins4\sample test.pdf
[2013/04/17 08:05:02 | 000,191,751 | ---- | C] () -- C:\Users\mullins4\TCAP REVIEW II_Langdon.pdf
[2013/04/16 17:57:34 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll
[2013/04/16 17:57:34 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat
[2013/04/16 17:16:36 | 000,118,784 | ---- | C] () -- C:\Windows\dsdxirmv.exe
[2013/04/13 15:19:54 | 000,014,848 | ---- | C] () -- C:\Users\mullins4\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 20:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/27 00:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 20:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 22:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 20:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 17:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/09 00:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/08 23:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 22:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 22:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/07/23 15:32:30 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 20:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 20:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 20:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 20:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 22:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 20:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 20:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 20:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 20:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 20:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 12:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 06:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 01:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 20:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 22:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 22:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 20:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 22:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 22:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 22:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 22:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 22:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 22:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 20:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 00:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 22:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 22:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 22:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 22:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 22:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 22:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 22:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 22:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 22:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 20:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 17:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 22:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 22:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %systemdrive%\*.exe >

< C:\program files (x86)\Google\Desktop >

< C:\program files\Google\Desktop >

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is D8E4-4219
Directory of C:\
07/14/2009 12:08 AM <JUNCTION> Documents and Settings [D:\Users]
0 File(s) 0 bytes
Directory of C:\Program Files (x86)\Evernote
07/23/2011 04:03 PM <SYMLINKD> Evernote3.5 [D:\Program Files (x86)\Evernote\Evernote]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/14/2009 12:08 AM <JUNCTION> Application Data [D:\ProgramData]
07/14/2009 12:08 AM <JUNCTION> Desktop [D:\Users\Public\Desktop]
07/14/2009 12:08 AM <JUNCTION> Documents [D:\Users\Public\Documents]
07/14/2009 12:08 AM <JUNCTION> Favorites [D:\Users\Public\Favorites]
07/14/2009 12:08 AM <JUNCTION> Start Menu [D:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:08 AM <JUNCTION> Templates [D:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/14/2009 12:08 AM <SYMLINKD> All Users [D:\ProgramData]
07/14/2009 12:08 AM <JUNCTION> Default User [D:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/14/2009 12:08 AM <JUNCTION> Application Data [D:\Users\Default\AppData\Roaming]
07/14/2009 12:08 AM <JUNCTION> Cookies [D:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/14/2009 12:08 AM <JUNCTION> Local Settings [D:\Users\Default\AppData\Local]
07/14/2009 12:08 AM <JUNCTION> My Documents [D:\Users\Default\Documents]
07/14/2009 12:08 AM <JUNCTION> NetHood [D:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 12:08 AM <JUNCTION> PrintHood [D:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 12:08 AM <JUNCTION> Recent [D:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 12:08 AM <JUNCTION> SendTo [D:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 12:08 AM <JUNCTION> Start Menu [D:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 12:08 AM <JUNCTION> Templates [D:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 12:08 AM <JUNCTION> Application Data [D:\Users\Default\AppData\Local]
07/14/2009 12:08 AM <JUNCTION> History [D:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 12:08 AM <JUNCTION> Temporary Internet Files [D:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 12:08 AM <JUNCTION> My Music [D:\Users\Default\Music]
07/14/2009 12:08 AM <JUNCTION> My Pictures [D:\Users\Default\Pictures]
07/14/2009 12:08 AM <JUNCTION> My Videos [D:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\mullins4
04/09/2013 12:48 PM <JUNCTION> Application Data [C:\Users\mullins4\AppData\Roaming]
04/09/2013 12:48 PM <JUNCTION> Cookies [C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Cookies]
04/09/2013 12:48 PM <JUNCTION> Local Settings [C:\Users\mullins4\AppData\Local]
04/09/2013 12:48 PM <JUNCTION> My Documents [C:\Users\mullins4\Documents]
04/09/2013 12:48 PM <JUNCTION> NetHood [C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
04/09/2013 12:48 PM <JUNCTION> PrintHood [C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
04/09/2013 12:48 PM <JUNCTION> Recent [C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Recent]
04/09/2013 12:48 PM <JUNCTION> SendTo [C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\SendTo]
04/09/2013 12:48 PM <JUNCTION> Start Menu [C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu]
04/09/2013 12:48 PM <JUNCTION> Templates [C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\mullins4\AppData\Local
04/09/2013 12:48 PM <JUNCTION> Application Data [C:\Users\mullins4\AppData\Local]
04/09/2013 12:48 PM <JUNCTION> History [C:\Users\mullins4\AppData\Local\Microsoft\Windows\History]
04/09/2013 12:48 PM <JUNCTION> Temporary Internet Files [C:\Users\mullins4\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\mullins4\Documents
04/09/2013 12:48 PM <JUNCTION> My Music [C:\Users\mullins4\Music]
04/09/2013 12:48 PM <JUNCTION> My Pictures [C:\Users\mullins4\Pictures]
04/09/2013 12:48 PM <JUNCTION> My Videos [C:\Users\mullins4\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 12:08 AM <JUNCTION> My Music [D:\Users\Public\Music]
07/14/2009 12:08 AM <JUNCTION> My Pictures [D:\Users\Public\Pictures]
07/14/2009 12:08 AM <JUNCTION> My Videos [D:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
45 Dir(s) 397,913,268,224 bytes free

< End of report >

And here's the extras...

OTL Extras logfile created on: 11/29/2013 8:34:42 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mullins4\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 36.98% Memory free
7.20 Gb Paging File | 4.11 Gb Available in Paging File | 57.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.78 Gb Total Space | 370.63 Gb Free Space | 82.77% Space Free | Partition Type: NTFS
Drive D: | 13.82 Gb Total Space | 1.54 Gb Free Space | 11.17% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.10 Gb Free Space | 27.74% Space Free | Partition Type: FAT32
Drive G: | 3.73 Gb Total Space | 2.07 Gb Free Space | 55.61% Space Free | Partition Type: FAT32

Computer Name: MULLINS4-HP | User Name: mullins4 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = internetshortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-19\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-20\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"AntivirusOverride" = 0
"UacDisableNotify" = 0
"AntiSpywareDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0716D938-603E-4BC6-AB60-CB34DB910CC4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4950ED03-3633-4551-9527-8C9592DC7A8E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{096A6992-7B8C-4D28-9121-489C043F83DB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1B7D89AB-A14B-4430-A56E-0BA60FDC753C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{38387D9B-EC2F-4BD1-B394-60344CFC75CD}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{384120C7-B147-49C6-9A1A-C6D06FCD764B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{4C30B963-AD91-4355-A144-400FB336D383}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{59CA5D7D-E4E0-42F7-822F-AC4DCCEC19C3}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{70174A77-01E1-4857-87D5-1EA3D823A097}" = protocol=17 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{72C0F6FA-2E35-42D8-BFEA-13ECB3770889}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{80803CE8-31D4-45C0-B781-272451777A56}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{8E01F157-649C-4F40-B621-D7531B20A8FA}" = protocol=6 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{98882D0F-2BB8-4CA0-8E3F-A0DD325B8568}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{9AA4B6A5-20F5-4350-83BD-71FCE625DCF3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{BD68C36E-A25B-4D40-954F-39B9F9CA3EFE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C2365E91-AB9D-465A-9B14-399A024B55F7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{CAE8C7F2-92EB-4CED-A725-725E1EF399BE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{D1851E8F-2D89-400A-8D05-57173F8F52FF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{EE12189A-3AA1-43F7-A06E-89C7AC914702}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"TCP Query User{C482C2D0-0D89-4E2A-811A-453CE22BB7CB}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{10FEF13D-BBFF-425E-B55D-1C9E12CD66B5}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D005A51-8EA5-42F8-B37B-FD30FEEF0D04}" = AVG 2014
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2FD3DC87-EC8D-78D2-1D3A-F4D6E7531BAF}" = AMD Fuel
"{34883B9C-CDFE-46F0-9C5B-935484C218C3}" = AVG 2014
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E810AB6-F34E-49A3-A93F-9E503660F718}" = ScorpionSaver Services
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CAB2212-0732-4827-8EC4-61D8EF0AA65B}" = HP Launch Box
"{ACD449FA-9DF3-779D-DA68-11D486963225}" = AMD Catalyst Install Manager
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBA2849B-6C95-9FD2-7ACC-BF456F1958AA}" = AMD Media Foundation Decoders
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2014
"Bizzybolt" = Bizzybolt
"Cakewalk Studio Instruments_is1" = Studio Instruments 1.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MyPC Backup" = MyPC Backup
"Pen Tablet Driver" = Wacom
"ReasonLimited1.0_64_is1" = Reason Limited 1.0.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000000-2778-5BED-8199-52EB14D8D22F}" = F-Secure CCF Reputation
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21E77392-C30A-4AA2-8CA7-5728316939D6}" = AmpliTube X-GEAR
"{25F3EC6C-BB03-4CEB-B36C-E656A9DD149E}" = HP Documentation
"{26A24AE4-039D-4CA4-87B4-2F83216038FF}" = Java™ 6 Update 38
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3490ECFB-63DE-467F-9E93-0842BEDE6BC9}" = MAGIX Speed burnR (MSI)
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{41564952-412D-5637-00A7-A758B70C0600}" = Avira SearchFree Toolbar
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DEB49FF-61B3-44C2-9495-CC78CE81E481}" = Samplitude Music Studio MX
"{5036764A-435D-40C9-869C-31085A3D741D}" = HP Setup
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5ADBED88-1C19-4F1C-97D9-3E4D9146D9AC}" = MAGIX Screenshare
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{658FDBCA-B7A1-43E4-A849-9F0812473331}" = Computer Security 12.83.104.0 (release)
"{675D093B-815D-47FD-AB2C-192EC751E8E2}" = HP Software Framework
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D4E3662-A321-4D98-84B8-934229348575}" = F-Secure Network CCF 1.02.128
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C0F2FA-8AA8-482C-96E4-A8124F2DC84D}" = ArtRage Studio
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90DFD61B-8224-00C6-3D69-A983B60A394E}" = Bamboo Dock
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}" = Blio
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{999164B6-5B78-4DD3-BACE-7292640AD0DD}" = HP QuickWeb
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B65F9A3-9D24-452A-B6EF-1457D65E4259}" = ScorpionSaver
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DE13C43-6C78-4616-8D3E-F480DEAD774D}" = MAGIX Music Maker MX
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.6) MUI
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B4F17D6A-12A3-5403-6050-32A5B4A31F31}" = Catalyst Control Center InstallProxy
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}" = HP Power Manager
"{DA38B1D4-5E4A-49F5-98B8-2496432E48B4}" = MAGIX Goya burnR (MSI)
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E36439A3-5F71-45B7-B515-7C79AF6A64B8}" = F-Secure CCF Scanning 1.23.124.8831 (release)
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E96CAA2A-0244-4A2A-8403-0C3C9534778B}" = ESU for Microsoft Windows 7 SP1
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB87378B-E64A-4D27-8AB6-0786BAB3AC84}" = Autodesk SketchBook Express 2011 sp2
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F30403FF-0146-4633-AAC5-D5CD5C50AE70}" = Catalyst Control Center - Branding
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{F90F7024-28DA-4EDE-9553-0B134EEC9434}" = Online Safety 2.83.1329.952
"{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1" = Ezvid
"{FCDA0DD0-F899-4529-917C-16ADEA6550B9}" = Charter Security Suite
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Acoustica Mixcraft 6" = Acoustica Mixcraft 6
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 7_is1" = Advanced SystemCare 7
"Allyrics-16" = Allyrics-16
"Amazon Browser Settings" = Amazon Browser Settings
"AudioCreator_is1" = Audio Creator LE 1.5
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"Bamboo Dock" = Bamboo Dock
"Cakewalk Sound Center_is1" = Cakewalk Sound Center 1.0.0
"Cakewalk VST Adapter 4" = Cakewalk VST Adapter 4
"DreamStation DXi2" = DreamStation DXi2
"Driver Booster_is1" = Driver Booster
"F-Secure ServiceEnabler 42626" = Charter Security Suite
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"IObit Malware Fighter_is1" = IObit Malware Fighter
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"Line 6 Uninstaller" = Line 6 Uninstaller
"MAGIX_MSI_mm18" = MAGIX Music Maker MX
"MAGIX_MSI_ms18dlx" = Samplitude Music Studio MX
"Manga Studio Debut 4.0" = Manga Studio Debut 4.0
"Music Creator_is1" = Music Creator 5
"Nation Toolbar" = Nation Toolbar
"Smart Defrag 2_is1" = Smart Defrag 2
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"weDownload Manager Pro" = weDownload Manager Pro
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-040f9784-63f3-4f3e-bd40-1f2a0d8ba6c3" = Mystery of Mortlake Mansion
"WTA-04313254-a794-4c26-9c59-99d35637cc4a" = Poker Superstars III
"WTA-0f534765-bc84-4ade-9cae-c8e928af7749" = FATE
"WTA-0fc7fff4-9218-4898-bd6c-0011c82f799d" = Namco All-Stars: PAC-MAN
"WTA-1a4cf227-ef37-4f42-ad9b-e444dd09c946" = Zuma Deluxe
"WTA-1ee7d6ce-d3d1-46f9-a78a-3bc763fcda9a" = Plants vs. Zombies - Game of the Year
"WTA-32458b74-cad2-46f4-850c-a53230b6e2f7" = Cake Mania
"WTA-337e8765-baaf-4d1b-926a-8a82e5f12da5" = Vacation Quest - The Hawaiian Islands
"WTA-407d98c4-18fc-4ef7-9a97-5a0f2d41b8b5" = Slingo Supreme
"WTA-474094c4-3a4a-4ab9-84af-696becc4a8ee" = Chronicles of Albian
"WTA-4d373d96-4703-490f-9b29-6c81c5d101ab" = Virtual Villagers 5 - New Believers
"WTA-50b62549-7aac-49f1-a53c-6e4e9cd8f102" = Bounce Symphony
"WTA-547178c5-1c36-4c48-b086-f8c624ad8436" = Polar Golfer
"WTA-6eb48837-6c85-43b7-8d75-8665dc4d8c00" = Cradle of Rome 2
"WTA-7108fa79-639f-429d-8b6f-0eef5dbfeec7" = Bejeweled 3
"WTA-799782d6-41a5-4b59-886b-3a656cfdd83f" = Penguins!
"WTA-7e99e67d-5ac1-4b86-94d3-2641f000878c" = Blackhawk Striker 2
"WTA-9082177a-eff6-4fc1-a3fa-a08db2a4da78" = Agatha Christie - Peril at End House
"WTA-960f3a8e-e3b7-4af9-b4d2-6ef888e120e2" = Farm Frenzy
"WTA-9c1fc5cb-3521-464e-b3f7-8ee2e9b25bbf" = Mah Jong Medley
"WTA-a9cd5358-027c-41a9-8c8d-3b4af2c8c7e8" = Chuzzle Deluxe
"WTA-c82b8bad-2c52-469e-bcce-b952cd161642" = Polar Bowler
"WTA-d0695586-6f54-4021-bb3a-dc5d458bb041" = Governor of Poker 2 Premium Edition
"WTA-da2aa372-86b7-4a5a-90f4-2a11efffa968" = Blasterball 3
"WTA-f1ca1cd9-ae6d-48bb-b8bb-f747d5df9934" = Jewel Quest: The Sleepless Star - Collector's Edition

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Amazon Cloud Player" = Amazon Cloud Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/9/2013 9:43:35 PM | Computer Name = mullins4-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 10 2013-11-09 20:43:31-04:00 MULLINS4-HP mullins4-HP\mullins4
F-Secure Anti-Virus Malicious code found in file C:\Users\mullins4\AppData\Local\Adobe\MSXML2.dll.
Infection: Gen:Variant.Kazy.265495

Error - 11/9/2013 9:43:37 PM | Computer Name = mullins4-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 11 2013-11-09 20:43:36-04:00 MULLINS4-HP mullins4-HP\mullins4
F-Secure Anti-Virus Malicious code found in file C:\Users\mullins4\AppData\Local\Adobe\MSXML2.dll.
Infection: Gen:Variant.Kazy.265495

Error - 11/9/2013 9:43:37 PM | Computer Name = mullins4-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 12 2013-11-09 20:43:37-04:00 MULLINS4-HP mullins4-HP\mullins4
F-Secure Anti-Virus Malicious code found in file C:\Users\mullins4\AppData\Local\Hewlett-Packard\Diagnostics\alam.dll.
Infection: Gen:Variant.Zusy.66292

Error - 11/9/2013 9:43:37 PM | Computer Name = mullins4-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 13 2013-11-09 20:43:37-04:00 MULLINS4-HP mullins4-HP\mullins4
F-Secure Anti-Virus Malicious code found in file C:\Users\mullins4\AppData\Local\Adobe\MSXML2.dll.
Infection: Gen:Variant.Kazy.265495

Error - 11/9/2013 9:43:38 PM | Computer Name = mullins4-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 14 2013-11-09 20:43:38-04:00 MULLINS4-HP mullins4-HP\mullins4
F-Secure Anti-Virus Malicious code found in file C:\Users\mullins4\AppData\Local\Hewlett-Packard\Diagnostics\alam.dll.
Infection: Gen:Variant.Zusy.66292

Error - 11/9/2013 9:45:33 PM | Computer Name = mullins4-HP | Source = WinMgmt | ID = 10
Description =

Error - 11/14/2013 1:40:16 PM | Computer Name = mullins4-HP | Source = WinMgmt | ID = 10
Description =

Error - 11/14/2013 1:42:14 PM | Computer Name = mullins4-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 1 2013-11-14 12:42:12-04:00 MULLINS4-HP mullins4-HP\mullins4
F-Secure Anti-Virus Malicious code found in file C:\Users\mullins4\AppData\Roaming\Smith
Micro\Manga Studio_E\Debut\4.0\Preference\InitialFolder\SaveStory\SearchFilterHost.exe.
Infection: Gen:Variant.Kazy.288630

Error - 11/14/2013 1:45:29 PM | Computer Name = mullins4-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 2 2013-11-14 12:45:29-04:00 MULLINS4-HP mullins4-HP\mullins4
F-Secure Anti-Virus Malicious code found in computer MULLINS4-HP. Infection: Gen:Variant.Kazy.288630
Action: The scanner was unable to remove the infection.

Error - 11/14/2013 1:48:31 PM | Computer Name = mullins4-HP | Source = WinMgmt | ID = 10
Description =

Error - 11/15/2013 5:04:41 PM | Computer Name = mullins4-HP | Source = WinMgmt | ID = 10
Description =

[ Hewlett-Packard Events ]
Error - 4/17/2013 6:54:30 PM | Computer Name = mullins4-HP | Source = HPSF.exe | ID = 4000
Description =

[ System Events ]
Error - 7/19/2013 4:33:18 PM | Computer Name = mullins4-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 7/19/2013 4:33:19 PM | Computer Name = mullins4-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 7/20/2013 5:05:54 PM | Computer Name = mullins4-HP | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:04:15 PM on ?7/?20/?2013 was unexpected.

Error - 7/20/2013 5:06:00 PM | Computer Name = mullins4-HP | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll
Error
Code: 126

Error - 7/20/2013 5:06:48 PM | Computer Name = mullins4-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HPWMISVC service.

Error - 7/20/2013 5:11:13 PM | Computer Name = mullins4-HP | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:09:39 PM on ?7/?20/?2013 was unexpected.

Error - 7/20/2013 5:11:18 PM | Computer Name = mullins4-HP | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll
Error
Code: 126

Error - 7/20/2013 5:50:01 PM | Computer Name = mullins4-HP | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll
Error
Code: 126

Error - 7/22/2013 12:20:07 PM | Computer Name = mullins4-HP | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:18:18 PM on ?7/?22/?2013 was unexpected.

Error - 7/22/2013 12:20:12 PM | Computer Name = mullins4-HP | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll
Error
Code: 126


< End of report >

New Problems: Not much new, the computer is just going really slow. But while the OCT was scanning, one of the anti-virus programs did catch a virus, and looking at the details I noticed there was several reports of the same virus being created every few minutes.
  • 0

#6
nathdep

nathdep

    Member

  • Member
  • PipPipPip
  • 587 posts
Hello!

I did notice some things we need to take care of in your logs.

Please follow these instructions very carefully:

First, Run OTL:
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O2 - BHO: (ScorpionSaver) - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll ()
    [2013/11/28 02:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\ScorpionSaver Services
    O23 - Service: Level Quality Watcher - Unknown owner - C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
    [2013/11/27 00:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\Level Quality Watcher
    [2013/11/27 00:46:11 | 000,001,087 | ---- | M] () -- C:\Users\mullins4\Desktop\MyPC Backup.lnk
    
    :Services
    SRV:64bit: - [2013/10/31 15:12:20 | 000,511,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe -- (Level Quality Watcher)
    
    :Commands
    [emptytemp]
    
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Run Scan button. Post the log it produces in your next reply.

Next, you will need to run AdwCleaner:

Please download AdwCleaner (by Xplode) by clicking here and save it to your Desktop.
  • Right click on AdwCleaner.exe and choose Run As Administrator.
  • Click the Scan button:
    Posted Image
  • Please allow the scan to run unhindered.
  • After the scan has finished, click the Report button. A log should open.
  • Copy and paste the contents of this file into your next response.
  • In case you cannot find this log, all of the logs can be found by navigating to C:\AdwCleaner

In your next response be sure to include
  • The OTL Fix log
  • OTL.txt
  • The AdwCleaner log
  • A report on if you are experiencing any new problems

  • 0

#7
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Ok! Here's the OTL fix log.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}\ deleted successfully.
C:\Program Files (x86)\ScorpionSaver\IECore.dll moved successfully.
C:\Program Files\ScorpionSaver Services folder moved successfully.
C:\Program Files\Level Quality Watcher\v1.01 folder moved successfully.
C:\Program Files\Level Quality Watcher folder moved successfully.
C:\Users\mullins4\Desktop\MyPC Backup.lnk moved successfully.
========== SERVICES/DRIVERS ==========
Error: No service named SRV:64bit: - [2013/10/31 15:12:20 | 000,511,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe -- (Level Quality Watcher) was found to stop!
Service\Driver key SRV:64bit: - [2013/10/31 15:12:20 | 000,511,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe -- (Level Quality Watcher) not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User

User: mullins4
->Temp folder emptied: 83338382 bytes
->Temporary Internet Files folder emptied: 370874065 bytes
->Java cache emptied: 17917362 bytes
->Flash cache emptied: 67352 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5720145 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42310724 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 496.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11302013_184224

Files\Folders moved on Reboot...
C:\Users\mullins4\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll moved successfully.
C:\Users\mullins4\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\mullins4\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\AdpeakProxy.log moved successfully.
File move failed. C:\Windows\temp\avg_secure_search.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Here's the OTL.txt...

OTL logfile created on: 11/30/2013 6:56:25 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mullins4\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.81 Gb Available Physical Memory | 50.22% Memory free
7.20 Gb Paging File | 4.93 Gb Available in Paging File | 68.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.78 Gb Total Space | 370.76 Gb Free Space | 82.80% Space Free | Partition Type: NTFS
Drive D: | 13.82 Gb Total Space | 1.54 Gb Free Space | 11.17% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.10 Gb Free Space | 27.74% Space Free | Partition Type: FAT32
Drive G: | 3.73 Gb Total Space | 2.07 Gb Free Space | 55.56% Space Free | Partition Type: FAT32

Computer Name: MULLINS4-HP | User Name: mullins4 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/29 20:14:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mullins4\Desktop\OTL.exe
PRC - [2013/11/27 13:10:33 | 000,066,848 | ---- | M] () -- C:\Program Files (x86)\Bizzybolt\bin\utilBizzybolt.exe
PRC - [2013/11/26 04:40:53 | 002,334,384 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
PRC - [2013/11/26 04:40:53 | 001,643,696 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe
PRC - [2013/11/26 04:40:53 | 000,161,968 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\loggingserver.exe
PRC - [2013/11/20 13:46:10 | 000,066,848 | ---- | M] () -- C:\Program Files (x86)\Bizzybolt\updateBizzybolt.exe
PRC - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2013/11/11 19:31:48 | 002,283,808 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
PRC - [2013/11/11 15:42:02 | 000,764,192 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
PRC - [2013/11/09 18:46:18 | 001,162,280 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2013/11/09 18:46:18 | 000,621,608 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
PRC - [2013/11/09 18:42:03 | 000,060,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe
PRC - [2013/11/07 22:03:50 | 004,956,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
PRC - [2013/10/23 13:43:27 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013/10/23 13:43:19 | 001,673,680 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/09/08 11:12:26 | 000,860,480 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
PRC - [2013/08/16 18:09:02 | 001,549,120 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2013/08/14 07:23:06 | 000,310,208 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE
PRC - [2013/08/14 07:23:06 | 000,216,000 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2013/05/15 16:05:58 | 000,191,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
PRC - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2013/03/21 13:24:12 | 000,222,368 | ---- | M] () -- C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
PRC - [2012/12/18 05:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/16 04:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
PRC - [2012/10/08 15:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012/09/06 09:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/03/05 12:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 12:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/08/19 13:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/06/27 12:41:08 | 000,168,504 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/06/15 19:58:28 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/26 04:40:53 | 002,334,384 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/11/26 04:40:53 | 000,521,904 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\log4cplusU.dll
MOD - [2013/11/26 04:40:53 | 000,145,072 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\SiteSafety.dll
MOD - [2013/11/05 16:06:53 | 000,593,464 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
MOD - [2013/10/10 09:12:04 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/10 09:10:29 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/09/19 17:37:54 | 003,889,152 | ---- | M] () -- C:\Program Files (x86)\MyPC Backup\MPCBIconOverlays.dll
MOD - [2013/09/19 17:32:28 | 000,904,704 | ---- | M] () -- C:\Program Files (x86)\MyPC Backup\x86\System.Data.SQLite.dll
MOD - [2013/08/15 06:06:31 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5970036570c1e44e8ae0f6f94c1039aa\System.EnterpriseServices.ni.dll
MOD - [2013/08/15 06:06:28 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4ada2213cefea889a5ed6e2fb6839b93\System.Transactions.ni.dll
MOD - [2013/08/15 06:06:25 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/08/15 06:04:23 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/15 06:03:05 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/15 06:02:45 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/08/14 07:22:50 | 000,056,256 | ---- | M] () -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\FSGUI\fsavures.eng
MOD - [2013/07/10 14:22:55 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madbasic_.bpl
MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
MOD - [2012/10/16 04:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
MOD - [2010/11/20 22:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/06/10 16:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe run options=01110010000000000000000000000000 sourceguid=8F71DB22-A8DF-4C0D-A26C-2142A9317F6A -- (Level Quality Watcher)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe -- (AdpeakProxy)
SRV:64bit: - [2013/11/28 03:04:56 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/27 12:55:34 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/15 22:01:18 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/12/11 12:07:04 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/11/27 13:10:33 | 000,066,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Bizzybolt\bin\utilBizzybolt.exe -- (Util Bizzybolt)
SRV - [2013/11/26 04:40:53 | 001,643,696 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe -- (vToolbarUpdater17.1.3)
SRV - [2013/11/20 13:46:10 | 000,066,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Bizzybolt\updateBizzybolt.exe -- (Update Bizzybolt)
SRV - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/11/09 18:42:03 | 000,060,352 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013/10/23 13:43:27 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013/10/08 15:36:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/09/19 17:45:18 | 000,038,440 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/08/14 07:23:06 | 000,216,000 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2013/05/15 16:05:58 | 000,191,424 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Charter Security Suite\fshoster32.exe -- (fshoster)
SRV - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2013/04/17 18:02:42 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2013/03/21 13:24:12 | 000,222,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe -- (Updater Service for AMZN)
SRV - [2012/12/18 05:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/27 10:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/09/06 09:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/05 12:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/03/01 23:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/27 13:01:24 | 000,883,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013/11/27 12:55:34 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/11/27 12:55:34 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/11/27 12:54:41 | 000,082,600 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/11/27 12:54:41 | 000,042,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2013/11/27 01:20:34 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/11/27 01:20:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/11/27 01:20:34 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/26 04:40:53 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/11/09 19:41:19 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts)
DRV:64bit: - [2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/10/24 22:25:58 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/10/01 00:52:08 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/09/10 00:43:02 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/08/01 16:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/05/22 18:49:32 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2013/05/15 22:06:08 | 000,878,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2013/05/15 22:01:19 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013/04/17 18:05:29 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/04/17 18:02:42 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012/12/03 15:36:34 | 000,081,824 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2012/12/03 15:36:34 | 000,013,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2012/11/15 08:41:06 | 000,015,776 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012/08/21 12:14:10 | 000,772,224 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L6UX264.sys -- (L6UX2)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/23 15:35:56 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/23 15:35:56 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/09 21:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/11/29 19:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/07/28 11:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/02/18 11:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/11/09 19:33:41 | 000,203,120 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2013/11/09 18:46:20 | 000,069,296 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2013/08/14 07:22:44 | 000,013,248 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2013/04/25 12:52:40 | 000,080,832 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\fsni64.sys -- (fsni)
DRV - [2013/03/26 19:34:08 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2013/03/26 19:33:52 | 000,034,336 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2013/03/23 15:48:46 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.nation...tbid=1012895687
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.nation...q={searchTerms}
IE - HKLM\..\SearchScopes\{1}: "URL" = http://www.google.co...utputEncoding?}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\..\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}: "URL" = http://www.amazon.co...s={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...B42ADEF5F&SSPV=
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.nation...q={searchTerms}
IE - HKCU\..\SearchScopes\{1}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....sa&d=2013-11-26 04:42:46&v=17.1.3.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\..\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.1.3.1 [2013/11/26 04:43:30 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (weDownload Manager Pro) - {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho64.dll (weDownload)
O2:64bit: - BHO: (Allyrics-16) - {11111111-1111-1111-1111-110411411178} - C:\Program Files (x86)\Allyrics-16\Allyrics-16-bho64.dll (ExploreKERD)
O2:64bit: - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (weDownload Manager Pro) - {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho.dll (weDownload)
O2 - BHO: (Allyrics-16) - {11111111-1111-1111-1111-110411411178} - C:\Program Files (x86)\Allyrics-16\Allyrics-16-bho.dll (ExploreKERD)
O2 - BHO: (Bizzybolt) - {13070af0-bc6c-4185-8baa-40a4cf05b323} - C:\Program Files (x86)\Bizzybolt\BizzyboltBHO.dll (Bizzybolt)
O2 - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.1\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Nation Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Nation Toolbar\tbunst6854.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.1\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKCU\..\Toolbar\WebBrowser: (Nation Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Nation Toolbar\tbunst6854.tmp\tbcore3.dll ()
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [F-Secure Hoster (42626)] C:\Program Files (x86)\Charter Security Suite\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKCU..\Run: [Advanced SystemCare 7] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Amazon Cloud Player] C:\Users\mullins4\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
O4 - HKCU..\Run: [TLworks Update] C:\Windows\SysWow64\regsvr32.exe (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9901F41-210A-4DC0-A46A-C1E440C2AC31}: DhcpNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.3\ViProtocol.dll (AVG Secure Search)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (digest.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (msnsspc.dll) - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/08/04 18:13:52 | 000,000,110 | -H-- | M] () - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{addeee64-1043-11e3-914e-101f74c7470b}\Shell - "" = AutoRun
O33 - MountPoints2\{addeee64-1043-11e3-914e-101f74c7470b}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/30 18:42:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/29 20:22:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mullins4\Desktop\OTL.exe
[2013/11/29 03:21:33 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\Adobe
[2013/11/28 09:56:50 | 000,000,000 | ---D | C] -- C:\Users\mullins4\SyncFolder
[2013/11/28 03:14:01 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013/11/28 03:09:25 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\Amazon Browser Bar
[2013/11/28 03:05:29 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/28 03:05:29 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/28 03:05:18 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/28 03:05:18 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/28 03:05:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/28 03:05:17 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/28 03:05:17 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/28 03:05:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/11/28 03:05:16 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/28 03:05:15 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/28 03:05:15 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/28 03:05:15 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/28 03:05:15 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/28 03:05:14 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/28 03:05:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/11/28 03:05:14 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/11/28 03:05:14 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/11/28 03:05:13 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/28 03:05:13 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/28 03:05:13 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/28 03:05:13 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/11/28 03:05:12 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/28 03:05:12 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/28 03:05:12 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/11/28 03:05:11 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/28 03:05:10 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/28 03:05:09 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/28 03:05:09 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/28 03:05:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/11/28 03:05:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/11/28 03:05:08 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/28 03:05:08 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/28 03:05:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/28 03:05:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/28 03:05:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/11/28 03:05:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/11/28 03:05:07 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/28 03:05:07 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/28 03:05:06 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/28 03:05:06 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/28 03:05:05 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/28 03:05:05 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/28 03:05:05 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/28 03:05:05 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/28 03:05:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/11/28 03:05:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/11/28 03:05:04 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/28 03:05:04 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/28 03:05:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/28 03:05:04 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/28 03:05:03 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/28 03:05:03 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/28 03:05:03 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/28 03:05:03 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/28 03:05:03 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/28 03:05:02 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/28 03:05:02 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/28 03:05:02 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/28 03:05:02 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/28 03:05:02 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/28 03:05:02 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/28 03:05:01 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/28 03:05:01 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/28 03:05:01 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/28 03:05:01 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/28 03:05:01 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/11/28 03:05:00 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/28 03:05:00 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/28 03:05:00 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/28 03:04:59 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/28 03:04:58 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/28 03:04:58 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/11/28 03:04:57 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/11/28 03:04:56 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/28 03:04:56 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/28 03:04:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/11/28 03:04:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/11/28 03:04:55 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/28 03:04:55 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/28 03:04:55 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/11/28 02:10:14 | 000,439,296 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysNative\AdpeakProxy64.dll
[2013/11/28 02:10:03 | 000,338,944 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysWow64\AdpeakProxy.dll
[2013/11/28 02:09:21 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\mullins4\Desktop\HijackThis.exe
[2013/11/28 02:09:21 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\mullins4\Desktop\ATF-Cleaner.exe
[2013/11/27 13:01:24 | 000,883,928 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013/11/27 13:01:24 | 000,074,456 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2013/11/27 12:55:37 | 000,118,584 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013/11/27 12:55:37 | 000,076,800 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_12.104.dll
[2013/11/27 12:55:37 | 000,076,288 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2013/11/27 12:55:37 | 000,065,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
[2013/11/27 12:55:37 | 000,064,000 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2013/11/27 12:55:37 | 000,056,320 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
[2013/11/27 12:55:36 | 006,985,624 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013/11/27 12:55:36 | 005,000,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013/11/27 12:55:36 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013/11/27 12:55:36 | 000,112,440 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013/11/27 12:55:35 | 019,870,720 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013/11/27 12:55:34 | 024,229,376 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013/11/27 12:55:34 | 016,082,944 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013/11/27 12:55:34 | 011,658,752 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013/11/27 12:55:34 | 007,233,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013/11/27 12:55:34 | 000,581,120 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013/11/27 12:55:34 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2013/11/27 12:55:34 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013/11/27 12:55:34 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013/11/27 12:55:34 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013/11/27 12:55:34 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013/11/27 12:55:34 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2013/11/27 12:55:34 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013/11/27 12:55:34 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013/11/27 12:55:34 | 000,044,032 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013/11/27 12:55:34 | 000,034,816 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013/11/27 12:55:34 | 000,026,112 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/11/27 12:55:34 | 000,017,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013/11/27 12:55:34 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013/11/27 12:55:34 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2013/11/27 12:55:32 | 013,703,168 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013/11/27 12:55:32 | 000,430,080 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013/11/27 12:55:32 | 000,163,840 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013/11/27 12:55:32 | 000,054,784 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/11/27 12:55:32 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013/11/27 12:55:32 | 000,050,176 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/11/27 12:55:32 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013/11/27 12:55:32 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013/11/27 12:55:32 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2013/11/27 12:55:30 | 029,150,720 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2013/11/27 12:55:27 | 023,810,560 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2013/11/27 12:54:41 | 000,082,600 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_sata.sys
[2013/11/27 12:54:41 | 000,042,664 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_xata.sys
[2013/11/27 12:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2013/11/27 12:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2013/11/27 12:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
[2013/11/27 12:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2013/11/27 04:34:57 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\AVG2014
[2013/11/27 04:33:35 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\TuneUp Software
[2013/11/27 04:33:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/11/27 04:32:47 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/11/27 04:32:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2013/11/27 04:31:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/11/27 04:28:44 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\MFAData
[2013/11/27 04:28:44 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/11/27 04:28:44 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\Avg2014
[2013/11/27 04:28:23 | 004,436,944 | ---- | C] (AVG Technologies) -- C:\Users\mullins4\Desktop\avg_free_stb_all_2014_4259_cnet.exe
[2013/11/27 03:48:17 | 000,027,456 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2013/11/27 01:20:34 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/11/27 01:20:34 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/11/27 01:20:34 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/11/27 01:20:34 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/11/27 01:20:34 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/11/27 01:20:34 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/11/27 01:20:34 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/11/27 01:20:34 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/11/27 01:20:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/11/27 01:20:34 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/11/27 01:20:34 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/11/27 01:20:34 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/11/27 01:20:34 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/11/27 01:20:34 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/11/27 01:20:34 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/11/27 01:20:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/11/27 01:20:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/11/27 01:20:34 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/11/27 01:20:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/11/27 01:17:25 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/11/27 01:17:25 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/11/27 00:48:39 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\Apple Computer
[2013/11/27 00:48:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2013/11/27 00:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2013/11/27 00:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013/11/27 00:48:00 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\IObit
[2013/11/27 00:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
[2013/11/27 00:46:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2013/11/27 00:46:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\weDownload Manager Pro
[2013/11/27 00:46:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Allyrics-16
[2013/11/27 00:46:11 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2013/11/27 00:46:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/11/27 00:44:45 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\SearchProtect
[2013/11/27 00:33:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon Browser Bar
[2013/11/27 00:32:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bizzybolt
[2013/11/27 00:32:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScorpionSaver
[2013/11/27 00:31:21 | 000,000,000 | ---D | C] -- C:\temp
[2013/11/26 04:43:28 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\AVG SafeGuard toolbar
[2013/11/26 04:42:14 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/11/26 04:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013/11/26 04:41:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013/11/26 04:41:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/11/26 04:39:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/11/25 04:36:49 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Boys of GI cover photo 11-25-13
[2013/11/24 02:14:27 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\{D7CC5DF7-72C0-4F0C-ADC9-F7D0DF454899}
[2013/11/23 02:14:05 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Joel Jameson 11-23-13
[2013/11/22 19:32:12 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\TLworks
[2013/11/20 22:59:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013/11/20 22:59:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2013/11/20 22:59:13 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/11/19 19:28:30 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Phil and Monica 11-19-13
[2013/11/18 17:57:35 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall profile pic 11-18-13
[2013/11/18 14:54:38 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\Malwarebytes
[2013/11/18 14:54:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/14 00:15:00 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall cover photo 11-14-13
[2013/11/13 07:40:16 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/11/13 07:39:41 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/11/13 07:39:39 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/11/13 07:39:39 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/11/13 07:39:39 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/11/13 07:39:38 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/11/13 07:39:08 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/11/13 07:39:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/11/13 07:39:05 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/11/13 07:39:05 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/11/13 07:39:05 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/11/13 07:38:50 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/11/13 07:38:42 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/11/13 07:38:41 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/11/13 07:38:41 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/11/13 07:38:40 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/11/10 03:46:47 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Brandi and Jess picture 11-10-13
[2013/11/09 06:36:00 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall profile picture 11-7-13 full
[2013/11/06 00:08:16 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall profile picture 11-6-13
[2013/11/05 21:55:48 | 000,150,808 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2013/11/05 16:07:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Charter Security Suite
[2013/11/05 16:06:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Charter Security Suite
[2013/11/05 16:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2013/11/05 15:58:37 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\lptmp2142391410
[2013/11/04 21:52:42 | 000,240,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2013/10/31 23:00:18 | 000,212,280 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2013/10/31 22:49:46 | 000,294,712 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2013/05/01 16:25:12 | 009,842,040 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe

========== Files - Modified Within 30 Days ==========

[2013/11/30 19:00:04 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/30 19:00:04 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/30 18:52:10 | 000,001,416 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-updater.job
[2013/11/30 18:52:04 | 000,001,348 | ---- | M] () -- C:\Windows\tasks\Allyrics-16-updater.job
[2013/11/30 18:51:57 | 000,002,048 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-chromeinstaller.job
[2013/11/30 18:51:56 | 000,001,318 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-codedownloader.job
[2013/11/30 18:51:56 | 000,001,254 | ---- | M] () -- C:\Windows\tasks\Allyrics-16-codedownloader.job
[2013/11/30 18:51:56 | 000,001,218 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-enabler.job
[2013/11/30 18:51:56 | 000,001,154 | ---- | M] () -- C:\Windows\tasks\Allyrics-16-enabler.job
[2013/11/30 18:51:55 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job
[2013/11/30 18:51:46 | 000,000,596 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2013/11/30 18:51:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/30 18:51:36 | 2901,467,136 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/30 18:45:12 | 000,624,358 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/30 18:45:12 | 000,106,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/30 18:45:11 | 000,726,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/30 18:36:10 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2013/11/29 20:27:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/29 20:14:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mullins4\Desktop\OTL.exe
[2013/11/29 03:00:43 | 133,200,385 | ---- | M] () -- C:\Users\mullins4\Documents\Manga Studio Artwork.zip
[2013/11/28 09:56:51 | 000,001,596 | ---- | M] () -- C:\Users\mullins4\Desktop\Sync Folder.lnk
[2013/11/28 03:05:29 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/28 03:05:29 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/28 03:05:18 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/28 03:05:18 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/28 03:05:18 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/28 03:05:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/28 03:05:17 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/28 03:05:16 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/11/28 03:05:16 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/28 03:05:15 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/28 03:05:15 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/28 03:05:15 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/28 03:05:15 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/28 03:05:14 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/28 03:05:14 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/11/28 03:05:14 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/11/28 03:05:14 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/11/28 03:05:14 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/28 03:05:13 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/28 03:05:13 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/28 03:05:13 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/28 03:05:13 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/11/28 03:05:12 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/28 03:05:12 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/28 03:05:12 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/11/28 03:05:11 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/28 03:05:10 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/28 03:05:09 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/28 03:05:09 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/28 03:05:09 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/11/28 03:05:09 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/11/28 03:05:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/28 03:05:08 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/28 03:05:08 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/28 03:05:08 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/28 03:05:08 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/11/28 03:05:08 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/11/28 03:05:07 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/28 03:05:07 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/28 03:05:06 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/28 03:05:06 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/28 03:05:05 | 005,765,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/28 03:05:05 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/28 03:05:05 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/28 03:05:05 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/28 03:05:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/11/28 03:05:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/11/28 03:05:04 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/28 03:05:04 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/28 03:05:04 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/28 03:05:04 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/28 03:05:03 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/28 03:05:03 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/28 03:05:03 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/28 03:05:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/28 03:05:03 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/28 03:05:02 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/28 03:05:02 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/28 03:05:02 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/28 03:05:02 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/28 03:05:02 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/28 03:05:02 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/28 03:05:02 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/28 03:05:01 | 001,993,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/28 03:05:01 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/28 03:05:01 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/28 03:05:01 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/28 03:05:01 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/11/28 03:05:00 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/28 03:05:00 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/28 03:05:00 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/28 03:04:59 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/28 03:04:58 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/28 03:04:58 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/11/28 03:04:57 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/11/28 03:04:57 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/11/28 03:04:56 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/28 03:04:56 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/28 03:04:56 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/11/28 03:04:55 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/28 03:04:55 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/28 03:04:55 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/11/28 02:04:44 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\mullins4\Desktop\HijackThis.exe
[2013/11/28 02:02:22 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\mullins4\Desktop\ATF-Cleaner.exe
[2013/11/27 13:11:21 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFormullins4.job
[2013/11/27 13:06:49 | 000,350,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/27 13:01:24 | 000,883,928 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013/11/27 13:01:24 | 000,108,760 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2013/11/27 13:01:24 | 000,074,456 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2013/11/27 12:55:37 | 005,944,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2013/11/27 12:55:37 | 004,450,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2013/11/27 12:55:37 | 003,342,768 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/11/27 12:55:37 | 000,230,836 | ---- | M] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013/11/27 12:55:37 | 000,230,064 | ---- | M] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013/11/27 12:55:37 | 000,222,720 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
[2013/11/27 12:55:37 | 000,204,952 | ---- | M] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/11/27 12:55:37 | 000,204,952 | ---- | M] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/11/27 12:55:37 | 000,157,144 | ---- | M] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/11/27 12:55:37 | 000,157,144 | ---- | M] () -- C:\Windows\SysNative\ativvsva.dat
[2013/11/27 12:55:37 | 000,139,696 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2013/11/27 12:55:37 | 000,118,584 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013/11/27 12:55:37 | 000,076,800 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_12.104.dll
[2013/11/27 12:55:37 | 000,076,288 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2013/11/27 12:55:37 | 000,075,600 | ---- | M] () -- C:\Windows\SysNative\ativce02.dat
[2013/11/27 12:55:37 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
[2013/11/27 12:55:37 | 000,064,000 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2013/11/27 12:55:37 | 000,056,320 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
[2013/11/27 12:55:36 | 019,870,720 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013/11/27 12:55:36 | 006,985,624 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013/11/27 12:55:36 | 005,000,320 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013/11/27 12:55:36 | 003,309,936 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/11/27 12:55:36 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013/11/27 12:55:36 | 000,112,440 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013/11/27 12:55:36 | 000,092,304 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2013/11/27 12:55:36 | 000,003,917 | ---- | M] () -- C:\Windows\SysWow64\atipblag.dat
[2013/11/27 12:55:36 | 000,003,917 | ---- | M] () -- C:\Windows\SysNative\atipblag.dat
[2013/11/27 12:55:35 | 024,229,376 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013/11/27 12:55:35 | 000,044,066 | ---- | M] () -- C:\Windows\atiogl.xml
[2013/11/27 12:55:34 | 016,082,944 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013/11/27 12:55:34 | 013,703,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013/11/27 12:55:34 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013/11/27 12:55:34 | 008,272,136 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2013/11/27 12:55:34 | 007,233,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013/11/27 12:55:34 | 001,155,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2013/11/27 12:55:34 | 000,970,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2013/11/27 12:55:34 | 000,695,006 | ---- | M] () -- C:\Windows\SysNative\atiicdxx.dat
[2013/11/27 12:55:34 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013/11/27 12:55:34 | 000,562,688 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013/11/27 12:55:34 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2013/11/27 12:55:34 | 000,241,152 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013/11/27 12:55:34 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013/11/27 12:55:34 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013/11/27 12:55:34 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013/11/27 12:55:34 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013/11/27 12:55:34 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2013/11/27 12:55:34 | 000,051,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013/11/27 12:55:34 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013/11/27 12:55:34 | 000,044,032 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013/11/27 12:55:34 | 000,034,816 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013/11/27 12:55:34 | 000,026,112 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/11/27 12:55:34 | 000,017,920 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013/11/27 12:55:34 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013/11/27 12:55:34 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2013/11/27 12:55:32 | 000,636,416 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2013/11/27 12:55:32 | 000,522,872 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/11/27 12:55:32 | 000,522,872 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/11/27 12:55:32 | 000,430,080 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013/11/27 12:55:32 | 000,163,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013/11/27 12:55:32 | 000,054,784 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/11/27 12:55:32 | 000,053,248 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013/11/27 12:55:32 | 000,050,176 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/11/27 12:55:32 | 000,044,544 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013/11/27 12:55:32 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013/11/27 12:55:32 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2013/11/27 12:55:31 | 029,150,720 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2013/11/27 12:55:31 | 001,187,342 | ---- | M] () -- C:\Windows\SysNative\amdocl_as64.exe
[2013/11/27 12:55:31 | 001,061,902 | ---- | M] () -- C:\Windows\SysNative\amdocl_ld64.exe
[2013/11/27 12:55:31 | 000,995,342 | ---- | M] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/11/27 12:55:31 | 000,798,734 | ---- | M] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/11/27 12:55:30 | 023,810,560 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2013/11/27 12:54:41 | 000,082,600 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_sata.sys
[2013/11/27 12:54:41 | 000,042,664 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_xata.sys
[2013/11/27 12:40:22 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2013/11/27 12:37:44 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2013/11/27 12:37:27 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2013/11/27 12:35:15 | 000,001,173 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2013/11/27 04:33:35 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/11/27 04:25:42 | 004,436,944 | ---- | M] (AVG Technologies) -- C:\Users\mullins4\Desktop\avg_free_stb_all_2014_4259_cnet.exe
[2013/11/27 01:20:34 | 005,773,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/11/27 01:20:34 | 004,916,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/11/27 01:20:34 | 003,174,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/11/27 01:20:34 | 001,123,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/11/27 01:20:34 | 001,048,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/11/27 01:20:34 | 000,384,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/11/27 01:20:34 | 000,322,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/11/27 01:20:34 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/11/27 01:20:34 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/11/27 01:20:34 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/11/27 01:20:34 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/11/27 01:20:34 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/11/27 01:20:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/11/27 01:20:34 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/11/27 01:20:34 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/11/27 01:20:34 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/11/27 01:20:34 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/11/27 01:20:34 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/11/27 01:20:34 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/11/27 01:20:34 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\tsusbflt.sys.mui
[2013/11/27 01:17:25 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/11/27 01:17:25 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/11/27 00:46:12 | 000,001,097 | ---- | M] () -- C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2013/11/26 04:40:53 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/11/21 17:13:21 | 003,563,102 | ---- | M] () -- C:\Users\mullins4\Desktop\For A Reason (acoustic version).MP3
[2013/11/10 08:30:24 | 004,454,616 | ---- | M] () -- C:\Users\mullins4\Desktop\DB - Meaning of The Word (original Christmas song).mp3
[2013/11/09 19:41:19 | 000,056,016 | ---- | M] () -- C:\Windows\SysNative\drivers\fsbts.sys
[2013/11/09 18:42:48 | 000,019,903 | ---- | M] () -- C:\Windows\prodsett_copy.ini
[2013/11/06 16:07:04 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMULLINS4-HP$.job
[2013/11/06 15:42:12 | 000,005,360 | ---- | M] () -- C:\Windows\SysWow64\AdpeakProxy.ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | M] () -- C:\Windows\SysNative\AdpeakProxy.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | M] () -- C:\Windows\SysWow64\AdpeakProxyOff.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | M] () -- C:\Windows\SysNative\AdpeakProxyOff.ini
[2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2013/11/05 16:07:12 | 000,002,049 | ---- | M] () -- C:\Users\Public\Desktop\Charter Security Suite.lnk
[2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys

========== Files Created - No Company Name ==========

[2013/11/29 02:55:31 | 133,200,385 | ---- | C] () -- C:\Users\mullins4\Documents\Manga Studio Artwork.zip
[2013/11/28 09:56:51 | 000,001,596 | ---- | C] () -- C:\Users\mullins4\Desktop\Sync Folder.lnk
[2013/11/28 03:05:14 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/28 03:05:02 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/27 13:06:32 | 000,350,160 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/27 12:55:37 | 003,342,768 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/11/27 12:55:37 | 000,230,836 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013/11/27 12:55:37 | 000,230,064 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013/11/27 12:55:37 | 000,222,720 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2013/11/27 12:55:37 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/11/27 12:55:37 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/11/27 12:55:37 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/11/27 12:55:37 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2013/11/27 12:55:37 | 000,075,600 | ---- | C] () -- C:\Windows\SysNative\ativce02.dat
[2013/11/27 12:55:36 | 003,309,936 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/11/27 12:55:36 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/11/27 12:55:36 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2013/11/27 12:55:35 | 000,044,066 | ---- | C] () -- C:\Windows\atiogl.xml
[2013/11/27 12:55:34 | 000,695,006 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013/11/27 12:55:32 | 000,522,872 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/11/27 12:55:32 | 000,522,872 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/11/27 12:55:31 | 001,187,342 | ---- | C] () -- C:\Windows\SysNative\amdocl_as64.exe
[2013/11/27 12:55:31 | 001,061,902 | ---- | C] () -- C:\Windows\SysNative\amdocl_ld64.exe
[2013/11/27 12:55:31 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/11/27 12:55:31 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/11/27 12:40:22 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2013/11/27 12:37:45 | 000,017,720 | ---- | C] () -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys
[2013/11/27 12:37:44 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2013/11/27 12:37:32 | 000,000,286 | ---- | C] () -- C:\Windows\tasks\Driver Booster Update.job
[2013/11/27 12:37:27 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2013/11/27 12:35:15 | 000,001,173 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2013/11/27 04:33:35 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/11/27 00:48:00 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2013/11/27 00:47:11 | 000,001,416 | ---- | C] () -- C:\Windows\tasks\weDownload Manager Pro-updater.job
[2013/11/27 00:47:04 | 000,001,218 | ---- | C] () -- C:\Windows\tasks\weDownload Manager Pro-enabler.job
[2013/11/27 00:46:53 | 000,001,348 | ---- | C] () -- C:\Windows\tasks\Allyrics-16-updater.job
[2013/11/27 00:46:51 | 000,001,318 | ---- | C] () -- C:\Windows\tasks\weDownload Manager Pro-codedownloader.job
[2013/11/27 00:46:48 | 000,001,154 | ---- | C] () -- C:\Windows\tasks\Allyrics-16-enabler.job
[2013/11/27 00:46:27 | 000,001,254 | ---- | C] () -- C:\Windows\tasks\Allyrics-16-codedownloader.job
[2013/11/27 00:46:18 | 000,002,048 | ---- | C] () -- C:\Windows\tasks\weDownload Manager Pro-chromeinstaller.job
[2013/11/27 00:46:12 | 000,001,097 | ---- | C] () -- C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2013/11/20 18:47:58 | 003,563,102 | ---- | C] () -- C:\Users\mullins4\Desktop\For A Reason (acoustic version).MP3
[2013/11/10 08:28:33 | 004,454,616 | ---- | C] () -- C:\Users\mullins4\Desktop\DB - Meaning of The Word (original Christmas song).mp3
[2013/11/09 19:34:39 | 000,000,596 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
[2013/11/09 18:43:43 | 000,056,016 | ---- | C] () -- C:\Windows\SysNative\drivers\fsbts.sys
[2013/11/09 18:42:48 | 000,019,903 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | C] () -- C:\Windows\SysWow64\AdpeakProxy.ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | C] () -- C:\Windows\SysNative\AdpeakProxy.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | C] () -- C:\Windows\SysWow64\AdpeakProxyOff.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | C] () -- C:\Windows\SysNative\AdpeakProxyOff.ini
[2013/11/05 16:07:12 | 000,002,049 | ---- | C] () -- C:\Users\Public\Desktop\Charter Security Suite.lnk
[2013/07/17 02:59:01 | 001,229,097 | ---- | C] () -- C:\Windows\unins000.exe
[2013/07/17 02:59:01 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2013/07/17 02:59:01 | 000,076,348 | ---- | C] () -- C:\Windows\unins000.dat
[2013/04/27 08:07:53 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2013/04/27 07:58:40 | 000,005,937 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2013/04/17 08:05:05 | 005,703,413 | ---- | C] () -- C:\Users\mullins4\sample test.pdf
[2013/04/17 08:05:02 | 000,191,751 | ---- | C] () -- C:\Users\mullins4\TCAP REVIEW II_Langdon.pdf
[2013/04/16 17:57:34 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll
[2013/04/16 17:57:34 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat
[2013/04/16 17:16:36 | 000,118,784 | ---- | C] () -- C:\Windows\dsdxirmv.exe
[2013/04/13 15:19:54 | 000,014,848 | ---- | C] () -- C:\Users\mullins4\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

And the AdWare report...

# AdwCleaner v3.013 - Report created 30/11/2013 at 19:27:42
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : mullins4 - MULLINS4-HP
# Running from : C:\Users\mullins4\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : APNMCP
Service Found : BackupStack
Service Found : Updater Service for AMZN

***** [ Files / Folders ] *****

File Found : C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Windows\System32\Tasks\Allyrics-16-codedownloader
File Found : C:\Windows\System32\Tasks\Allyrics-16-enabler
File Found : C:\Windows\System32\Tasks\Allyrics-16-updater
File Found : C:\Windows\System32\Tasks\LaunchApp
File Found : C:\Windows\System32\Tasks\weDownload Manager Pro-chromeinstaller
File Found : C:\Windows\System32\Tasks\weDownload Manager Pro-codedownloader
File Found : C:\Windows\System32\Tasks\weDownload Manager Pro-enabler
File Found : C:\Windows\System32\Tasks\weDownload Manager Pro-updater
File Found : C:\Windows\Tasks\Allyrics-16-codedownloader.job
File Found : C:\Windows\Tasks\Allyrics-16-enabler.job
File Found : C:\Windows\Tasks\Allyrics-16-updater.job
File Found : C:\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job
File Found : C:\Windows\Tasks\weDownload Manager Pro-codedownloader.job
File Found : C:\Windows\Tasks\weDownload Manager Pro-enabler.job
File Found : C:\Windows\Tasks\weDownload Manager Pro-updater.job
Folder Found C:\Program Files (x86)\Allyrics-16
Folder Found C:\Program Files (x86)\Amazon Browser Bar
Folder Found C:\Program Files (x86)\AskPartnerNetwork
Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\Nation Toolbar
Folder Found C:\Program Files (x86)\weDownload Manager Pro
Folder Found C:\Program Files (x86)\weDownload Manager Pro
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\AskPartnerNetwork
Folder Found C:\Users\mullins4\AppData\Local\Amazon Browser Bar
Folder Found C:\Users\mullins4\AppData\Local\Searchprotect
Folder Found C:\Users\mullins4\AppData\Local\Temp\apn
Folder Found C:\Users\mullins4\AppData\LocalLow\Allyrics-16
Folder Found C:\Users\mullins4\AppData\LocalLow\Toolbar4
Folder Found C:\Users\mullins4\AppData\LocalLow\weDownload Manager Pro
Folder Found C:\Users\mullins4\AppData\LocalLow\weDownload Manager Pro
Folder Found C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Alexa Internet
Key Found : HKCU\Software\AppDataLow\Software\Allyrics-16
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\weDownload Manager Pro
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\distromatic
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\InstalledThirdPartyPrograms
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411361128}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411411178}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411361128}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411411178}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Nation Toolbar
Key Found : HKCU\Software\WEDLMNGR
Key Found : [x64] HKCU\Software\Alexa Internet
Key Found : [x64] HKCU\Software\AskPartnerNetwork
Key Found : [x64] HKCU\Software\distromatic
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\InstalledThirdPartyPrograms
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKCU\Software\Nation Toolbar
Key Found : [x64] HKCU\Software\WEDLMNGR
Key Found : HKLM\Software\Allyrics-16
Key Found : HKLM\Software\AskPartnerNetwork
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\.bdc
Key Found : HKLM\SOFTWARE\Classes\.bgl
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411361128}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411411178}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422362228}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412278}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0043628.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0043628.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0043628.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0043628.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0044178.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0044178.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0044178.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0044178.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455365528}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455415578}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466366628}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416678}
Key Found : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444364428}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444414478}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041d2f18-03bb-49df-b14c-ea5b4e94c15c}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041d2f18-03bb-49df-b14c-ea5b4e94c15c}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041d2f18-03bb-49df-b14c-ea5b4e94c15c}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35430b06-871a-4590-bc61-16fb1dd8d60f}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35430b06-871a-4590-bc61-16fb1dd8d60f}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35430b06-871a-4590-bc61-16fb1dd8d60f}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d812f06-8b72-426a-8d53-4357075c8a00}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d812f06-8b72-426a-8d53-4357075c8a00}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d812f06-8b72-426a-8d53-4357075c8a00}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6d47c279-ec08-460b-9229-07b348b6fea8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6d47c279-ec08-460b-9229-07b348b6fea8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6d47c279-ec08-460b-9229-07b348b6fea8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ecbbd32-812d-4beb-b77e-ec00bee1f387}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ecbbd32-812d-4beb-b77e-ec00bee1f387}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ecbbd32-812d-4beb-b77e-ec00bee1f387}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b95d0c0-8e8b-4b71-ba31-417b00453fbe}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b95d0c0-8e8b-4b71-ba31-417b00453fbe}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b95d0c0-8e8b-4b71-ba31-417b00453fbe}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f12f2d9-de65-4a21-8db7-6008f51ac540}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f12f2d9-de65-4a21-8db7-6008f51ac540}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f12f2d9-de65-4a21-8db7-6008f51ac540}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{948ff59b-026e-401f-9136-7ae13da4209f}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{948ff59b-026e-401f-9136-7ae13da4209f}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{948ff59b-026e-401f-9136-7ae13da4209f}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a611d1f5-7f15-4c19-b734-540bb9383be9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a611d1f5-7f15-4c19-b734-540bb9383be9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a611d1f5-7f15-4c19-b734-540bb9383be9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba2c75ca-4c3e-4844-8b1c-83e89b77bac5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba2c75ca-4c3e-4844-8b1c-83e89b77bac5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba2c75ca-4c3e-4844-8b1c-83e89b77bac5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411361128}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411178}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411361128}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411411178}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Allyrics-16
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Nation Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\weDownload Manager Pro
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\Nation Toolbar
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\Uniblue
Key Found : HKLM\Software\weDownload Manager Pro
Key Found : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411361128}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411411178}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422362228}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412278}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455365528}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455415578}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466366628}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416678}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041d2f18-03bb-49df-b14c-ea5b4e94c15c}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041d2f18-03bb-49df-b14c-ea5b4e94c15c}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041d2f18-03bb-49df-b14c-ea5b4e94c15c}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35430b06-871a-4590-bc61-16fb1dd8d60f}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35430b06-871a-4590-bc61-16fb1dd8d60f}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35430b06-871a-4590-bc61-16fb1dd8d60f}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d812f06-8b72-426a-8d53-4357075c8a00}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d812f06-8b72-426a-8d53-4357075c8a00}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d812f06-8b72-426a-8d53-4357075c8a00}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6d47c279-ec08-460b-9229-07b348b6fea8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6d47c279-ec08-460b-9229-07b348b6fea8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6d47c279-ec08-460b-9229-07b348b6fea8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ecbbd32-812d-4beb-b77e-ec00bee1f387}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ecbbd32-812d-4beb-b77e-ec00bee1f387}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ecbbd32-812d-4beb-b77e-ec00bee1f387}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b95d0c0-8e8b-4b71-ba31-417b00453fbe}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b95d0c0-8e8b-4b71-ba31-417b00453fbe}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b95d0c0-8e8b-4b71-ba31-417b00453fbe}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f12f2d9-de65-4a21-8db7-6008f51ac540}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f12f2d9-de65-4a21-8db7-6008f51ac540}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f12f2d9-de65-4a21-8db7-6008f51ac540}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{948ff59b-026e-401f-9136-7ae13da4209f}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{948ff59b-026e-401f-9136-7ae13da4209f}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{948ff59b-026e-401f-9136-7ae13da4209f}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a611d1f5-7f15-4c19-b734-540bb9383be9}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a611d1f5-7f15-4c19-b734-540bb9383be9}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a611d1f5-7f15-4c19-b734-540bb9383be9}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba2c75ca-4c3e-4844-8b1c-83e89b77bac5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba2c75ca-4c3e-4844-8b1c-83e89b77bac5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba2c75ca-4c3e-4844-8b1c-83e89b77bac5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411361128}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411178}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1BB22D38-A411-4B13-A746-C2A4F4EC7344}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1BB22D38-A411-4B13-A746-C2A4F4EC7344}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPA7DB5617-0F55-4ED1-8DA7-F05B42ADEF5F&SSPV=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.nation.com/?orig=HP&affid=14000&cztbid=1012895687

*************************

AdwCleaner[R0].txt - [24061 octets] - [30/11/2013 19:27:42]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [24122 octets] ##########

New problems: Don't have any new problems. I think the computer is running a bit faster. I know it actually restarted all the way this time. Before, it wouldn't get past the black screen.
  • 0

#8
nathdep

nathdep

    Member

  • Member
  • PipPipPip
  • 587 posts
Hello! It looks like we're making progress! :)

Just to let you know, I have a concert I must perform in tomorrow and I may be unable to post new instructions for tomorrow. I'm very sorry and I hope to try to work on this as soon as possible!

Please follow these instructions very carefully:

First, you will need to remove some malicious entries using AdwCleaner
  • Navigate to your Desktop and right click on AdwCleaner.exe. Choose Run As Administrator.
  • As done prior, click the Scan button.
  • Once the scan has completed, click the Clean button.
  • Click OK when asked to close all programs and follow all of the given prompts.
  • Click OK once again to restart your computer and to complete the removal process.
  • After rebooting a log will open automatically. Please copy and paste its contents into your next post.
  • You can always access these log files by navigating to C:\AdwCleaner.

Next, I will need another OTL log
  • Open OTL
  • Click the Run Scan
  • Allow the scan to run unhindered.
  • A resulting log will appear. Please post the contents of this log in your next post.

In your next post, be sure to include:
  • The AdwCleaner log
  • OTL.txt
  • A report on if you are experiencing any new problems

  • 0

#9
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Ok, cool! Progress is good!!! :) And that's ok. I probably won't be on much tomorrow either anyway. Growing one year older. Ha! :thumbsup:

So are you a musician, or is it a different kind of concert? I play a few instruments myself... started on trumpet. :) Anyway, that's a little off topic though.

No new problems. I got the blue screen after I opened the laptop, but that was before AdwCleaner cleaned out those files. Not 100% sure, but it seems to be running a little better, now that AdwCleaner did its thing.

AdwCleaner report

# AdwCleaner v3.013 - Report created 02/12/2013 at 00:04:42
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : mullins4 - MULLINS4-HP
# Running from : C:\Users\mullins4\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP
[#] Service Deleted : BackupStack
Service Deleted : Updater Service for AMZN

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Amazon Browser Bar
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
[!] Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Nation Toolbar
Folder Deleted : C:\Program Files (x86)\weDownload Manager Pro
Folder Deleted : C:\Program Files (x86)\Allyrics-16
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\mullins4\AppData\Local\Amazon Browser Bar
Folder Deleted : C:\Users\mullins4\AppData\Local\Searchprotect
Folder Deleted : C:\Users\mullins4\AppData\Local\Temp\apn
Folder Deleted : C:\Users\mullins4\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\mullins4\AppData\LocalLow\weDownload Manager Pro
Folder Deleted : C:\Users\mullins4\AppData\LocalLow\Allyrics-16
Folder Deleted : C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Windows\System32\Tasks\LaunchApp
File Deleted : C:\Windows\Tasks\Allyrics-16-codedownloader.job
File Deleted : C:\Windows\System32\Tasks\Allyrics-16-codedownloader
File Deleted : C:\Windows\Tasks\Allyrics-16-enabler.job
File Deleted : C:\Windows\System32\Tasks\Allyrics-16-enabler
File Deleted : C:\Windows\Tasks\Allyrics-16-updater.job
File Deleted : C:\Windows\System32\Tasks\Allyrics-16-updater
File Deleted : C:\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job
File Deleted : C:\Windows\System32\Tasks\weDownload Manager Pro-chromeinstaller
File Deleted : C:\Windows\Tasks\weDownload Manager Pro-codedownloader.job
File Deleted : C:\Windows\System32\Tasks\weDownload Manager Pro-codedownloader
File Deleted : C:\Windows\Tasks\weDownload Manager Pro-enabler.job
File Deleted : C:\Windows\System32\Tasks\weDownload Manager Pro-enabler
File Deleted : C:\Windows\Tasks\weDownload Manager Pro-updater.job
File Deleted : C:\Windows\System32\Tasks\weDownload Manager Pro-updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\.bdc
Key Deleted : HKLM\SOFTWARE\Classes\.bgl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0043628.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0043628.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0043628.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0043628.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044178.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044178.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044178.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044178.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411361128}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411411178}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422362228}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412278}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455365528}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455415578}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466366628}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416678}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444364428}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444414478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411361128}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411178}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411361128}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411411178}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411361128}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411411178}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d812f06-8b72-426a-8d53-4357075c8a00}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ecbbd32-812d-4beb-b77e-ec00bee1f387}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{948ff59b-026e-401f-9136-7ae13da4209f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a611d1f5-7f15-4c19-b734-540bb9383be9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba2c75ca-4c3e-4844-8b1c-83e89b77bac5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041d2f18-03bb-49df-b14c-ea5b4e94c15c}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35430b06-871a-4590-bc61-16fb1dd8d60f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6d47c279-ec08-460b-9229-07b348b6fea8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b95d0c0-8e8b-4b71-ba31-417b00453fbe}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f12f2d9-de65-4a21-8db7-6008f51ac540}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1BB22D38-A411-4B13-A746-C2A4F4EC7344}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1BB22D38-A411-4B13-A746-C2A4F4EC7344}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411361128}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411411178}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422362228}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412278}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455365528}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455415578}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466366628}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416678}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411361128}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411178}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d812f06-8b72-426a-8d53-4357075c8a00}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ecbbd32-812d-4beb-b77e-ec00bee1f387}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{948ff59b-026e-401f-9136-7ae13da4209f}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a611d1f5-7f15-4c19-b734-540bb9383be9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba2c75ca-4c3e-4844-8b1c-83e89b77bac5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041d2f18-03bb-49df-b14c-ea5b4e94c15c}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35430b06-871a-4590-bc61-16fb1dd8d60f}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6d47c279-ec08-460b-9229-07b348b6fea8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b95d0c0-8e8b-4b71-ba31-417b00453fbe}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f12f2d9-de65-4a21-8db7-6008f51ac540}
Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\InstalledThirdPartyPrograms
Key Deleted : HKCU\Software\Nation Toolbar
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Allyrics-16
Key Deleted : HKCU\Software\AppDataLow\Software\weDownload Manager Pro
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\Nation Toolbar
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Allyrics-16
Key Deleted : HKLM\Software\weDownload Manager Pro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Nation Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Allyrics-16
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\weDownload Manager Pro
Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

*************************

AdwCleaner[R0].txt - [24479 octets] - [30/11/2013 19:27:42]
AdwCleaner[R1].txt - [24316 octets] - [02/12/2013 00:02:01]
AdwCleaner[S0].txt - [18323 octets] - [02/12/2013 00:04:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18384 octets] ##########

OTL.txt

OTL logfile created on: 12/2/2013 12:13:48 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mullins4\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 44.84% Memory free
7.20 Gb Paging File | 4.87 Gb Available in Paging File | 67.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.78 Gb Total Space | 370.19 Gb Free Space | 82.67% Space Free | Partition Type: NTFS
Drive D: | 13.82 Gb Total Space | 1.54 Gb Free Space | 11.17% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.10 Gb Free Space | 27.74% Space Free | Partition Type: FAT32

Computer Name: MULLINS4-HP | User Name: mullins4 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/29 20:14:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mullins4\Desktop\OTL.exe
PRC - [2013/11/27 13:10:33 | 000,066,848 | ---- | M] () -- C:\Program Files (x86)\Bizzybolt\bin\utilBizzybolt.exe
PRC - [2013/11/20 13:46:10 | 000,066,848 | ---- | M] () -- C:\Program Files (x86)\Bizzybolt\updateBizzybolt.exe
PRC - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2013/11/11 19:31:48 | 002,283,808 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
PRC - [2013/11/11 15:42:02 | 000,764,192 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
PRC - [2013/11/09 18:46:18 | 001,162,280 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2013/11/09 18:46:18 | 000,621,608 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
PRC - [2013/11/09 18:42:03 | 000,060,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe
PRC - [2013/11/07 22:03:50 | 004,956,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
PRC - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/09/08 11:12:26 | 000,860,480 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
PRC - [2013/08/16 18:09:02 | 001,549,120 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2013/08/14 07:23:06 | 000,310,208 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE
PRC - [2013/08/14 07:23:06 | 000,216,000 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2013/05/15 16:05:58 | 000,191,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
PRC - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2012/12/18 05:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/16 04:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
PRC - [2012/10/08 15:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012/09/06 09:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/03/05 12:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 12:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/08/19 13:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/06/27 12:41:08 | 000,168,504 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/06/15 19:58:28 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/05 16:06:53 | 000,593,464 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
MOD - [2013/08/14 07:22:50 | 000,056,256 | ---- | M] () -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\FSGUI\fsavures.eng
MOD - [2013/07/10 14:22:55 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madbasic_.bpl
MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
MOD - [2012/10/16 04:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe


========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe run options=01110010000000000000000000000000 sourceguid=8F71DB22-A8DF-4C0D-A26C-2142A9317F6A -- (Level Quality Watcher)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe -- (AdpeakProxy)
SRV:64bit: - [2013/11/28 03:04:56 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/27 12:55:34 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/15 22:01:18 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/12/11 12:07:04 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/11/27 13:10:33 | 000,066,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Bizzybolt\bin\utilBizzybolt.exe -- (Util Bizzybolt)
SRV - [2013/11/20 13:46:10 | 000,066,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Bizzybolt\updateBizzybolt.exe -- (Update Bizzybolt)
SRV - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/11/09 18:42:03 | 000,060,352 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013/10/08 15:36:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/08/14 07:23:06 | 000,216,000 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2013/05/15 16:05:58 | 000,191,424 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Charter Security Suite\fshoster32.exe -- (fshoster)
SRV - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2013/04/17 18:02:42 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/12/18 05:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/27 10:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/09/06 09:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/05 12:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/03/01 23:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/27 13:01:24 | 000,883,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013/11/27 12:55:34 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/11/27 12:55:34 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/11/27 12:54:41 | 000,082,600 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/11/27 12:54:41 | 000,042,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2013/11/27 01:20:34 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/11/27 01:20:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/11/27 01:20:34 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/26 04:40:53 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/11/09 19:41:19 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts)
DRV:64bit: - [2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/10/24 22:25:58 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/10/01 00:52:08 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/09/10 00:43:02 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/08/01 16:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/05/22 18:49:32 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2013/05/15 22:06:08 | 000,878,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2013/05/15 22:01:19 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013/04/17 18:05:29 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/04/17 18:02:42 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012/12/03 15:36:34 | 000,081,824 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2012/12/03 15:36:34 | 000,013,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2012/11/15 08:41:06 | 000,015,776 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012/08/21 12:14:10 | 000,772,224 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L6UX264.sys -- (L6UX2)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/23 15:35:56 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/23 15:35:56 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/09 21:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/11/29 19:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/07/28 11:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/02/18 11:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/11/09 19:33:41 | 000,203,120 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2013/11/09 18:46:20 | 000,069,296 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2013/08/14 07:22:44 | 000,013,248 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2013/04/25 12:52:40 | 000,080,832 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\fsni64.sys -- (fsni)
DRV - [2013/03/26 19:34:08 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2013/03/26 19:33:52 | 000,034,336 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2013/03/23 15:48:46 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{1}: "URL" = http://www.google.co...utputEncoding?}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\..\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}: "URL" = http://www.amazon.co...s={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...B42ADEF5F&SSPV=
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.nation...q={searchTerms}
IE - HKCU\..\SearchScopes\{1}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\..\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)



O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Bizzybolt) - {13070af0-bc6c-4185-8baa-40a4cf05b323} - C:\Program Files (x86)\Bizzybolt\BizzyboltBHO.dll (Bizzybolt)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [F-Secure Hoster (42626)] C:\Program Files (x86)\Charter Security Suite\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKCU..\Run: [Advanced SystemCare 7] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Amazon Cloud Player] C:\Users\mullins4\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
O4 - HKCU..\Run: [TLworks Update] C:\Windows\SysWow64\regsvr32.exe (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9901F41-210A-4DC0-A46A-C1E440C2AC31}: DhcpNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (digest.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (msnsspc.dll) - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{addeee64-1043-11e3-914e-101f74c7470b}\Shell - "" = AutoRun
O33 - MountPoints2\{addeee64-1043-11e3-914e-101f74c7470b}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/30 19:27:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/30 19:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters
[2013/11/30 19:22:37 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/11/30 19:22:33 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Association Manager
[2013/11/30 19:22:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Association Manager
[2013/11/30 19:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013/11/30 19:21:49 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\FileAssociationManager
[2013/11/30 19:21:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileAssociationManager
[2013/11/30 18:42:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/29 20:22:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mullins4\Desktop\OTL.exe
[2013/11/29 03:21:33 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\Adobe
[2013/11/28 09:56:50 | 000,000,000 | ---D | C] -- C:\Users\mullins4\SyncFolder
[2013/11/28 03:14:01 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013/11/28 03:05:29 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/28 03:05:29 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/28 03:05:18 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/28 03:05:18 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/28 03:05:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/28 03:05:17 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/28 03:05:17 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/28 03:05:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/11/28 03:05:16 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/28 03:05:15 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/28 03:05:15 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/28 03:05:15 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/28 03:05:15 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/28 03:05:14 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/28 03:05:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/11/28 03:05:14 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/11/28 03:05:14 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/11/28 03:05:13 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/28 03:05:13 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/28 03:05:13 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/28 03:05:13 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/11/28 03:05:12 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/28 03:05:12 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/28 03:05:12 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/11/28 03:05:11 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/28 03:05:10 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/28 03:05:09 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/28 03:05:09 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/28 03:05:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/11/28 03:05:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/11/28 03:05:08 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/28 03:05:08 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/28 03:05:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/28 03:05:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/28 03:05:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/11/28 03:05:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/11/28 03:05:07 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/28 03:05:07 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/28 03:05:06 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/28 03:05:06 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/28 03:05:05 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/28 03:05:05 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/28 03:05:05 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/28 03:05:05 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/28 03:05:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/11/28 03:05:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/11/28 03:05:04 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/28 03:05:04 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/28 03:05:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/28 03:05:04 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/28 03:05:03 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/28 03:05:03 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/28 03:05:03 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/28 03:05:03 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/28 03:05:03 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/28 03:05:02 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/28 03:05:02 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/28 03:05:02 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/28 03:05:02 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/28 03:05:02 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/28 03:05:02 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/28 03:05:01 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/28 03:05:01 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/28 03:05:01 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/28 03:05:01 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/28 03:05:01 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/11/28 03:05:00 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/28 03:05:00 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/28 03:05:00 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/28 03:04:59 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/28 03:04:58 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/28 03:04:58 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/11/28 03:04:57 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/11/28 03:04:56 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/28 03:04:56 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/28 03:04:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/11/28 03:04:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/11/28 03:04:55 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/28 03:04:55 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/28 03:04:55 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/11/28 02:10:14 | 000,439,296 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysNative\AdpeakProxy64.dll
[2013/11/28 02:10:03 | 000,338,944 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysWow64\AdpeakProxy.dll
[2013/11/28 02:09:21 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\mullins4\Desktop\HijackThis.exe
[2013/11/28 02:09:21 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\mullins4\Desktop\ATF-Cleaner.exe
[2013/11/27 13:01:24 | 000,883,928 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013/11/27 13:01:24 | 000,074,456 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2013/11/27 12:55:37 | 000,118,584 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013/11/27 12:55:37 | 000,076,800 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_12.104.dll
[2013/11/27 12:55:37 | 000,076,288 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2013/11/27 12:55:37 | 000,065,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
[2013/11/27 12:55:37 | 000,064,000 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2013/11/27 12:55:37 | 000,056,320 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
[2013/11/27 12:55:36 | 006,985,624 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013/11/27 12:55:36 | 005,000,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013/11/27 12:55:36 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013/11/27 12:55:36 | 000,112,440 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013/11/27 12:55:35 | 019,870,720 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013/11/27 12:55:34 | 024,229,376 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013/11/27 12:55:34 | 016,082,944 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013/11/27 12:55:34 | 011,658,752 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013/11/27 12:55:34 | 007,233,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013/11/27 12:55:34 | 000,581,120 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013/11/27 12:55:34 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2013/11/27 12:55:34 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013/11/27 12:55:34 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013/11/27 12:55:34 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013/11/27 12:55:34 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013/11/27 12:55:34 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2013/11/27 12:55:34 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013/11/27 12:55:34 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013/11/27 12:55:34 | 000,044,032 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013/11/27 12:55:34 | 000,034,816 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013/11/27 12:55:34 | 000,026,112 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/11/27 12:55:34 | 000,017,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013/11/27 12:55:34 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013/11/27 12:55:34 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2013/11/27 12:55:32 | 013,703,168 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013/11/27 12:55:32 | 000,430,080 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013/11/27 12:55:32 | 000,163,840 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013/11/27 12:55:32 | 000,054,784 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/11/27 12:55:32 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013/11/27 12:55:32 | 000,050,176 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/11/27 12:55:32 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013/11/27 12:55:32 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013/11/27 12:55:32 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2013/11/27 12:55:30 | 029,150,720 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2013/11/27 12:55:27 | 023,810,560 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2013/11/27 12:54:41 | 000,082,600 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_sata.sys
[2013/11/27 12:54:41 | 000,042,664 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_xata.sys
[2013/11/27 12:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2013/11/27 12:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2013/11/27 12:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
[2013/11/27 12:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2013/11/27 04:34:57 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\AVG2014
[2013/11/27 04:33:35 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\TuneUp Software
[2013/11/27 04:33:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/11/27 04:32:47 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/11/27 04:32:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2013/11/27 04:31:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/11/27 04:28:44 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\MFAData
[2013/11/27 04:28:44 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/11/27 04:28:44 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\Avg2014
[2013/11/27 04:28:23 | 004,436,944 | ---- | C] (AVG Technologies) -- C:\Users\mullins4\Desktop\avg_free_stb_all_2014_4259_cnet.exe
[2013/11/27 03:48:17 | 000,027,456 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2013/11/27 01:20:34 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/11/27 01:20:34 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/11/27 01:20:34 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/11/27 01:20:34 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/11/27 01:20:34 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/11/27 01:20:34 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/11/27 01:20:34 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/11/27 01:20:34 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/11/27 01:20:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/11/27 01:20:34 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/11/27 01:20:34 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/11/27 01:20:34 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/11/27 01:20:34 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/11/27 01:20:34 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/11/27 01:20:34 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/11/27 01:20:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/11/27 01:20:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/11/27 01:20:34 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/11/27 01:20:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/11/27 01:17:25 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/11/27 01:17:25 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/11/27 00:48:39 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\Apple Computer
[2013/11/27 00:48:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2013/11/27 00:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2013/11/27 00:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013/11/27 00:48:00 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\IObit
[2013/11/27 00:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
[2013/11/27 00:46:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2013/11/27 00:46:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/11/27 00:32:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bizzybolt
[2013/11/27 00:32:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScorpionSaver
[2013/11/27 00:31:21 | 000,000,000 | ---D | C] -- C:\temp
[2013/11/26 04:43:28 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\AVG SafeGuard toolbar
[2013/11/26 04:42:14 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/11/26 04:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013/11/26 04:41:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/11/26 04:39:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/11/25 04:36:49 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Boys of GI cover photo 11-25-13
[2013/11/24 02:14:27 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\{D7CC5DF7-72C0-4F0C-ADC9-F7D0DF454899}
[2013/11/23 02:14:05 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Joel Jameson 11-23-13
[2013/11/22 19:32:12 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\TLworks
[2013/11/19 19:28:30 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Phil and Monica 11-19-13
[2013/11/18 17:57:35 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall profile pic 11-18-13
[2013/11/18 14:54:38 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\Malwarebytes
[2013/11/18 14:54:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/14 00:15:00 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall cover photo 11-14-13
[2013/11/13 07:40:16 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/11/13 07:39:41 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/11/13 07:39:39 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/11/13 07:39:39 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/11/13 07:39:39 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/11/13 07:39:38 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/11/13 07:39:08 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/11/13 07:39:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/11/13 07:39:05 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/11/13 07:39:05 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/11/13 07:39:05 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/11/13 07:38:50 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/11/13 07:38:42 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/11/13 07:38:41 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/11/13 07:38:41 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/11/13 07:38:40 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/11/10 03:46:47 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Brandi and Jess picture 11-10-13
[2013/11/09 06:36:00 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall profile picture 11-7-13 full
[2013/11/06 00:08:16 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall profile picture 11-6-13
[2013/11/05 21:55:48 | 000,150,808 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2013/11/05 16:07:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Charter Security Suite
[2013/11/05 16:06:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Charter Security Suite
[2013/11/05 16:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2013/11/05 15:58:37 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\lptmp2142391410
[2013/11/04 21:52:42 | 000,240,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2013/05/01 16:25:12 | 009,842,040 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe

========== Files - Modified Within 30 Days ==========

[2013/12/02 00:15:57 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/02 00:15:57 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/02 00:08:12 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job
[2013/12/02 00:08:08 | 000,000,596 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2013/12/02 00:08:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/02 00:07:57 | 2901,467,136 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/01 23:54:42 | 576,768,488 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/12/01 23:53:08 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/01 23:53:01 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFormullins4.job
[2013/11/30 19:23:30 | 001,091,882 | ---- | M] () -- C:\Users\mullins4\Desktop\AdwCleaner.exe
[2013/11/30 18:45:12 | 000,624,358 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/30 18:45:12 | 000,106,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/30 18:45:11 | 000,726,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/30 18:36:10 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2013/11/29 20:14:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mullins4\Desktop\OTL.exe
[2013/11/29 03:00:43 | 133,200,385 | ---- | M] () -- C:\Users\mullins4\Documents\Manga Studio Artwork.zip
[2013/11/28 09:56:51 | 000,001,596 | ---- | M] () -- C:\Users\mullins4\Desktop\Sync Folder.lnk
[2013/11/28 03:05:29 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/28 03:05:29 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/28 03:05:18 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/28 03:05:18 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/28 03:05:18 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/28 03:05:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/28 03:05:17 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/28 03:05:16 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/11/28 03:05:16 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/28 03:05:15 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/28 03:05:15 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/28 03:05:15 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/28 03:05:15 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/28 03:05:14 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/28 03:05:14 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/11/28 03:05:14 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/11/28 03:05:14 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/11/28 03:05:14 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/28 03:05:13 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/28 03:05:13 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/28 03:05:13 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/28 03:05:13 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/11/28 03:05:12 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/28 03:05:12 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/28 03:05:12 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/11/28 03:05:11 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/28 03:05:10 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/28 03:05:09 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/28 03:05:09 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/28 03:05:09 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/11/28 03:05:09 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/11/28 03:05:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/28 03:05:08 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/28 03:05:08 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/28 03:05:08 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/28 03:05:08 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/11/28 03:05:08 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/11/28 03:05:07 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/28 03:05:07 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/28 03:05:06 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/28 03:05:06 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/28 03:05:05 | 005,765,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/28 03:05:05 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/28 03:05:05 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/28 03:05:05 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/28 03:05:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/11/28 03:05:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/11/28 03:05:04 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/28 03:05:04 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/28 03:05:04 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/28 03:05:04 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/28 03:05:03 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/28 03:05:03 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/28 03:05:03 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/28 03:05:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/28 03:05:03 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/28 03:05:02 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/28 03:05:02 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/28 03:05:02 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/28 03:05:02 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/28 03:05:02 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/28 03:05:02 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/28 03:05:02 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/28 03:05:01 | 001,993,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/28 03:05:01 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/28 03:05:01 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/28 03:05:01 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/28 03:05:01 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/11/28 03:05:00 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/28 03:05:00 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/28 03:05:00 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/28 03:04:59 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/28 03:04:58 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/28 03:04:58 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/11/28 03:04:57 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/11/28 03:04:57 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/11/28 03:04:56 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/28 03:04:56 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/28 03:04:56 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/11/28 03:04:55 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/28 03:04:55 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/28 03:04:55 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/11/28 02:04:44 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\mullins4\Desktop\HijackThis.exe
[2013/11/28 02:02:22 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\mullins4\Desktop\ATF-Cleaner.exe
[2013/11/27 13:06:49 | 000,350,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/27 13:01:24 | 000,883,928 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013/11/27 13:01:24 | 000,108,760 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2013/11/27 13:01:24 | 000,074,456 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2013/11/27 12:55:37 | 005,944,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2013/11/27 12:55:37 | 004,450,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2013/11/27 12:55:37 | 003,342,768 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/11/27 12:55:37 | 000,230,836 | ---- | M] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013/11/27 12:55:37 | 000,230,064 | ---- | M] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013/11/27 12:55:37 | 000,222,720 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
[2013/11/27 12:55:37 | 000,204,952 | ---- | M] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/11/27 12:55:37 | 000,204,952 | ---- | M] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/11/27 12:55:37 | 000,157,144 | ---- | M] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/11/27 12:55:37 | 000,157,144 | ---- | M] () -- C:\Windows\SysNative\ativvsva.dat
[2013/11/27 12:55:37 | 000,139,696 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2013/11/27 12:55:37 | 000,118,584 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013/11/27 12:55:37 | 000,076,800 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_12.104.dll
[2013/11/27 12:55:37 | 000,076,288 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2013/11/27 12:55:37 | 000,075,600 | ---- | M] () -- C:\Windows\SysNative\ativce02.dat
[2013/11/27 12:55:37 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
[2013/11/27 12:55:37 | 000,064,000 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2013/11/27 12:55:37 | 000,056,320 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
[2013/11/27 12:55:36 | 019,870,720 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013/11/27 12:55:36 | 006,985,624 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013/11/27 12:55:36 | 005,000,320 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013/11/27 12:55:36 | 003,309,936 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/11/27 12:55:36 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013/11/27 12:55:36 | 000,112,440 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013/11/27 12:55:36 | 000,092,304 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2013/11/27 12:55:36 | 000,003,917 | ---- | M] () -- C:\Windows\SysWow64\atipblag.dat
[2013/11/27 12:55:36 | 000,003,917 | ---- | M] () -- C:\Windows\SysNative\atipblag.dat
[2013/11/27 12:55:35 | 024,229,376 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013/11/27 12:55:35 | 000,044,066 | ---- | M] () -- C:\Windows\atiogl.xml
[2013/11/27 12:55:34 | 016,082,944 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013/11/27 12:55:34 | 013,703,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013/11/27 12:55:34 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013/11/27 12:55:34 | 008,272,136 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2013/11/27 12:55:34 | 007,233,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013/11/27 12:55:34 | 001,155,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2013/11/27 12:55:34 | 000,970,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2013/11/27 12:55:34 | 000,695,006 | ---- | M] () -- C:\Windows\SysNative\atiicdxx.dat
[2013/11/27 12:55:34 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013/11/27 12:55:34 | 000,562,688 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013/11/27 12:55:34 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2013/11/27 12:55:34 | 000,241,152 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013/11/27 12:55:34 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013/11/27 12:55:34 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013/11/27 12:55:34 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013/11/27 12:55:34 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013/11/27 12:55:34 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2013/11/27 12:55:34 | 000,051,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013/11/27 12:55:34 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013/11/27 12:55:34 | 000,044,032 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013/11/27 12:55:34 | 000,034,816 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013/11/27 12:55:34 | 000,026,112 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/11/27 12:55:34 | 000,017,920 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013/11/27 12:55:34 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013/11/27 12:55:34 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2013/11/27 12:55:32 | 000,636,416 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2013/11/27 12:55:32 | 000,522,872 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/11/27 12:55:32 | 000,522,872 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/11/27 12:55:32 | 000,430,080 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013/11/27 12:55:32 | 000,163,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013/11/27 12:55:32 | 000,054,784 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/11/27 12:55:32 | 000,053,248 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013/11/27 12:55:32 | 000,050,176 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/11/27 12:55:32 | 000,044,544 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013/11/27 12:55:32 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013/11/27 12:55:32 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2013/11/27 12:55:31 | 029,150,720 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2013/11/27 12:55:31 | 001,187,342 | ---- | M] () -- C:\Windows\SysNative\amdocl_as64.exe
[2013/11/27 12:55:31 | 001,061,902 | ---- | M] () -- C:\Windows\SysNative\amdocl_ld64.exe
[2013/11/27 12:55:31 | 000,995,342 | ---- | M] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/11/27 12:55:31 | 000,798,734 | ---- | M] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/11/27 12:55:30 | 023,810,560 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2013/11/27 12:54:41 | 000,082,600 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_sata.sys
[2013/11/27 12:54:41 | 000,042,664 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_xata.sys
[2013/11/27 12:40:22 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2013/11/27 12:37:44 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2013/11/27 12:37:27 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2013/11/27 12:35:15 | 000,001,173 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2013/11/27 04:33:35 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/11/27 04:25:42 | 004,436,944 | ---- | M] (AVG Technologies) -- C:\Users\mullins4\Desktop\avg_free_stb_all_2014_4259_cnet.exe
[2013/11/27 01:20:34 | 005,773,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/11/27 01:20:34 | 004,916,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/11/27 01:20:34 | 003,174,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/11/27 01:20:34 | 001,123,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/11/27 01:20:34 | 001,048,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/11/27 01:20:34 | 000,384,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/11/27 01:20:34 | 000,322,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/11/27 01:20:34 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/11/27 01:20:34 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/11/27 01:20:34 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/11/27 01:20:34 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/11/27 01:20:34 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/11/27 01:20:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/11/27 01:20:34 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/11/27 01:20:34 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/11/27 01:20:34 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/11/27 01:20:34 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/11/27 01:20:34 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/11/27 01:20:34 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/11/27 01:20:34 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\tsusbflt.sys.mui
[2013/11/27 01:17:25 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/11/27 01:17:25 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/11/26 04:40:53 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/11/21 17:13:21 | 003,563,102 | ---- | M] () -- C:\Users\mullins4\Desktop\For A Reason (acoustic version).MP3
[2013/11/10 08:30:24 | 004,454,616 | ---- | M] () -- C:\Users\mullins4\Desktop\DB - Meaning of The Word (original Christmas song).mp3
[2013/11/09 19:41:19 | 000,056,016 | ---- | M] () -- C:\Windows\SysNative\drivers\fsbts.sys
[2013/11/09 18:42:48 | 000,019,903 | ---- | M] () -- C:\Windows\prodsett_copy.ini
[2013/11/06 16:07:04 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMULLINS4-HP$.job
[2013/11/06 15:42:12 | 000,005,360 | ---- | M] () -- C:\Windows\SysWow64\AdpeakProxy.ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | M] () -- C:\Windows\SysNative\AdpeakProxy.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | M] () -- C:\Windows\SysWow64\AdpeakProxyOff.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | M] () -- C:\Windows\SysNative\AdpeakProxyOff.ini
[2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2013/11/05 16:07:12 | 000,002,049 | ---- | M] () -- C:\Users\Public\Desktop\Charter Security Suite.lnk
[2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys

========== Files Created - No Company Name ==========

[2013/12/01 23:54:42 | 576,768,488 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/11/30 19:26:58 | 001,091,882 | ---- | C] () -- C:\Users\mullins4\Desktop\AdwCleaner.exe
[2013/11/29 02:55:31 | 133,200,385 | ---- | C] () -- C:\Users\mullins4\Documents\Manga Studio Artwork.zip
[2013/11/28 09:56:51 | 000,001,596 | ---- | C] () -- C:\Users\mullins4\Desktop\Sync Folder.lnk
[2013/11/28 03:05:14 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/28 03:05:02 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/27 13:06:32 | 000,350,160 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/27 12:55:37 | 003,342,768 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/11/27 12:55:37 | 000,230,836 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013/11/27 12:55:37 | 000,230,064 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013/11/27 12:55:37 | 000,222,720 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2013/11/27 12:55:37 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/11/27 12:55:37 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/11/27 12:55:37 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/11/27 12:55:37 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2013/11/27 12:55:37 | 000,075,600 | ---- | C] () -- C:\Windows\SysNative\ativce02.dat
[2013/11/27 12:55:36 | 003,309,936 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/11/27 12:55:36 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/11/27 12:55:36 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2013/11/27 12:55:35 | 000,044,066 | ---- | C] () -- C:\Windows\atiogl.xml
[2013/11/27 12:55:34 | 000,695,006 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013/11/27 12:55:32 | 000,522,872 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/11/27 12:55:32 | 000,522,872 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/11/27 12:55:31 | 001,187,342 | ---- | C] () -- C:\Windows\SysNative\amdocl_as64.exe
[2013/11/27 12:55:31 | 001,061,902 | ---- | C] () -- C:\Windows\SysNative\amdocl_ld64.exe
[2013/11/27 12:55:31 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/11/27 12:55:31 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/11/27 12:40:22 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2013/11/27 12:37:45 | 000,017,720 | ---- | C] () -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys
[2013/11/27 12:37:44 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2013/11/27 12:37:32 | 000,000,286 | ---- | C] () -- C:\Windows\tasks\Driver Booster Update.job
[2013/11/27 12:37:27 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2013/11/27 12:35:15 | 000,001,173 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2013/11/27 04:33:35 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/11/27 00:48:00 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2013/11/20 18:47:58 | 003,563,102 | ---- | C] () -- C:\Users\mullins4\Desktop\For A Reason (acoustic version).MP3
[2013/11/10 08:28:33 | 004,454,616 | ---- | C] () -- C:\Users\mullins4\Desktop\DB - Meaning of The Word (original Christmas song).mp3
[2013/11/09 19:34:39 | 000,000,596 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
[2013/11/09 18:43:43 | 000,056,016 | ---- | C] () -- C:\Windows\SysNative\drivers\fsbts.sys
[2013/11/09 18:42:48 | 000,019,903 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | C] () -- C:\Windows\SysWow64\AdpeakProxy.ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | C] () -- C:\Windows\SysNative\AdpeakProxy.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | C] () -- C:\Windows\SysWow64\AdpeakProxyOff.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | C] () -- C:\Windows\SysNative\AdpeakProxyOff.ini
[2013/11/05 16:07:12 | 000,002,049 | ---- | C] () -- C:\Users\Public\Desktop\Charter Security Suite.lnk
[2013/07/17 02:59:01 | 001,229,097 | ---- | C] () -- C:\Windows\unins000.exe
[2013/07/17 02:59:01 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2013/07/17 02:59:01 | 000,076,348 | ---- | C] () -- C:\Windows\unins000.dat
[2013/04/27 08:07:53 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2013/04/27 07:58:40 | 000,005,937 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2013/04/17 08:05:05 | 005,703,413 | ---- | C] () -- C:\Users\mullins4\sample test.pdf
[2013/04/17 08:05:02 | 000,191,751 | ---- | C] () -- C:\Users\mullins4\TCAP REVIEW II_Langdon.pdf
[2013/04/16 17:57:34 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll
[2013/04/16 17:57:34 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat
[2013/04/16 17:16:36 | 000,118,784 | ---- | C] () -- C:\Windows\dsdxirmv.exe
[2013/04/13 15:19:54 | 000,014,848 | ---- | C] () -- C:\Users\mullins4\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
  • 0

#10
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hey! My dad just restored the computer to an earlier date this morning. I wasn't aware until afterwards. :/ Hopefully that doesn't ruin everything. I went and scanned with the OTL again and made another log, in case you needed it... if it's any different than the one before. In the past when the computer would act funny, dad would usually restore it to an earlier date and it usually fixed it, but I've also heard that doesn't really get rid of viruses or whatever. Anyway, here's the new OTL log...

OTL logfile created on: 12/2/2013 5:57:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mullins4\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.98 Gb Available Physical Memory | 54.89% Memory free
7.20 Gb Paging File | 5.15 Gb Available in Paging File | 71.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.78 Gb Total Space | 369.43 Gb Free Space | 82.50% Space Free | Partition Type: NTFS
Drive D: | 13.82 Gb Total Space | 1.54 Gb Free Space | 11.17% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.10 Gb Free Space | 27.74% Space Free | Partition Type: FAT32
Drive G: | 3.73 Gb Total Space | 2.07 Gb Free Space | 55.58% Space Free | Partition Type: FAT32

Computer Name: MULLINS4-HP | User Name: mullins4 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/29 20:14:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mullins4\Desktop\OTL.exe
PRC - [2013/11/09 18:46:18 | 001,162,280 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2013/11/09 18:46:18 | 000,621,608 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
PRC - [2013/11/09 18:42:03 | 000,060,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe
PRC - [2013/10/31 09:26:54 | 004,023,584 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
PRC - [2013/10/31 09:26:54 | 001,735,968 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
PRC - [2013/09/30 21:19:02 | 004,387,136 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
PRC - [2013/09/29 21:45:28 | 000,962,880 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
PRC - [2013/09/29 21:43:30 | 002,326,848 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
PRC - [2013/09/27 20:24:36 | 002,150,208 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013/08/14 07:23:06 | 000,310,208 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE
PRC - [2013/08/14 07:23:06 | 000,216,000 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2013/05/15 16:05:58 | 000,191,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/21 13:24:12 | 000,222,368 | ---- | M] () -- C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
PRC - [2012/12/18 05:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/16 04:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
PRC - [2012/10/08 15:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012/09/06 09:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/03/05 12:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 12:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/08/19 13:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/06/27 12:41:08 | 000,168,504 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/06/15 19:58:28 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/05 16:06:53 | 000,593,464 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
MOD - [2013/08/20 18:20:16 | 000,599,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ProductStatistics.dll
MOD - [2013/08/14 07:22:50 | 000,056,256 | ---- | M] () -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\FSGUI\fsavures.eng
MOD - [2013/08/14 07:22:48 | 000,154,560 | ---- | M] () -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\FSGUI\flyerres.eng
MOD - [2013/07/22 20:21:32 | 001,233,728 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Scan.dll
MOD - [2013/07/10 14:22:55 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
MOD - [2013/01/15 18:47:50 | 000,517,440 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
MOD - [2012/10/16 04:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013/10/31 15:12:20 | 000,511,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe -- (Level Quality Watcher)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/15 22:01:18 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2013/04/17 18:05:07 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/12/11 12:07:04 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/11/09 18:42:03 | 000,060,352 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2013/10/31 09:26:54 | 001,735,968 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/10/08 15:36:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/29 21:45:28 | 000,962,880 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013/09/27 20:24:36 | 002,150,208 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/08/14 07:23:06 | 000,216,000 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2013/05/15 16:05:58 | 000,191,424 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Charter Security Suite\fshoster32.exe -- (fshoster)
SRV - [2013/04/17 18:02:42 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/21 13:24:12 | 000,222,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe -- (Updater Service for AMZN)
SRV - [2012/12/18 05:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/27 10:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/09/06 09:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/05 12:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/27 01:20:34 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/11/27 01:20:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/11/27 01:20:34 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/09 19:41:19 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts)
DRV:64bit: - [2013/05/15 22:06:08 | 000,878,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2013/05/15 22:01:19 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013/05/15 21:56:17 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013/04/17 18:05:29 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/04/17 18:05:27 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/04/17 18:05:27 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2013/04/17 18:05:07 | 010,210,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/17 18:05:07 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/04/17 18:02:42 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/12/03 15:36:34 | 000,081,824 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2012/12/03 15:36:34 | 000,013,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2012/11/15 08:41:06 | 000,015,776 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012/08/21 12:14:10 | 000,772,224 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L6UX264.sys -- (L6UX2)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/23 15:35:56 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/23 15:35:56 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/09 21:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/11/29 19:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/07/28 11:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/02/18 11:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/11/09 19:33:41 | 000,203,120 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2013/11/09 18:46:20 | 000,069,296 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2013/08/14 07:22:44 | 000,013,248 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2013/04/25 12:52:40 | 000,080,832 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\fsni64.sys -- (fsni)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.nation...tbid=1012895687
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.nation...q={searchTerms}
IE - HKLM\..\SearchScopes\{1}: "URL" = http://www.google.co...utputEncoding?}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\..\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}: "URL" = http://www.amazon.co...s={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...B42ADEF5F&SSPV=
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.nation...q={searchTerms}
IE - HKCU\..\SearchScopes\{1}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\..\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)



O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll File not found
O2:64bit: - BHO: (Allyrics-16) - {11111111-1111-1111-1111-110411411178} - C:\Program Files (x86)\Allyrics-16\Allyrics-16-bho64.dll (ExploreKERD)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [F-Secure Hoster (42626)] C:\Program Files (x86)\Charter Security Suite\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [Advanced SystemCare 7] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Amazon Cloud Player] C:\Users\mullins4\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
O4 - HKCU..\Run: [TLworks Update] C:\Windows\SysWow64\regsvr32.exe (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9901F41-210A-4DC0-A46A-C1E440C2AC31}: DhcpNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E68F111B-99D6-4013-A825-814767E950A1}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (Conduit)
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Conduit)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (digest.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (msnsspc.dll) - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/08/04 18:13:52 | 000,000,110 | -H-- | M] () - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{addeee64-1043-11e3-914e-101f74c7470b}\Shell - "" = AutoRun
O33 - MountPoints2\{addeee64-1043-11e3-914e-101f74c7470b}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/02 17:57:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mullins4\Desktop\OTL.exe
[2013/12/02 12:08:35 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\SearchProtect
[2013/11/30 19:27:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/30 19:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters
[2013/11/30 19:22:37 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/11/30 19:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013/11/30 19:21:49 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\FileAssociationManager
[2013/11/30 19:21:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileAssociationManager
[2013/11/30 18:42:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/28 09:56:50 | 000,000,000 | ---D | C] -- C:\Users\mullins4\SyncFolder
[2013/11/27 12:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2013/11/27 12:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
[2013/11/27 12:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2013/11/27 04:34:57 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\AVG2014
[2013/11/27 04:33:35 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\TuneUp Software
[2013/11/27 04:32:47 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/11/27 04:32:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2013/11/27 04:31:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/11/27 04:28:44 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\MFAData
[2013/11/27 04:28:44 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/11/27 04:28:44 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\Avg2014
[2013/11/27 03:48:17 | 000,027,456 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2013/11/27 01:20:34 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/11/27 01:20:34 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/11/27 01:20:34 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/11/27 01:20:34 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/11/27 01:20:34 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/11/27 01:20:34 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/11/27 01:20:34 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/11/27 01:20:34 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/11/27 01:20:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/11/27 01:20:34 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/11/27 01:20:34 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/11/27 01:20:34 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/11/27 01:20:34 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/11/27 01:20:34 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/11/27 01:20:34 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/11/27 01:20:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/11/27 01:20:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/11/27 01:20:34 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/11/27 01:20:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/11/27 01:17:25 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/11/27 01:17:25 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/11/27 00:48:39 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\Apple Computer
[2013/11/27 00:48:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2013/11/27 00:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2013/11/27 00:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013/11/27 00:48:00 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\IObit
[2013/11/27 00:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
[2013/11/27 00:46:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2013/11/27 00:46:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Allyrics-16
[2013/11/27 00:46:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/11/27 00:44:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2013/11/27 00:33:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon Browser Bar
[2013/11/27 00:31:21 | 000,000,000 | ---D | C] -- C:\temp
[2013/11/27 00:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\Level Quality Watcher
[2013/11/26 04:39:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/11/25 04:36:49 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Boys of GI cover photo 11-25-13
[2013/11/25 02:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/25 02:59:03 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/11/25 02:59:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/11/24 02:14:27 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\{D7CC5DF7-72C0-4F0C-ADC9-F7D0DF454899}
[2013/11/23 02:14:05 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Joel Jameson 11-23-13
[2013/11/22 19:32:12 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\TLworks
[2013/11/19 19:28:30 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Phil and Monica 11-19-13
[2013/11/18 17:57:35 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall profile pic 11-18-13
[2013/11/18 14:54:38 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Roaming\Malwarebytes
[2013/11/18 14:54:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/14 09:56:23 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/14 09:56:22 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/14 09:56:20 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/14 09:56:20 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/14 09:56:20 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/14 09:56:20 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/14 09:56:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/14 09:56:20 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/11/14 09:56:20 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/14 09:56:20 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/14 09:56:20 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/11/14 09:56:16 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/14 09:56:15 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/14 09:56:15 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/14 09:56:14 | 003,959,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/14 00:15:00 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall cover photo 11-14-13
[2013/11/13 07:40:16 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/11/13 07:39:41 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/11/13 07:39:39 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/11/13 07:39:39 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/11/13 07:39:39 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/11/13 07:39:38 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/11/13 07:39:08 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/11/13 07:39:06 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/11/13 07:39:05 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/11/13 07:39:05 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/11/13 07:39:05 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/11/13 07:38:50 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/11/13 07:38:42 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/11/13 07:38:41 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/11/13 07:38:41 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/11/13 07:38:40 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/11/10 03:46:47 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Brandi and Jess picture 11-10-13
[2013/11/09 06:36:00 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall profile picture 11-7-13 full
[2013/11/06 00:08:16 | 000,000,000 | ---D | C] -- C:\Users\mullins4\Documents\Mary Marshall profile picture 11-6-13
[2013/11/05 16:07:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Charter Security Suite
[2013/11/05 16:06:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Charter Security Suite
[2013/11/05 16:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2013/11/05 15:58:37 | 000,000,000 | ---D | C] -- C:\Users\mullins4\AppData\Local\lptmp2142391410
[2013/05/01 16:25:12 | 009,842,040 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe

========== Files - Modified Within 30 Days ==========

[2013/12/02 18:01:03 | 000,726,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/02 18:01:03 | 000,624,358 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/02 18:01:03 | 000,106,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/02 17:55:47 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/02 13:12:25 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFormullins4.job
[2013/12/02 12:46:03 | 000,001,254 | ---- | M] () -- C:\Windows\tasks\Allyrics-16-codedownloader.job
[2013/12/02 12:46:03 | 000,001,154 | ---- | M] () -- C:\Windows\tasks\Allyrics-16-enabler.job
[2013/12/02 12:46:02 | 000,001,348 | ---- | M] () -- C:\Windows\tasks\Allyrics-16-updater.job
[2013/12/02 12:20:57 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/02 12:20:56 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/02 12:08:51 | 000,000,596 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2013/12/02 12:07:45 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2013/12/02 12:07:18 | 000,350,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/02 12:06:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/02 12:06:09 | 2901,467,136 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/29 20:14:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mullins4\Desktop\OTL.exe
[2013/11/29 03:00:43 | 133,200,385 | ---- | M] () -- C:\Users\mullins4\Documents\Manga Studio Artwork.zip
[2013/11/27 01:20:34 | 005,773,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/11/27 01:20:34 | 004,916,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/11/27 01:20:34 | 003,174,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/11/27 01:20:34 | 001,123,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/11/27 01:20:34 | 001,048,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/11/27 01:20:34 | 000,384,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/11/27 01:20:34 | 000,322,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/11/27 01:20:34 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/11/27 01:20:34 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/11/27 01:20:34 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/11/27 01:20:34 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/11/27 01:20:34 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/11/27 01:20:34 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/11/27 01:20:34 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/11/27 01:20:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/11/27 01:20:34 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/11/27 01:20:34 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/11/27 01:20:34 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/11/27 01:20:34 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/11/27 01:20:34 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/11/27 01:20:34 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/11/27 01:20:34 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/11/27 01:20:34 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\tsusbflt.sys.mui
[2013/11/27 01:17:25 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/11/27 01:17:25 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/11/25 02:59:15 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/21 17:13:21 | 003,563,102 | ---- | M] () -- C:\Users\mullins4\Desktop\For A Reason (acoustic version).MP3
[2013/11/10 08:30:24 | 004,454,616 | ---- | M] () -- C:\Users\mullins4\Desktop\DB - Meaning of The Word (original Christmas song).mp3
[2013/11/09 19:41:19 | 000,056,016 | ---- | M] () -- C:\Windows\SysNative\drivers\fsbts.sys
[2013/11/09 18:42:48 | 000,019,903 | ---- | M] () -- C:\Windows\prodsett_copy.ini
[2013/11/06 16:07:04 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMULLINS4-HP$.job
[2013/11/05 16:07:12 | 000,002,049 | ---- | M] () -- C:\Users\Public\Desktop\Charter Security Suite.lnk

========== Files Created - No Company Name ==========

[2013/12/02 12:06:21 | 000,350,160 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/29 02:55:31 | 133,200,385 | ---- | C] () -- C:\Users\mullins4\Documents\Manga Studio Artwork.zip
[2013/11/27 00:48:00 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2013/11/27 00:46:53 | 000,001,348 | ---- | C] () -- C:\Windows\tasks\Allyrics-16-updater.job
[2013/11/27 00:46:48 | 000,001,154 | ---- | C] () -- C:\Windows\tasks\Allyrics-16-enabler.job
[2013/11/27 00:46:27 | 000,001,254 | ---- | C] () -- C:\Windows\tasks\Allyrics-16-codedownloader.job
[2013/11/25 02:59:15 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/20 18:47:58 | 003,563,102 | ---- | C] () -- C:\Users\mullins4\Desktop\For A Reason (acoustic version).MP3
[2013/11/10 08:28:33 | 004,454,616 | ---- | C] () -- C:\Users\mullins4\Desktop\DB - Meaning of The Word (original Christmas song).mp3
[2013/11/09 19:34:39 | 000,000,596 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
[2013/11/09 18:43:43 | 000,056,016 | ---- | C] () -- C:\Windows\SysNative\drivers\fsbts.sys
[2013/11/09 18:42:48 | 000,019,903 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2013/11/05 16:07:12 | 000,002,049 | ---- | C] () -- C:\Users\Public\Desktop\Charter Security Suite.lnk
[2013/07/17 02:59:01 | 001,229,097 | ---- | C] () -- C:\Windows\unins000.exe
[2013/07/17 02:59:01 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2013/07/17 02:59:01 | 000,076,348 | ---- | C] () -- C:\Windows\unins000.dat
[2013/04/27 08:07:53 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2013/04/27 07:58:40 | 000,005,937 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2013/04/17 08:05:05 | 005,703,413 | ---- | C] () -- C:\Users\mullins4\sample test.pdf
[2013/04/17 08:05:02 | 000,191,751 | ---- | C] () -- C:\Users\mullins4\TCAP REVIEW II_Langdon.pdf
[2013/04/16 17:57:34 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll
[2013/04/16 17:57:34 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat
[2013/04/16 17:16:36 | 000,118,784 | ---- | C] () -- C:\Windows\dsdxirmv.exe
[2013/04/13 15:19:54 | 000,014,848 | ---- | C] () -- C:\Users\mullins4\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
  • 0

Advertisements


#11
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

My sincere apologies for the delay, nathdep is currently unavailable...

Do you still require further assistance or not ?
  • 0

#12
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hey! :D That's ok! :)

Well my dad recently did a system restore on the laptop and it's working a lot better, but for some reason I still feel like there's something in it or something... but I'm not sure. My Charter Security Suite keeps blocking random adware pop ups and having to remove them. It did this morning, and last night.

But yea, I'd like to know if you can see if there's anything still in the laptop... like some sort of malware or other problem. Would you need me to make another OTL log? :)
  • 0

#13
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Hey! :D That's ok! :)

Thank you!

Well my dad recently did a system restore on the laptop and it's working a lot better, but for some reason I still feel like there's something in it or something... but I'm not sure. My Charter Security Suite keeps blocking random adware pop ups and having to remove them. It did this morning, and last night.

Fair play and acknowledged.

But yea, I'd like to know if you can see if there's anything still in the laptop... like some sort of malware or other problem. Would you need me to make another OTL log? :)

By all means but we will take a slightly different approach this time round as follows...

Also please refrane from any further self fixes as this will actually hinder the malware removal process/myself being able to assist you to the best of my abilities, thank you.

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download the installer for Registry Backup from here or here and save to your desktop.
  • Right-click on tweaking.com_registry_backup_setup.exe and select Run as Administrator >> Follow the prompts for a default installation
  • Ensure the option Open "Tweaking.com - Registry Backup" When Install Completes is selected >> Next > >> Finish
  • Once the GUI(graphical user interface) has appeared/loaded:-
Posted Image

  • Click on Backup Now >> once the process is complete, similar to the below will displayed in the GUI:-
Posted Image

  • Close Tweaking.com - Registry Backup
Note: There will now be a folder at the root of the Hard-Drive named C:\RegBackup, do not delete this as it is the actual backup just created.

A tutorial for Registry Backup explaining the various features can be viewed here.

Re-scan with AdwCleaner:

Please download adwcleaner from here and save to your desktop if it is no longer present.

Alternate downloads are here or here.

  • Right-click on adwcleaner.exe and select Run as Administrator to launch the application.
  • Now click on the Scan tab >> once the scan is complete click on the Clean tab and follow the prompts.
  • Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
Note: The log can also be located at C: >> AdwCleaner >> AdwCleaner[SN].txt<-- N denoting a number that may be 0 or 1

Scan with JRT:

Please download Junkware Removal Tool to your desktop.

Note: Temp' disable/shut down your protection software now to avoid potential conflicts, how to do so can be read here.

  • Right-click on on JRT.exe and select Run as Administrator to launch the application >> follow the on-screen prompt.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Note: Reboot your machine and ensure all disabled security software is now enabled etc.
  • 0

#14
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hey!

Ok! I followed your instructions.

Here's the Adwcleaner log...

# AdwCleaner v3.015 - Report created 10/12/2013 at 23:14:53
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : mullins4 - MULLINS4-HP
# Running from : C:\Users\mullins4\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Level Quality Watcher

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\ScorpionSaver
Folder Deleted : C:\Program Files\Level Quality Watcher
File Deleted : C:\Users\mullins4\AppData\Local\Temp\Uninstall.exe

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{87BEF026-9269-413C-A5B3-11F35451380E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\Adpeak, Inc.
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\Software\Scorpion Saver
Key Deleted : [x64] HKLM\SOFTWARE\Scorpion Saver

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


*************************

AdwCleaner[R0].txt - [34651 octets] - [30/11/2013 19:27:42]
AdwCleaner[R1].txt - [25525 octets] - [02/12/2013 00:02:01]
AdwCleaner[R2].txt - [1048 octets] - [03/12/2013 12:30:16]
AdwCleaner[R3].txt - [1168 octets] - [03/12/2013 14:11:30]
AdwCleaner[R4].txt - [2498 octets] - [10/12/2013 23:12:51]
AdwCleaner[S0].txt - [28059 octets] - [02/12/2013 00:04:42]
AdwCleaner[S1].txt - [998 octets] - [03/12/2013 12:32:08]
AdwCleaner[S2].txt - [2246 octets] - [10/12/2013 23:14:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2306 octets] ##########


And the JRT log...

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by mullins4 on Tue 12/10/2013 at 23:34:54.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{F3EC8992-81D6-434E-A7CB-FD458A6D4858}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\fighters"
Successfully deleted: [Empty Folder] C:\Users\mullins4\appdata\local\{1D9F3216-5187-437E-8F59-7297F561A7E5}
Successfully deleted: [Empty Folder] C:\Users\mullins4\appdata\local\{22505D92-A861-407C-B463-959D650100A2}
Successfully deleted: [Empty Folder] C:\Users\mullins4\appdata\local\{27B3864F-0868-4F1D-875E-3D4CF44E0677}
Successfully deleted: [Empty Folder] C:\Users\mullins4\appdata\local\{2BFFEF1B-4CEF-4062-8300-F28A77A89CED}
Successfully deleted: [Empty Folder] C:\Users\mullins4\appdata\local\{38DC11F1-B2CA-44D7-8F1F-657C43396990}
Successfully deleted: [Empty Folder] C:\Users\mullins4\appdata\local\{749248B6-A566-4D25-8CC2-2DBC952382E7}
Successfully deleted: [Empty Folder] C:\Users\mullins4\appdata\local\{7A76F140-B937-4694-8B47-54BF8F6444D2}
Successfully deleted: [Empty Folder] C:\Users\mullins4\appdata\local\{8B771D80-E709-4E22-AE1E-ACD5B53441B3}
Successfully deleted: [Empty Folder] C:\Users\mullins4\appdata\local\{BE3631C6-415E-49DA-86F1-2315E45F08E7}
Successfully deleted: [Empty Folder] C:\Users\mullins4\appdata\local\{C9D21E95-86D7-4A2D-8A78-81F050812503}
Successfully deleted: [Empty Folder] C:\Users\mullins4\appdata\local\{CDBD3F0D-9368-4C3A-952B-B03927683D96}
Successfully deleted: [Empty Folder] C:\Users\mullins4\appdata\local\{D7CC5DF7-72C0-4F0C-ADC9-F7D0DF454899}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 12/10/2013 at 23:50:40.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#15
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Ok! I followed your instructions.

Good, lets proceed as follows shall we...

Scan with aswMBR:

Please download aswMBR to your desktop.

  • Right-click the aswMBR.exe select Run as Administrator to run it.
  • When prompted with The application can use the Avast! Free Antivirus for scanning >> select No
  • Now click on the Scan button to start scan
  • On completion of the scan click Save Log, save it to your desktop and post the contents in your next reply
Note: There will also be a file on your desktop named MBR.dat(or similar) do not delete this for now it is a actual backup of the MBR(master boot record).

Scan with Farbar Recovery Scan Tool:

Please download and save the Farbar Recovery Scan Tool 64-Bit to your desktop.

  • Right-click on FRST.exe and select Run as Administrator to start FRST >> >> follow the prompt/click on Yes
  • Under Optional Scan ensure both Drivers MD5 and Addition.txt are selected.
  • Now click on the Scan button/radio tab >> at the Scan completed prompt click on OK
  • At the next prompt denoting Addition.txt is saved in the same location FRST tool is run >> click on OK
  • There will now be two logs on your desktop, Addition.txt and FRST.txt. Post the contents of both in your next reply.
Next:

When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered ?
  • aswMBR Log.
  • Both FRST logs. <-- Post them individually please, IE: one Log per post/reply.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP