Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Black Screen When Going On Internet (FIREFOX) [Closed]

Started by TerraceHill , May 28 2014 10:51 PM

This topic is locked

#1
TerraceHill

Posted 28 May 2014 - 10:51 PM

Member

Member
32 posts

When I go on the internet, the page is usually okay if I don't interact with it. Once I go to use the scroll bar, it glitches with a black screen... only on the internet part though; the scroll bar and adress bar, search bar and that whole area is still visible. I can't read anything or write anything.

Might be nothing virus related, but it has never happened before... so any help from you guys is much appreciated <3 I've been on this site a few times before for help, and it's really awesome.

#2
Biscuithd

Posted 29 May 2014 - 11:57 AM

Trusted Helper

Malware Removal
2,573 posts

Hi there TerraceHill, wavey.gif.pagespeed.ce.4AQn4GwL8t.gif Welcome back to the forums!
welcome.gif.pagespeed.ce.jM2aDq5TfO.gif . My name is Biscuithd and I will be assisting you with your Computer issues.

I know how upsetting it can be when one's computer is experiencing problems. I will try to help get things squared away. For a start please make sure that you...

Carefully read every post completely before doing anything.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
Do not run any other scans or other software on your computer unless asked as it may make this repair more difficult.

Ok, let's get started.

I saw your posted OTL scan. You should also have a file called Extras.txt that was produced at the same time that OTL.txt was produced. I you have that, please post it. I you don't, I'll need you to re-run OTL to produce the file. And, it you're going to re-run OTL, I'd like you to do it a little differently than you did the first time. There are instructions for a Custom script below along with instructions. Do this ONLY if you can't find the Extras.txt.

Download 'OTL by OldTimer' and save it to your desktop or move your existing copy into the said location.

Simply double-click the program icon to run it. It will ask for administrator privileges.
Copy and paste the following into the Custom Scans/Fixes box:

Quote

netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
c:\program files (x86)\Google\Desktop
c:\program files\Google\Desktop
dir "%systemdrive%\*" /S /A:L /C
/md5start
rpcss.dll
/md5stop
CREATERESTOREPOINT

Click Run Scan.
Files are being searched and it may take some time. Once done, two Notepad windows will appear, named OTL.txt and Extras.txt.
Alternatively, you can also find these at your desktop.
Copy and paste (CTRL + A and CTRL + C) the content of these logs in your next reply.

#3
TerraceHill

Posted 01 June 2014 - 04:55 PM

Member

Topic Starter
Member
32 posts

OTL.TXT REPORT

OTL logfile created on: 6/1/2014 5:37:30 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Olivia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.92 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 38.33% Memory free
11.84 Gb Paging File | 6.31 Gb Available in Paging File | 53.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682.74 Gb Total Space | 371.28 Gb Free Space | 54.38% Space Free | Partition Type: NTFS

Computer Name: OLIVIA-PC | User Name: Olivia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2014/05/14 18:19:34 | 001,863,856 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
PRC - [2014/05/09 20:20:28 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/04/23 18:01:04 | 000,572,096 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014/04/23 18:01:02 | 001,825,984 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2013/12/27 17:41:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Olivia\Desktop\OTL.exe
PRC - [2013/12/04 06:01:12 | 001,708,904 | ---- | M] (GreenTree Applications SRL) -- C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe
PRC - [2013/09/05 10:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/08/30 03:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/05/18 14:22:06 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/10/08 19:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012/08/27 22:21:22 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2012/02/27 06:01:56 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/01/20 19:29:28 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/01/20 19:29:26 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/01/20 14:45:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/20 14:45:30 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2011/12/23 13:24:00 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe
PRC - [2011/11/25 16:41:36 | 000,645,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe
PRC - [2011/11/25 16:41:18 | 000,233,224 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2008/09/16 12:03:18 | 041,878,880 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsEditor.exe
PRC - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2008/09/16 05:44:42 | 000,079,232 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\PhotoshopServer.exe
PRC - [2008/09/16 05:44:10 | 005,219,712 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\Adobe Premiere Elements.exe

========== Modules (No Company Name) ==========

MOD - [2014/05/14 18:19:33 | 016,361,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
MOD - [2014/05/09 20:20:26 | 003,839,088 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/04/23 18:01:04 | 001,092,288 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014/04/21 18:55:38 | 000,471,552 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-53.dll
MOD - [2014/04/21 18:55:38 | 000,340,480 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2014/03/31 18:09:18 | 000,754,688 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014/03/03 15:15:40 | 020,626,624 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/12/02 12:37:10 | 002,341,888 | ---- | M] () -- C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlccore.dll
MOD - [2013/12/02 12:37:10 | 000,113,664 | ---- | M] () -- C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlc.dll
MOD - [2013/12/02 12:36:24 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\libdirectsound_plugin.dll
MOD - [2013/06/14 19:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 19:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/14 19:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2011/12/23 13:24:00 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe
MOD - [2011/11/25 16:42:50 | 000,499,976 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
MOD - [2011/11/25 16:29:32 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll
MOD - [2011/11/25 16:28:26 | 000,484,352 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll
MOD - [2011/11/25 16:26:14 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll
MOD - [2011/11/25 16:24:16 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ServiceManagerStarter.dll
MOD - [2011/08/17 19:48:24 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll
MOD - [2011/08/17 19:48:22 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll
MOD - [2011/08/17 19:41:36 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll
MOD - [2011/08/15 23:17:30 | 009,224,704 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtGui4.dll
MOD - [2011/08/15 23:15:44 | 000,382,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll
MOD - [2011/08/15 23:12:04 | 002,603,520 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll
MOD - [2011/08/15 23:12:04 | 001,006,592 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll
MOD - [2011/08/15 22:23:00 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll
MOD - [2011/07/19 19:05:40 | 014,978,048 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtWebKit4.dll
MOD - [2011/07/19 19:04:56 | 000,317,952 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\phonon4.dll
MOD - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
MOD - [2008/09/16 12:06:44 | 003,626,336 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\authplay.dll
MOD - [2008/09/16 12:05:16 | 001,418,592 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\ems.dll
MOD - [2008/09/16 12:05:10 | 000,427,360 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\DetectionUtils.dll
MOD - [2008/09/16 12:03:50 | 000,398,688 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\AdobeXMP.dll
MOD - [2008/09/16 12:00:02 | 001,032,266 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\libmmd.dll
MOD - [2008/09/16 05:44:42 | 000,079,232 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\PhotoshopServer.exe
MOD - [2008/09/16 05:44:10 | 005,219,712 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\Adobe Premiere Elements.exe
MOD - [2008/09/16 04:16:02 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\Plug-ins\en_US\RecorderMPEGHDV.prm
MOD - [2008/09/16 03:55:24 | 011,620,352 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\Premiere.dll
MOD - [2008/09/16 03:54:52 | 000,163,840 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\cafilters\BrightnessContrastCAFilter.dll
MOD - [2008/09/16 03:54:42 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\cafilters\FaceDetectionCAFilter.dll
MOD - [2008/09/16 03:54:32 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\cafilters\SceneDetectCAFilter.sd
MOD - [2008/09/16 03:54:02 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\cafilters\AudioCAFilter.dll
MOD - [2008/09/16 03:53:54 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\cafilters\ShakeCAFilter.dll
MOD - [2008/09/16 03:53:46 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\cafilters\BlurCAFilter.dll
MOD - [2008/09/16 03:53:38 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\cafilters\MotionCAFilter.dll
MOD - [2008/09/16 03:53:20 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\Startup.dll
MOD - [2008/09/16 03:53:12 | 000,471,040 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\Premiere.en_US.dll
MOD - [2008/09/16 03:52:40 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HSL.en_US.dll
MOD - [2008/09/16 03:52:24 | 003,440,640 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\Mezzanine.en_US.dll
MOD - [2008/09/16 03:51:00 | 000,055,296 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\TitlerUI.en_US.dll
MOD - [2008/09/16 03:50:06 | 000,290,816 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\sharingcenter\pc\SCPC.sc
MOD - [2008/09/16 03:49:38 | 003,452,928 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\UIFramework.en_US.dll
MOD - [2008/09/16 03:49:24 | 000,516,096 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\About.en_US.dll
MOD - [2008/09/16 03:47:08 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\ARA.dll
MOD - [2008/09/16 03:47:00 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerEvents.dll
MOD - [2008/09/16 03:46:48 | 000,962,560 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerAudioMixer.dll
MOD - [2008/09/16 03:45:56 | 001,187,840 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerCapture.dll
MOD - [2008/09/16 03:44:32 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerHistory.dll
MOD - [2008/09/16 03:44:16 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerDVDLayout.dll
MOD - [2008/09/16 03:43:40 | 002,174,976 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerTimeline.dll
MOD - [2008/09/16 03:41:14 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerGetProperties.dll
MOD - [2008/09/16 03:40:56 | 003,272,704 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerProject.dll
MOD - [2008/09/16 03:37:00 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerSharingCenter.dll
MOD - [2008/09/16 03:36:46 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerInfo.dll
MOD - [2008/09/16 03:36:18 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerAudioNarration.dll
MOD - [2008/09/16 03:36:00 | 000,397,312 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerMovieTheme.dll
MOD - [2008/09/16 03:35:26 | 003,162,112 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerEffectControls.dll
MOD - [2008/09/16 03:30:50 | 001,441,792 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerMonitor.dll
MOD - [2008/09/16 03:28:54 | 002,011,136 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HandlerOrganizer.dll
MOD - [2008/09/16 03:25:24 | 000,516,096 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\SCCommon.dll
MOD - [2008/09/16 03:24:56 | 000,458,752 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\OLS.dll
MOD - [2008/09/16 03:24:02 | 000,270,336 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\PresetManager.dll
MOD - [2008/09/16 03:23:38 | 012,304,384 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\HSL.dll
MOD - [2008/09/16 03:17:12 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\About.dll
MOD - [2008/09/16 03:17:02 | 001,409,024 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\DVDCreator.dll
MOD - [2008/09/16 03:15:48 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\MediaCoreUI.dll
MOD - [2008/09/16 03:15:16 | 005,484,544 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\Mezzanine.dll
MOD - [2008/09/16 03:10:58 | 001,208,320 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\TitlerCreator.dll
MOD - [2008/09/16 03:09:40 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\ContentAnalysisHost.dll
MOD - [2008/09/16 03:09:26 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\DVDStructures.dll
MOD - [2008/09/16 03:09:16 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\Descriptors.dll
MOD - [2008/09/16 03:09:02 | 000,348,160 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\TitlerUI.dll
MOD - [2008/09/16 03:08:36 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\ContentAnalysisData.dll
MOD - [2008/09/16 03:05:56 | 002,547,712 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\AMocWrapper.dll
MOD - [2008/09/16 03:03:12 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\IPLibrary.dll
MOD - [2008/09/16 03:02:42 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\BackendLegacyLib.dll
MOD - [2008/09/16 03:00:06 | 004,952,064 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\UIFramework.dll
MOD - [2008/09/16 02:54:26 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\ASLConsole.dll
MOD - [2008/09/16 02:52:10 | 000,331,776 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\AudioFilters.dll
MOD - [2008/09/16 02:51:16 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\MediaUtils.dll
MOD - [2008/09/16 02:50:40 | 006,627,328 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\MediaLayer.dll
MOD - [2008/09/16 02:45:32 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\VideoFrame.dll
MOD - [2008/09/16 02:45:18 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\BravoInitializer.dll
MOD - [2008/09/16 02:44:56 | 011,800,576 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\BackendLib.dll
MOD - [2008/09/16 02:38:30 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\ASLUnitTesting.dll
MOD - [2008/09/16 02:38:22 | 001,175,552 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\ImageRenderer.dll
MOD - [2008/09/16 02:35:40 | 000,466,944 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\AudioRenderer.dll
MOD - [2008/09/16 02:35:10 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\MemoryShell.dll
MOD - [2008/09/16 02:35:06 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\Memory.dll
MOD - [2008/09/16 02:35:02 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\MediaFoundation.dll
MOD - [2008/09/16 02:34:52 | 000,598,016 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\ASLFoundation.dll
MOD - [2008/09/16 02:34:16 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\PRM.dll
MOD - [2008/09/16 02:33:58 | 000,528,384 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\dvaeve.dll
MOD - [2008/09/16 02:31:20 | 000,712,704 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\exo.dll
MOD - [2008/09/16 02:29:06 | 000,696,320 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\dvaworkspace.dll
MOD - [2008/09/16 02:28:40 | 001,830,912 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\dvaui.dll
MOD - [2008/09/16 02:24:14 | 001,339,392 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\dvacore.dll
MOD - [2008/09/16 00:43:44 | 000,791,904 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\sync_util.dll
MOD - [2008/09/16 00:43:30 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\livelink.dll
MOD - [2008/09/16 00:43:28 | 004,768,768 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\Authplay.dll
MOD - [2008/09/16 00:43:20 | 002,479,456 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\SyncPrefLib.dll
MOD - [2008/09/16 00:43:04 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\QuickTimeGlue.dll
MOD - [2008/09/16 00:42:26 | 000,861,184 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\FileInfo.dll
MOD - [2008/09/16 00:42:26 | 000,245,248 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\Emul.dll
MOD - [2008/09/16 00:42:22 | 000,401,408 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\DetectionUtils.dll
MOD - [2008/09/16 00:42:18 | 000,483,840 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\AdobeXMPFiles.dll
MOD - [2008/09/16 00:42:18 | 000,424,448 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\AdobeXMP.dll
MOD - [2008/09/16 00:42:04 | 000,998,912 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\AMESettingsUI.dll
MOD - [2008/09/16 00:42:04 | 000,216,064 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\AMEFoundation.dll
MOD - [2008/09/16 00:42:04 | 000,177,152 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\AMEProperties.dll
MOD - [2008/09/16 00:42:04 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Premiere Elements 7.0\Alog.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/03/06 04:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/12/16 21:17:18 | 000,627,992 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/02 18:33:46 | 000,580,608 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2012/01/11 00:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/12/14 18:11:38 | 000,833,976 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2011/12/08 13:44:04 | 000,594,704 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2011/12/08 13:43:56 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/12/08 13:43:48 | 000,618,256 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/12/08 13:43:44 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/11/25 21:52:36 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011/11/24 16:20:38 | 000,294,848 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2011/04/20 18:16:04 | 000,558,592 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2014/05/14 18:19:35 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/09 20:20:27 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/23 18:01:04 | 000,572,096 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/05 10:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/08/27 22:21:22 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/05/10 15:20:46 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/01/20 19:29:28 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/20 19:29:26 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/01/20 14:45:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/01/20 14:45:30 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2011/11/21 18:32:40 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/11 20:16:03 | 000,090,424 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013/11/11 20:16:03 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2013/11/11 20:16:02 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013/08/30 03:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/08/30 03:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/08/30 03:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/08/30 03:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/08/30 03:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/08/30 03:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/08/30 03:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/08/30 03:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/08/30 03:48:09 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/08/27 22:17:25 | 000,052,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012/07/28 02:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/05/10 15:11:04 | 014,759,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/27 06:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/27 06:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/27 06:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/02/24 20:11:54 | 000,412,944 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/02/24 20:11:52 | 000,022,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver.sys -- (SmbDrv)
DRV:64bit: - [2012/01/16 18:49:14 | 000,103,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012/01/09 04:44:44 | 011,416,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/12/20 20:38:36 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/12/20 20:38:36 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/12/13 18:00:32 | 000,259,176 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2011/12/06 07:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/29 22:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/10 04:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/03/23 20:10:28 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2011/03/18 18:03:18 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 11:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKCU\..\SearchScopes,DefaultScope = {652F9CE1-253F-41E3-BD78-9E097B60BDFA}
IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{2F7C0659-69DD-49B5-903C-8CE4C9C4881D}: "URL" = http://www.google.co...1I7TSNO_enUS493
IE - HKCU\..\SearchScopes\{34C44B18-A2BE-4BE8-8B3A-D6FC1EC80815}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{652F9CE1-253F-41E3-BD78-9E097B60BDFA}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://search.yahoo....=spigot-yhp-ff"
FF - prefs.js..extensions.enabledAddons: %7B58d2a791-6199-482f-a9aa-9b725ec61362%7D:2.2
FF - prefs.js..extensions.enabledAddons: savingsslider%40mybrowserbar.com:3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo....type=407453&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Olivia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/05/18 14:23:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/05/18 14:23:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/09/08 19:37:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/11/23 23:13:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\Extensions
[2012/11/23 23:13:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\Extensions\[email protected]
[2014/04/30 23:44:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\Firefox\Profiles\hbn48kr9.default\extensions
[2014/04/30 23:44:39 | 000,010,858 | ---- | M] () (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\extensions\[email protected]
[2014/04/13 23:09:33 | 000,010,082 | ---- | M] () (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
[2014/01/18 04:31:43 | 000,000,905 | ---- | M] () -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\searchplugins\yahoo_ff.xml
[2014/05/09 20:20:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/09 20:20:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013/09/22 22:07:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SRS Premium Sound 3D] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DelayTSS] C:\Program Files\Toshiba\DelayTSS\DelayTSS.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{400FAA9F-183D-47C5-816F-A31E6C55C2A6}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /A:"C:" /A:"*STARTUP-SHORT" /A:"*STARTUP" /L:"1033" /heur:100 /RA:chest /pup /archives /IA:0 /KBD:2 /wow /dir:"C:\Program Files\AVAST Software\Avast")
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/05/26 21:04:23 | 000,000,000 | ---D | C] -- C:\Users\Olivia\Desktop\Neverin's Night OST
[2014/05/19 00:03:56 | 000,000,000 | ---D | C] -- C:\Users\Olivia\Desktop\Adobe Premiere Elements Auto-Save
[2014/05/18 22:03:44 | 000,000,000 | ---D | C] -- C:\Users\Olivia\Desktop\Media Cache Files
[2014/05/18 22:03:44 | 000,000,000 | ---D | C] -- C:\Users\Olivia\Desktop\Encoded Files
[2014/05/18 22:03:44 | 000,000,000 | ---D | C] -- C:\Users\Olivia\Desktop\Adobe Premiere Elements Preview Files
[2014/05/15 03:04:43 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/05/15 03:04:42 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/05/15 03:04:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/13 16:45:24 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/05/13 16:45:22 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/05/13 16:44:29 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2014/05/13 16:44:26 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2014/05/13 16:44:25 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2014/05/13 16:44:25 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2014/05/13 16:44:24 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\objsel.dll
[2014/05/13 16:44:23 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2014/05/13 16:44:20 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\objsel.dll
[2014/05/13 16:44:19 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2014/05/13 16:44:16 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cngprovider.dll
[2014/05/13 16:44:16 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adprovider.dll
[2014/05/13 16:44:16 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\capiprovider.dll
[2014/05/13 16:44:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpapiprovider.dll
[2014/05/13 16:44:16 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cngprovider.dll
[2014/05/13 16:44:16 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adprovider.dll
[2014/05/13 16:44:16 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dimsroam.dll
[2014/05/13 16:44:16 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dimsroam.dll
[2014/05/13 16:44:15 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2014/05/13 16:44:15 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\capiprovider.dll
[2014/05/13 16:44:15 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpapiprovider.dll
[2014/05/13 16:44:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wincredprovider.dll
[2014/05/13 16:44:14 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wincredprovider.dll
[2014/05/13 16:44:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2014/05/13 16:44:13 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2014/05/09 20:20:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/06 04:06:58 | 000,000,000 | --SD | C] -- C:\windows\SysNative\CompatTel
[15 C:\Users\Olivia\Documents\*.tmp files -> C:\Users\Olivia\Documents\*.tmp -> ]
[1 C:\Users\Olivia\Desktop\*.tmp files -> C:\Users\Olivia\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/06/01 17:37:49 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/01 17:37:01 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/06/01 17:36:34 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/06/01 17:36:29 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/01 17:36:28 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/06/01 02:32:36 | 129,434,698 | ---- | M] () -- C:\Users\Olivia\Documents\Neverin's Symphony I.flv
[2014/05/30 21:29:32 | 003,172,152 | ---- | M] () -- C:\Users\Olivia\Desktop\The 'Neverin's Night' Symphony.prel
[2014/05/30 19:19:02 | 000,055,148 | ---- | M] () -- C:\Users\Olivia\Desktop\chinese-water-dragon-02.jpg
[2014/05/30 00:43:36 | 000,083,781 | ---- | M] () -- C:\Users\Olivia\Desktop\the greatest brother.png
[2014/05/28 04:02:21 | 000,001,429 | ---- | M] () -- C:\Users\Olivia\Desktop\old.gif
[2014/05/28 04:01:51 | 000,001,429 | ---- | M] () -- C:\Users\Olivia\Desktop\new.gif
[2014/05/27 22:21:01 | 000,014,047 | ---- | M] () -- C:\Users\Olivia\Desktop\FIRED UP FOR GOD T SHIRT 2.gif
[2014/05/27 22:13:59 | 000,042,708 | ---- | M] () -- C:\Users\Olivia\Desktop\FIRED UP FOR GOD T-SHIRT.gif
[2014/05/27 21:26:08 | 000,037,486 | ---- | M] () -- C:\Users\Olivia\Desktop\wolf pretty.jpg
[2014/05/27 20:21:54 | 001,052,825 | ---- | M] () -- C:\Users\Olivia\Desktop\Days of the Wyrm.psd
[2014/05/27 20:15:59 | 000,004,877 | ---- | M] () -- C:\Users\Olivia\Desktop\images.jpg
[2014/05/27 19:06:50 | 000,035,685 | ---- | M] () -- C:\Users\Olivia\Desktop\1234984_647212128695287_6145682135464052983_n.jpg
[2014/05/25 22:32:37 | 010,774,400 | ---- | M] () -- C:\Users\Olivia\Desktop\Dinosaur - Raptors _ Stand Together.mp3
[2014/05/25 21:42:23 | 005,902,986 | ---- | M] () -- C:\Users\Olivia\Desktop\Epic Music - Adrian von Ziegler - Wolf Blood.mp3
[2014/05/25 21:27:21 | 004,792,448 | ---- | M] () -- C:\Users\Olivia\Desktop\John Dreamer - Rise.mp3
[2014/05/25 21:27:20 | 006,919,040 | ---- | M] () -- C:\Users\Olivia\Desktop\John Dreamer - Becoming A Legend.mp3
[2014/05/25 21:25:31 | 006,004,352 | ---- | M] () -- C:\Users\Olivia\Desktop\Explosive - Bond.mp3
[2014/05/25 21:04:39 | 005,796,224 | ---- | M] () -- C:\Users\Olivia\Desktop\Thousand Foot Krutch-Step to me (Lyrics).mp3
[2014/05/25 21:02:22 | 007,605,632 | ---- | M] () -- C:\Users\Olivia\Desktop\Assassin's Creed 2 (Original Game Soundtrack) - Ezios Family.mp3
[2014/05/25 20:41:33 | 004,055,946 | ---- | M] () -- C:\Users\Olivia\Desktop\Inception Trailer 3 Music (Zack Hemsey - Mind Heist).mp3
[2014/05/25 20:37:09 | 003,708,810 | ---- | M] () -- C:\Users\Olivia\Desktop\Dieter's Theme (Rescue Dawn) by Klaus Badelt.mp3
[2014/05/25 20:35:23 | 014,096,010 | ---- | M] () -- C:\Users\Olivia\Desktop\Speedpaint_ Photoshop madness [2007].mp3
[2014/05/25 20:35:11 | 012,829,578 | ---- | M] () -- C:\Users\Olivia\Desktop\The Last Samurai OST #6 - Idyll's End.mp3
[2014/05/25 20:34:59 | 003,682,698 | ---- | M] () -- C:\Users\Olivia\Desktop\Street Fighter II V Soundtrack - Ryu Ken OST Theme.mpg.mp3
[2014/05/25 20:13:39 | 013,721,994 | ---- | M] () -- C:\Users\Olivia\Desktop\Narnia - The Battle Song.mp3
[2014/05/25 20:12:55 | 004,693,376 | ---- | M] () -- C:\Users\Olivia\Desktop\Walt Disney Dinosaur OST 9. James Newton Howard - Across The Desert.mp3
[2014/05/25 19:57:08 | 005,293,194 | ---- | M] () -- C:\Users\Olivia\Desktop\The Final Challenge - X Ray Dog.mp3
[2014/05/25 19:54:44 | 009,226,122 | ---- | M] () -- C:\Users\Olivia\Desktop\Pocahontas soundtrack- Farewell (Instrumental).mp3
[2014/05/25 19:54:41 | 006,290,052 | ---- | M] () -- C:\Users\Olivia\Desktop\Speedpaint_ Missing [2007].mp3
[2014/05/25 19:32:14 | 006,198,666 | ---- | M] () -- C:\Users\Olivia\Desktop\Mulan OST - 13. Mulan's decision (Synthesizer version score).mp3
[2014/05/25 19:23:10 | 011,050,122 | ---- | M] () -- C:\Users\Olivia\Desktop\My Name is Lincoln (Extended 5 Minute Version) - Steve Jablonsky - The Island.mp3
[2014/05/25 00:24:11 | 004,602,762 | ---- | M] () -- C:\Users\Olivia\Desktop\Hans Zimmer - Train Escape.mp3
[2014/05/25 00:03:33 | 019,194,762 | ---- | M] () -- C:\Users\Olivia\Desktop\The sound of rain w_o music.mp3
[2014/05/25 00:03:22 | 009,496,448 | ---- | M] () -- C:\Users\Olivia\Desktop\_Cold_ - Jorge Méndez (Sad Piano & Violin Instrumental).mp3
[2014/05/24 23:53:57 | 008,184,714 | ---- | M] () -- C:\Users\Olivia\Desktop\WIND CROWS FOX audio recording at night england.mp3
[2014/05/24 23:50:19 | 003,568,256 | ---- | M] () -- C:\Users\Olivia\Desktop\Audiomachine - Final Assault.mp3
[2014/05/24 22:55:33 | 008,606,346 | ---- | M] () -- C:\Users\Olivia\Desktop\Evanescence - My Immortal (Official Instrumental) HD.mp3
[2014/05/24 22:40:47 | 007,684,746 | ---- | M] () -- C:\Users\Olivia\Desktop\Click OST by Rupert Gregson-Williams (original score from the sad father and hospital scenes).mp3
[2014/05/24 22:06:00 | 094,609,317 | ---- | M] () -- C:\Users\Olivia\Desktop\The Great War on Black Ridge Mountain.mp4
[2014/05/24 22:01:56 | 013,320,330 | ---- | M] () -- C:\Users\Olivia\Desktop\Pirates of the Caribbean 2 - Soundtr 02 - The Kraken.mp3
[2014/05/24 21:29:39 | 003,691,914 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit - Get Off Of My Back (Japanese).mp3
[2014/05/24 21:25:02 | 003,790,218 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit_ Get off my back - Karaoke Instrumental - lyrics - Bryan Adams.mp3
[2014/05/24 21:17:48 | 011,740,554 | ---- | M] () -- C:\Users\Olivia\Desktop\Pirates of the Caribbean 2 - Soundtr 01 - Jack Sparrow.mp3
[2014/05/24 21:09:36 | 003,956,874 | ---- | M] () -- C:\Users\Olivia\Desktop\Kung Fu Panda Soundtrack-Oogway Ascends.mp3
[2014/05/24 20:58:57 | 004,621,194 | ---- | M] () -- C:\Users\Olivia\Desktop\Inception (2010) 528491 (Soundtrack OST).mp3
[2014/05/24 20:54:31 | 004,515,210 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit_ Stallion Of The Cimarron 05_ Investigating.mp3
[2014/05/24 00:29:55 | 005,284,746 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit-You Can't Take Me(Italian)Subs and Trans.mp3
[2014/05/23 22:38:54 | 009,157,770 | ---- | M] () -- C:\Users\Olivia\Desktop\The Chronicles Of Narnia OST- Imogen Heap - Can't Take It In (music).mp3
[2014/05/23 22:18:04 | 008,729,226 | ---- | M] () -- C:\Users\Olivia\Desktop\Adrian von Ziegler - Through the Mirror.mp3
[2014/05/23 22:18:00 | 009,223,050 | ---- | M] () -- C:\Users\Olivia\Desktop\Celtic Music - Ancient Storm.mp3
[2014/05/23 21:58:33 | 006,483,594 | ---- | M] () -- C:\Users\Olivia\Desktop\What Have You Done__Run Away - Lion King Theme.mp3
[2014/05/23 21:54:59 | 011,033,994 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit_ Stallion Of The Cimarron_ Young Hearts (Better Quality).mp3
[2014/05/23 21:23:46 | 007,799,178 | ---- | M] () -- C:\Users\Olivia\Desktop\Switchfoot - _Home_.mp3
[2014/05/21 21:02:46 | 008,026,506 | ---- | M] () -- C:\Users\Olivia\Desktop\Matt Redman - 10,000 Reasons (Bless The Lord) Piano Cover.mp3
[2014/05/20 22:56:37 | 007,136,394 | ---- | M] () -- C:\Users\Olivia\Desktop\Disney Dinosaur_ The Soundtrack Track 15-Kron And Aladar Fight..mp3
[2014/05/20 22:50:24 | 007,663,232 | ---- | M] () -- C:\Users\Olivia\Desktop\Dinosaur - The End Of Our Island.mp3
[2014/05/20 22:48:33 | 009,383,552 | ---- | M] () -- C:\Users\Olivia\Desktop\15. Balto Brings The Medicine! (score) - Balto OST.mp3
[2014/05/20 22:48:06 | 002,396,298 | ---- | M] () -- C:\Users\Olivia\Desktop\Wolf sounds.mp3
[2014/05/20 22:19:33 | 010,303,626 | ---- | M] () -- C:\Users\Olivia\Desktop\Skyrim Sounds - All Dragon Sounds (Attack,Walk,Death,etc...).mp3
[2014/05/20 22:16:52 | 017,524,362 | ---- | M] () -- C:\Users\Olivia\Desktop\Sound Effects - Dragons.mp3
[2014/05/20 21:43:51 | 000,688,266 | ---- | M] () -- C:\Users\Olivia\Desktop\Dragon Roar Scream from Dragon Slayer not Skyrim.mp3
[2014/05/20 21:38:16 | 006,557,322 | ---- | M] () -- C:\Users\Olivia\Desktop\Davy Jones's theme song.mp3
[2014/05/19 21:02:16 | 004,100,490 | ---- | M] () -- C:\Users\Olivia\Desktop\Dinosaur - They're All Gone.mp3
[2014/05/19 21:01:41 | 006,677,888 | ---- | M] () -- C:\Users\Olivia\Desktop\Dinosaur - Aladar & Neera.mp3
[2014/05/19 21:01:00 | 005,671,818 | ---- | M] () -- C:\Users\Olivia\Desktop\Dinosaur - Inner Sanctum _ The Nesting Grounds.mp3
[2014/05/19 20:59:49 | 008,316,032 | ---- | M] () -- C:\Users\Olivia\Desktop\The Lion King Soundtrack - To die For.mp3
[2014/05/19 20:58:14 | 022,538,634 | ---- | M] () -- C:\Users\Olivia\Desktop\Hans Zimmer - The Return [Battle Of Pride Rock].mp3
[2014/05/19 20:50:10 | 006,172,554 | ---- | M] () -- C:\Users\Olivia\Desktop\Lion King Soundtrack- This land.mp3
[2014/05/19 20:48:50 | 005,464,448 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit_ Stallion Of The Cimarron 10_ Rain.mp3
[2014/05/19 20:44:54 | 006,031,232 | ---- | M] () -- C:\Users\Olivia\Desktop\Two Steps From [bleep] - Black Blade.mp3
[2014/05/19 20:42:39 | 007,286,912 | ---- | M] () -- C:\Users\Olivia\Desktop\Forgotten World - Brand X Music.mp3
[2014/05/19 00:04:32 | 019,266,954 | ---- | M] () -- C:\Users\Olivia\Desktop\Strange noises coming from 'secret cave' in Tibet..mp3
[2014/05/18 23:42:19 | 000,292,298 | ---- | M] () -- C:\Users\Olivia\Desktop\pic 4.jpg
[2014/05/18 23:09:29 | 000,167,308 | ---- | M] () -- C:\Users\Olivia\Desktop\neverin running after rain.jpg
[2014/05/18 22:59:45 | 000,140,935 | ---- | M] () -- C:\Users\Olivia\Desktop\pic 3.JPG
[2014/05/18 22:45:52 | 001,046,786 | ---- | M] () -- C:\Users\Olivia\Desktop\pic 1.jpg
[2014/05/18 22:44:59 | 000,258,372 | ---- | M] () -- C:\Users\Olivia\Desktop\pic 2.JPG
[2014/05/18 21:19:20 | 006,674,826 | ---- | M] () -- C:\Users\Olivia\Desktop\The Lord of the Rings_ The Return of the King Soundtrack - 04. The White Tree.mp3
[2014/05/18 21:17:22 | 004,278,666 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit Score_ Village Attack - The River.mp3
[2014/05/18 21:16:30 | 000,644,490 | ---- | M] () -- C:\Users\Olivia\Desktop\Fire Burning Sound Effect.mp3
[2014/05/18 21:15:06 | 016,661,898 | ---- | M] () -- C:\Users\Olivia\Desktop\King Arthur OST - 06 - Do You Think I'm A Saxon.mp3
[2014/05/18 21:15:02 | 007,043,466 | ---- | M] () -- C:\Users\Olivia\Desktop\Dragon Sound Effects.mp3
[2014/05/18 21:01:11 | 012,370,304 | ---- | M] () -- C:\Users\Olivia\Desktop\The Rock - Hummell Gets The Rockets.mp3
[2014/05/18 20:59:45 | 008,651,648 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit Soundtrack - Here I Am..mp3
[2014/05/18 20:57:52 | 004,372,362 | ---- | M] () -- C:\Users\Olivia\Desktop\Two Steps From [bleep] - False King.mp3
[2014/05/18 20:50:02 | 007,566,464 | ---- | M] () -- C:\Users\Olivia\Desktop\We Won't Be Shaken by Building 429.mp3
[2014/05/18 20:49:37 | 005,663,360 | ---- | M] () -- C:\Users\Olivia\Desktop\You Can't Take Me Lyrics.mp3
[2014/05/18 20:38:28 | 012,212,864 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit - Run Free.mp3
[2014/05/18 20:37:54 | 007,566,474 | ---- | M] () -- C:\Users\Olivia\Desktop\The Last Samurai- Red Warrior.mp3
[2014/05/18 20:36:41 | 009,998,720 | ---- | M] () -- C:\Users\Olivia\Desktop\Dragonforce - Dawn Over a New World.mp3
[2014/05/18 20:35:06 | 018,723,968 | ---- | M] () -- C:\Users\Olivia\Desktop\Dragonforce - Soldiers of the Wasteland.mp3
[2014/05/18 20:31:14 | 014,211,968 | ---- | M] () -- C:\Users\Olivia\Desktop\Dragonforce-Through the Fire and the Flames Lyrics.mp3
[2014/05/18 17:15:41 | 003,573,783 | ---- | M] () -- C:\Users\Olivia\Desktop\IMG_1047.wmv
[2014/05/18 17:15:41 | 002,032,627 | ---- | M] () -- C:\Users\Olivia\Desktop\IMG_1048.wmv
[2014/05/18 17:15:41 | 001,624,091 | ---- | M] () -- C:\Users\Olivia\Desktop\IMG_1050.wmv
[2014/05/18 17:15:41 | 001,114,945 | ---- | M] () -- C:\Users\Olivia\Desktop\IMG_1051.wmv
[2014/05/18 17:15:40 | 000,780,741 | ---- | M] () -- C:\Users\Olivia\Desktop\IMG_1046.wmv
[2014/05/17 18:01:54 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/17 18:01:54 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/15 16:51:55 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014/05/15 16:05:55 | 473,403,391 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/15 03:55:05 | 001,596,995 | ---- | M] () -- C:\Users\Olivia\Desktop\Arthur.jpg
[2014/05/14 22:12:35 | 000,633,629 | ---- | M] () -- C:\Users\Olivia\Desktop\Coldbreeze.jpg
[2014/05/14 21:51:21 | 000,276,095 | ---- | M] () -- C:\Users\Olivia\Desktop\Rastaluk.png
[2014/05/14 21:38:22 | 003,814,320 | ---- | M] () -- C:\Users\Olivia\Desktop\Don't Play With Fire.psd
[2014/05/14 18:19:34 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014/05/14 18:19:34 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/13 22:59:44 | 000,189,524 | ---- | M] () -- C:\Users\Olivia\Desktop\Neverin.png
[2014/05/09 02:14:03 | 000,477,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/05/09 02:11:23 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/05/08 20:38:52 | 000,037,856 | ---- | M] () -- C:\Users\Olivia\Desktop\529268_449856391752407_427589231_n.jpg
[2014/05/06 21:48:01 | 000,045,812 | ---- | M] () -- C:\Users\Olivia\Desktop\10320573_290996027741289_2376885859272575238_n.jpg
[2014/05/05 23:00:47 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/05/05 22:10:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/05/03 22:15:18 | 004,127,893 | ---- | M] () -- C:\Users\Olivia\Desktop\BTFS - TYTSTU Book Cover.png
[2014/05/03 21:41:38 | 001,334,381 | ---- | M] () -- C:\Users\Olivia\Desktop\foggy-forest-1920x1080.jpg
[2014/05/03 21:15:54 | 000,612,206 | ---- | M] () -- C:\Users\Olivia\Desktop\Camargue-Horses-Galloping-On-The-Beach-1600x1200-white horse-wallpapers-jokuci.jpg
[15 C:\Users\Olivia\Documents\*.tmp files -> C:\Users\Olivia\Documents\*.tmp -> ]
[1 C:\Users\Olivia\Desktop\*.tmp files -> C:\Users\Olivia\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/06/01 00:21:43 | 129,434,698 | ---- | C] () -- C:\Users\Olivia\Documents\Neverin's Symphony I.flv
[2014/05/30 19:19:01 | 000,055,148 | ---- | C] () -- C:\Users\Olivia\Desktop\chinese-water-dragon-02.jpg
[2014/05/30 00:43:33 | 000,083,781 | ---- | C] () -- C:\Users\Olivia\Desktop\the greatest brother.png
[2014/05/28 04:02:17 | 000,001,429 | ---- | C] () -- C:\Users\Olivia\Desktop\old.gif
[2014/05/28 04:01:47 | 000,001,429 | ---- | C] () -- C:\Users\Olivia\Desktop\new.gif
[2014/05/27 22:20:59 | 000,014,047 | ---- | C] () -- C:\Users\Olivia\Desktop\FIRED UP FOR GOD T SHIRT 2.gif
[2014/05/27 22:13:55 | 000,042,708 | ---- | C] () -- C:\Users\Olivia\Desktop\FIRED UP FOR GOD T-SHIRT.gif
[2014/05/27 21:26:06 | 000,037,486 | ---- | C] () -- C:\Users\Olivia\Desktop\wolf pretty.jpg
[2014/05/27 20:21:54 | 001,052,825 | ---- | C] () -- C:\Users\Olivia\Desktop\Days of the Wyrm.psd
[2014/05/27 20:15:58 | 000,004,877 | ---- | C] () -- C:\Users\Olivia\Desktop\images.jpg
[2014/05/27 19:06:49 | 000,035,685 | ---- | C] () -- C:\Users\Olivia\Desktop\1234984_647212128695287_6145682135464052983_n.jpg
[2014/05/25 22:32:14 | 010,774,400 | ---- | C] () -- C:\Users\Olivia\Desktop\Dinosaur - Raptors _ Stand Together.mp3
[2014/05/25 21:42:08 | 005,902,986 | ---- | C] () -- C:\Users\Olivia\Desktop\Epic Music - Adrian von Ziegler - Wolf Blood.mp3
[2014/05/25 21:27:14 | 004,792,448 | ---- | C] () -- C:\Users\Olivia\Desktop\John Dreamer - Rise.mp3
[2014/05/25 21:27:08 | 006,919,040 | ---- | C] () -- C:\Users\Olivia\Desktop\John Dreamer - Becoming A Legend.mp3
[2014/05/25 21:25:24 | 006,004,352 | ---- | C] () -- C:\Users\Olivia\Desktop\Explosive - Bond.mp3
[2014/05/25 21:04:27 | 005,796,224 | ---- | C] () -- C:\Users\Olivia\Desktop\Thousand Foot Krutch-Step to me (Lyrics).mp3
[2014/05/25 21:02:05 | 007,605,632 | ---- | C] () -- C:\Users\Olivia\Desktop\Assassin's Creed 2 (Original Game Soundtrack) - Ezios Family.mp3
[2014/05/25 20:41:23 | 004,055,946 | ---- | C] () -- C:\Users\Olivia\Desktop\Inception Trailer 3 Music (Zack Hemsey - Mind Heist).mp3
[2014/05/25 20:36:58 | 003,708,810 | ---- | C] () -- C:\Users\Olivia\Desktop\Dieter's Theme (Rescue Dawn) by Klaus Badelt.mp3
[2014/05/25 20:34:59 | 014,096,010 | ---- | C] () -- C:\Users\Olivia\Desktop\Speedpaint_ Photoshop madness [2007].mp3
[2014/05/25 20:34:52 | 003,682,698 | ---- | C] () -- C:\Users\Olivia\Desktop\Street Fighter II V Soundtrack - Ryu Ken OST Theme.mpg.mp3
[2014/05/25 20:34:45 | 012,829,578 | ---- | C] () -- C:\Users\Olivia\Desktop\The Last Samurai OST #6 - Idyll's End.mp3
[2014/05/25 20:13:04 | 013,721,994 | ---- | C] () -- C:\Users\Olivia\Desktop\Narnia - The Battle Song.mp3
[2014/05/25 20:12:44 | 004,693,376 | ---- | C] () -- C:\Users\Olivia\Desktop\Walt Disney Dinosaur OST 9. James Newton Howard - Across The Desert.mp3
[2014/05/25 19:56:54 | 005,293,194 | ---- | C] () -- C:\Users\Olivia\Desktop\The Final Challenge - X Ray Dog.mp3
[2014/05/25 19:54:33 | 006,290,052 | ---- | C] () -- C:\Users\Olivia\Desktop\Speedpaint_ Missing [2007].mp3
[2014/05/25 19:54:24 | 009,226,122 | ---- | C] () -- C:\Users\Olivia\Desktop\Pocahontas soundtrack- Farewell (Instrumental).mp3
[2014/05/25 19:31:59 | 006,198,666 | ---- | C] () -- C:\Users\Olivia\Desktop\Mulan OST - 13. Mulan's decision (Synthesizer version score).mp3
[2014/05/25 19:22:49 | 011,050,122 | ---- | C] () -- C:\Users\Olivia\Desktop\My Name is Lincoln (Extended 5 Minute Version) - Steve Jablonsky - The Island.mp3
[2014/05/25 00:24:01 | 004,602,762 | ---- | C] () -- C:\Users\Olivia\Desktop\Hans Zimmer - Train Escape.mp3
[2014/05/25 00:03:03 | 009,496,448 | ---- | C] () -- C:\Users\Olivia\Desktop\_Cold_ - Jorge Méndez (Sad Piano & Violin Instrumental).mp3
[2014/05/25 00:02:50 | 019,194,762 | ---- | C] () -- C:\Users\Olivia\Desktop\The sound of rain w_o music.mp3
[2014/05/24 23:53:41 | 008,184,714 | ---- | C] () -- C:\Users\Olivia\Desktop\WIND CROWS FOX audio recording at night england.mp3
[2014/05/24 23:50:12 | 003,568,256 | ---- | C] () -- C:\Users\Olivia\Desktop\Audiomachine - Final Assault.mp3
[2014/05/24 22:55:11 | 008,606,346 | ---- | C] () -- C:\Users\Olivia\Desktop\Evanescence - My Immortal (Official Instrumental) HD.mp3
[2014/05/24 22:40:25 | 007,684,746 | ---- | C] () -- C:\Users\Olivia\Desktop\Click OST by Rupert Gregson-Williams (original score from the sad father and hospital scenes).mp3
[2014/05/24 22:01:23 | 013,320,330 | ---- | C] () -- C:\Users\Olivia\Desktop\Pirates of the Caribbean 2 - Soundtr 02 - The Kraken.mp3
[2014/05/24 21:52:03 | 094,609,317 | ---- | C] () -- C:\Users\Olivia\Desktop\The Great War on Black Ridge Mountain.mp4
[2014/05/24 21:29:32 | 003,691,914 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit - Get Off Of My Back (Japanese).mp3
[2014/05/24 21:24:52 | 003,790,218 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit_ Get off my back - Karaoke Instrumental - lyrics - Bryan Adams.mp3
[2014/05/24 21:17:22 | 011,740,554 | ---- | C] () -- C:\Users\Olivia\Desktop\Pirates of the Caribbean 2 - Soundtr 01 - Jack Sparrow.mp3
[2014/05/24 21:09:27 | 003,956,874 | ---- | C] () -- C:\Users\Olivia\Desktop\Kung Fu Panda Soundtrack-Oogway Ascends.mp3
[2014/05/24 20:58:45 | 004,621,194 | ---- | C] () -- C:\Users\Olivia\Desktop\Inception (2010) 528491 (Soundtrack OST).mp3
[2014/05/24 20:54:22 | 004,515,210 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit_ Stallion Of The Cimarron 05_ Investigating.mp3
[2014/05/24 00:29:42 | 005,284,746 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit-You Can't Take Me(Italian)Subs and Trans.mp3
[2014/05/23 22:38:34 | 009,157,770 | ---- | C] () -- C:\Users\Olivia\Desktop\The Chronicles Of Narnia OST- Imogen Heap - Can't Take It In (music).mp3
[2014/05/23 22:17:43 | 008,729,226 | ---- | C] () -- C:\Users\Olivia\Desktop\Adrian von Ziegler - Through the Mirror.mp3
[2014/05/23 22:17:36 | 009,223,050 | ---- | C] () -- C:\Users\Olivia\Desktop\Celtic Music - Ancient Storm.mp3
[2014/05/23 21:58:22 | 006,483,594 | ---- | C] () -- C:\Users\Olivia\Desktop\What Have You Done__Run Away - Lion King Theme.mp3
[2014/05/23 21:54:39 | 011,033,994 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit_ Stallion Of The Cimarron_ Young Hearts (Better Quality).mp3
[2014/05/23 21:23:27 | 007,799,178 | ---- | C] () -- C:\Users\Olivia\Desktop\Switchfoot - _Home_.mp3
[2014/05/21 21:02:02 | 008,026,506 | ---- | C] () -- C:\Users\Olivia\Desktop\Matt Redman - 10,000 Reasons (Bless The Lord) Piano Cover.mp3
[2014/05/20 22:56:20 | 007,136,394 | ---- | C] () -- C:\Users\Olivia\Desktop\Disney Dinosaur_ The Soundtrack Track 15-Kron And Aladar Fight..mp3
[2014/05/20 22:50:13 | 007,663,232 | ---- | C] () -- C:\Users\Olivia\Desktop\Dinosaur - The End Of Our Island.mp3
[2014/05/20 22:48:12 | 009,383,552 | ---- | C] () -- C:\Users\Olivia\Desktop\15. Balto Brings The Medicine! (score) - Balto OST.mp3
[2014/05/20 22:48:00 | 002,396,298 | ---- | C] () -- C:\Users\Olivia\Desktop\Wolf sounds.mp3
[2014/05/20 22:19:08 | 010,303,626 | ---- | C] () -- C:\Users\Olivia\Desktop\Skyrim Sounds - All Dragon Sounds (Attack,Walk,Death,etc...).mp3
[2014/05/20 22:16:08 | 017,524,362 | ---- | C] () -- C:\Users\Olivia\Desktop\Sound Effects - Dragons.mp3
[2014/05/20 21:43:49 | 000,688,266 | ---- | C] () -- C:\Users\Olivia\Desktop\Dragon Roar Scream from Dragon Slayer not Skyrim.mp3
[2014/05/20 21:38:02 | 006,557,322 | ---- | C] () -- C:\Users\Olivia\Desktop\Davy Jones's theme song.mp3
[2014/05/19 21:02:07 | 004,100,490 | ---- | C] () -- C:\Users\Olivia\Desktop\Dinosaur - They're All Gone.mp3
[2014/05/19 21:01:30 | 006,677,888 | ---- | C] () -- C:\Users\Olivia\Desktop\Dinosaur - Aladar & Neera.mp3
[2014/05/19 21:00:51 | 005,671,818 | ---- | C] () -- C:\Users\Olivia\Desktop\Dinosaur - Inner Sanctum _ The Nesting Grounds.mp3
[2014/05/19 20:59:36 | 008,316,032 | ---- | C] () -- C:\Users\Olivia\Desktop\The Lion King Soundtrack - To die For.mp3
[2014/05/19 20:57:32 | 022,538,634 | ---- | C] () -- C:\Users\Olivia\Desktop\Hans Zimmer - The Return [Battle Of Pride Rock].mp3
[2014/05/19 20:50:00 | 006,172,554 | ---- | C] () -- C:\Users\Olivia\Desktop\Lion King Soundtrack- This land.mp3
[2014/05/19 20:48:40 | 005,464,448 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit_ Stallion Of The Cimarron 10_ Rain.mp3
[2014/05/19 20:44:40 | 006,031,232 | ---- | C] () -- C:\Users\Olivia\Desktop\Two Steps From [bleep] - Black Blade.mp3
[2014/05/19 20:42:22 | 007,286,912 | ---- | C] () -- C:\Users\Olivia\Desktop\Forgotten World - Brand X Music.mp3
[2014/05/19 00:04:07 | 019,266,954 | ---- | C] () -- C:\Users\Olivia\Desktop\Strange noises coming from 'secret cave' in Tibet..mp3
[2014/05/18 23:25:47 | 000,292,298 | ---- | C] () -- C:\Users\Olivia\Desktop\pic 4.jpg
[2014/05/18 23:09:28 | 000,167,308 | ---- | C] () -- C:\Users\Olivia\Desktop\neverin running after rain.jpg
[2014/05/18 22:46:36 | 000,140,935 | ---- | C] () -- C:\Users\Olivia\Desktop\pic 3.JPG
[2014/05/18 22:45:51 | 001,046,786 | ---- | C] () -- C:\Users\Olivia\Desktop\pic 1.jpg
[2014/05/18 22:44:58 | 000,258,372 | ---- | C] () -- C:\Users\Olivia\Desktop\pic 2.JPG
[2014/05/18 21:19:07 | 006,674,826 | ---- | C] () -- C:\Users\Olivia\Desktop\The Lord of the Rings_ The Return of the King Soundtrack - 04. The White Tree.mp3
[2014/05/18 21:17:14 | 004,278,666 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit Score_ Village Attack - The River.mp3
[2014/05/18 21:16:28 | 000,644,490 | ---- | C] () -- C:\Users\Olivia\Desktop\Fire Burning Sound Effect.mp3
[2014/05/18 21:14:50 | 007,043,466 | ---- | C] () -- C:\Users\Olivia\Desktop\Dragon Sound Effects.mp3
[2014/05/18 21:14:41 | 016,661,898 | ---- | C] () -- C:\Users\Olivia\Desktop\King Arthur OST - 06 - Do You Think I'm A Saxon.mp3
[2014/05/18 21:02:24 | 003,172,152 | ---- | C] () -- C:\Users\Olivia\Desktop\The 'Neverin's Night' Symphony.prel
[2014/05/18 21:00:49 | 012,370,304 | ---- | C] () -- C:\Users\Olivia\Desktop\The Rock - Hummell Gets The Rockets.mp3
[2014/05/18 20:59:27 | 008,651,648 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit Soundtrack - Here I Am..mp3
[2014/05/18 20:57:45 | 004,372,362 | ---- | C] () -- C:\Users\Olivia\Desktop\Two Steps From [bleep] - False King.mp3
[2014/05/18 20:49:47 | 007,566,464 | ---- | C] () -- C:\Users\Olivia\Desktop\We Won't Be Shaken by Building 429.mp3
[2014/05/18 20:49:26 | 005,663,360 | ---- | C] () -- C:\Users\Olivia\Desktop\You Can't Take Me Lyrics.mp3
[2014/05/18 20:37:58 | 012,212,864 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit - Run Free.mp3
[2014/05/18 20:37:36 | 007,566,474 | ---- | C] () -- C:\Users\Olivia\Desktop\The Last Samurai- Red Warrior.mp3
[2014/05/18 20:36:21 | 009,998,720 | ---- | C] () -- C:\Users\Olivia\Desktop\Dragonforce - Dawn Over a New World.mp3
[2014/05/18 20:34:32 | 018,723,968 | ---- | C] () -- C:\Users\Olivia\Desktop\Dragonforce - Soldiers of the Wasteland.mp3
[2014/05/18 20:30:54 | 014,211,968 | ---- | C] () -- C:\Users\Olivia\Desktop\Dragonforce-Through the Fire and the Flames Lyrics.mp3
[2014/05/18 17:15:23 | 001,114,945 | ---- | C] () -- C:\Users\Olivia\Desktop\IMG_1051.wmv
[2014/05/18 17:15:16 | 001,624,091 | ---- | C] () -- C:\Users\Olivia\Desktop\IMG_1050.wmv
[2014/05/18 17:15:08 | 002,032,627 | ---- | C] () -- C:\Users\Olivia\Desktop\IMG_1048.wmv
[2014/05/18 17:14:54 | 003,573,783 | ---- | C] () -- C:\Users\Olivia\Desktop\IMG_1047.wmv
[2014/05/18 17:14:48 | 000,780,741 | ---- | C] () -- C:\Users\Olivia\Desktop\IMG_1046.wmv
[2014/05/14 22:09:35 | 000,633,629 | ---- | C] () -- C:\Users\Olivia\Desktop\Coldbreeze.jpg
[2014/05/14 21:51:14 | 000,276,095 | ---- | C] () -- C:\Users\Olivia\Desktop\Rastaluk.png
[2014/05/14 21:08:15 | 001,596,995 | ---- | C] () -- C:\Users\Olivia\Desktop\Arthur.jpg
[2014/05/13 22:59:37 | 000,189,524 | ---- | C] () -- C:\Users\Olivia\Desktop\Neverin.png
[2014/05/08 20:38:52 | 000,037,856 | ---- | C] () -- C:\Users\Olivia\Desktop\529268_449856391752407_427589231_n.jpg
[2014/05/06 21:48:00 | 000,045,812 | ---- | C] () -- C:\Users\Olivia\Desktop\10320573_290996027741289_2376885859272575238_n.jpg
[2014/05/04 23:26:37 | 003,814,320 | ---- | C] () -- C:\Users\Olivia\Desktop\Don't Play With Fire.psd
[2014/05/03 22:14:13 | 004,127,893 | ---- | C] () -- C:\Users\Olivia\Desktop\BTFS - TYTSTU Book Cover.png
[2014/05/03 21:41:34 | 001,334,381 | ---- | C] () -- C:\Users\Olivia\Desktop\foggy-forest-1920x1080.jpg
[2014/05/03 21:15:53 | 000,612,206 | ---- | C] () -- C:\Users\Olivia\Desktop\Camargue-Horses-Galloping-On-The-Beach-1600x1200-white horse-wallpapers-jokuci.jpg
[2014/02/24 02:09:18 | 000,000,857 | ---- | C] () -- C:\Users\Olivia\AppData\Local\recently-used.xbel
[2013/10/12 04:14:43 | 000,000,094 | ---- | C] () -- C:\Users\Olivia\AppData\Local\fusioncache.dat
[2013/07/15 00:51:37 | 000,036,993 | ---- | C] () -- C:\Users\Olivia\woa black ortes flogo.png
[2013/07/15 00:48:49 | 000,030,388 | ---- | C] () -- C:\Users\Olivia\woa logo black forest.png
[2013/07/15 00:19:33 | 000,112,062 | ---- | C] () -- C:\Users\Olivia\nhh.png
[2013/06/14 01:57:19 | 000,014,848 | ---- | C] () -- C:\Users\Olivia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/06 12:33:38 | 000,790,374 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

I couldn't get the Extras.txt. I tried the thing you said and it didn't work

#4
Biscuithd

Posted 02 June 2014 - 12:52 PM

Trusted Helper

Malware Removal
2,573 posts

Hello TerraceHill,

Here are the first steps in cleaning your computer. If you have any questions, please let me know.

OTL Fix

Run OTL as you did before.
Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.

xotlrunfix.jpg.pagespeed.ic.wT-vY4tHzw.j

:Commands
[createrestorepoint]

:OTL
PRC - File not found --
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {652F9CE1-253F-41E3-BD78-9E097B60BDFA}
IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{2F7C0659-69DD-49B5-903C-8CE4C9C4881D}: "URL" = http://www.google.co...1I7TSNO_enUS493
IE - HKCU\..\SearchScopes\{34C44B18-A2BE-4BE8-8B3A-D6FC1EC80815}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{652F9CE1-253F-41E3-BD78-9E097B60BDFA}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
FF - prefs.js..browser.startup.homepage: "http://search.yahoo....=spigot-yhp-ff"
FF - prefs.js..extensions.enabledAddons: %7B58d2a791-6199-482f-a9aa-9b725ec61362%7D:2.2
FF - prefs.js..extensions.enabledAddons: savingsslider%40mybrowserbar.com:3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo....type=407453&p="
FF - user.js - File not found
[2012/11/23 23:13:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\Extensions\[email protected]

[2014/04/30 23:44:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\Firefox\Profiles\hbn48kr9.default\extensions
[2014/04/30 23:44:39 | 000,010,858 | ---- | M] () (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\extensions\[email protected]
[2014/04/13 23:09:33 | 000,010,082 | ---- | M] () (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
[2014/01/18 04:31:43 | 000,000,905 | ---- | M] () -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\searchplugins\yahoo_ff.xml
[2014/05/09 20:20:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:commands
[resethosts]
[emptytemp]

Then press the Run Fix button

Your computer will reboot. If it does not, please manually reboot.

Next, download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1

Right-click on AdwCleaner.exe and select Run as administrator.
Click Scan and let the scan run.
When it finishes, click Clean, following the on screen prompts
After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.

Note: The log can also be found in here: C:\AdwCleaner\

Next, download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

When JRT (Junkware Removal Tool) is complete, make sure you Reboot your computer and assure that your security software (Anti-Virus, etc.) is turned on and operating.

Then, re-run OTL as you have done before and this time select Quick Scan. When complete, post the results.

To summarize, please post results of the AdwCleaner, Junkware Removal Tool and the OTL scan.

If you have any issues running the above or questions, let me know. Also, let me know how the computer is running.

#5
Essexboy

Posted 07 June 2014 - 11:15 AM

GeekU Moderator

Retired Staff
69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.

#6
Biscuithd

Posted 14 June 2014 - 07:01 AM

Trusted Helper

Malware Removal
2,573 posts

Hi TerraceHill,

Glad to see that you're back. Could you do a fresh OTL scan for me and post the results. We'll go from there. Use the instructions above for reference.

#7
TerraceHill

Posted 14 June 2014 - 06:01 PM

Member

Topic Starter
Member
32 posts

Thank you Essex Boy for opening it back up, and thanks Biscuithd for getting back to me.

Just to let you know, I did the OTL scan that rebooted my computer, like you said in your last post. I am not sure if you wanted me to do that one. Is that what you wanted? I'll post the results anyway. It dawned on me only after I finished that you may have wanted a regular OTl scan, sorry about that. I can still do that if you want.

-----------------------------------

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
Error: Unable to interpret <    :OTL> in the current context!
Error: Unable to interpret <    PRC - File not found --> in the current context!
Error: Unable to interpret <    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}> in the current context!
Error: Unable to interpret <    IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO> in the current context!
Error: Unable to interpret <    IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO> in the current context!
Error: Unable to interpret <    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC> in the current context!
Error: Unable to interpret <    IE - HKCU\..\SearchScopes,DefaultScope = {652F9CE1-253F-41E3-BD78-9E097B60BDFA}> in the current context!
Error: Unable to interpret <    IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO> in the current context!
Error: Unable to interpret <    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR> in the current context!
Error: Unable to interpret <    IE - HKCU\..\SearchScopes\{2F7C0659-69DD-49B5-903C-8CE4C9C4881D}: "URL" = http://www.google.co...1I7TSNO_enUS493> in the current context!
Error: Unable to interpret <    IE - HKCU\..\SearchScopes\{34C44B18-A2BE-4BE8-8B3A-D6FC1EC80815}: "URL" = http://search.yahoo....p={searchTerms}> in the current context!
Error: Unable to interpret <    IE - HKCU\..\SearchScopes\{652F9CE1-253F-41E3-BD78-9E097B60BDFA}: "URL" = http://search.yahoo....p={searchTerms}> in the current context!
Error: Unable to interpret <    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret <    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>> in the current context!
Error: Unable to interpret <    FF - prefs.js..browser.startup.homepage: "http://search.yahoo....=spigot-yhp-ff"> in the current context!
Error: Unable to interpret <    FF - prefs.js..extensions.enabledAddons: %7B58d2a791-6199-482f-a9aa-9b725ec61362%7D:2.2> in the current context!
Error: Unable to interpret <    FF - prefs.js..extensions.enabledAddons: savingsslider%40mybrowserbar.com:3.1> in the current context!
Error: Unable to interpret <    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1> in the current context!
Error: Unable to interpret <    FF - prefs.js..keyword.URL: "http://search.yahoo.....type=407453&p="> in the current context!
Error: Unable to interpret <    FF - user.js - File not found> in the current context!
Error: Unable to interpret <    [2012/11/23 23:13:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\Extensions\[email protected]> in the current context!
Error: Unable to interpret <    [2014/04/30 23:44:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\Firefox\Profiles\hbn48kr9.default\extensions> in the current context!
Error: Unable to interpret <    [2014/04/30 23:44:39 | 000,010,858 | ---- | M] () (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\extensions\[email protected]> in the current context!
Error: Unable to interpret <    [2014/04/13 23:09:33 | 000,010,082 | ---- | M] () (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi> in the current context!
Error: Unable to interpret <    [2014/01/18 04:31:43 | 000,000,905 | ---- | M] () -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\searchplugins\yahoo_ff.xml> in the current context!
Error: Unable to interpret <    [2014/05/09 20:20:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}> in the current context!
Error: Unable to interpret <    O18:64bit: - Protocol\Handler\livecall - No CLSID value found> in the current context!
Error: Unable to interpret <    O18:64bit: - Protocol\Handler\msnim - No CLSID value found> in the current context!
Error: Unable to interpret <    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found> in the current context!
Error: Unable to interpret <    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found> in the current context!
Error: Unable to interpret <    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found> in the current context!
Error: Unable to interpret <    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <    :commands> in the current context!
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Olivia
->Temp folder emptied: 2803263005 bytes
->Temporary Internet Files folder emptied: 263628209 bytes
->Java cache emptied: 406284 bytes
->FireFox cache emptied: 297136323 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 54992 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 73405095 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3,279.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 06142014_185316

Files\Folders moved on Reboot...
File\Folder C:\Users\Olivia\AppData\Local\Temp\CVHLauncher(20140515220623132C).log not found!
C:\Users\Olivia\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Olivia\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\windows\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log scheduled to be moved on reboot.
File\Folder C:\windows\temp\TMP0000011D93C6030E26AF6C40 not found!
File move failed. C:\windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#8
Biscuithd

Posted 14 June 2014 - 06:56 PM

Trusted Helper

Malware Removal
2,573 posts

Sorry I wasn't clearer. I just need the OTL scan right now. Please use the instructions below and select the options as indicated and use the Custom Scan specifications.

Either download 'OTL by OldTimer' or use the copy that you have already downloaded.

Simply double-click the program icon to run it. It will ask for administrator privileges.
Copy and paste the following into the Custom Scans/Fixes box:

netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
qmgr.dll
mpsvc.dll
winsock.*
rpcss.dll
/md5stop
dir "%systemdrive%\*" /S /A:L /C
CREATERESTOREPOINT

Click Run Scan.
Files are being searched and it may take some time. Once done, two Notepad windows will appear, named OTL.txt and Extras.txt.
Alternatively, you can also find these at your desktop.
Copy and paste (CTRL + A and CTRL + C) the content of these logs in your next reply.

#9
TerraceHill

Posted 14 June 2014 - 08:41 PM

Member

Topic Starter
Member
32 posts

OTL.txt

-----------------------------------------------------------------------------------------------------

OTL logfile created on: 6/14/2014 9:52:26 PM - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Olivia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.92 Gb Total Physical Memory | 3.37 Gb Available Physical Memory | 56.87% Memory free
11.84 Gb Paging File | 9.10 Gb Available in Paging File | 76.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682.74 Gb Total Space | 325.24 Gb Free Space | 47.64% Space Free | Partition Type: NTFS

Computer Name: OLIVIA-PC | User Name: Olivia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2014/05/14 18:19:34 | 001,863,856 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
PRC - [2014/05/09 20:20:28 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2013/12/27 17:41:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Olivia\Desktop\OTL.exe
PRC - [2013/09/05 10:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/08/30 03:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/05/18 14:22:06 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/10/08 19:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012/02/27 06:01:56 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/01/20 19:29:28 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/01/20 19:29:26 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/01/20 14:45:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/20 14:45:30 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2010/12/25 19:05:54 | 001,716,144 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\widimon\widimon.exe
PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

========== Modules (No Company Name) ==========

MOD - [2014/05/14 18:19:33 | 016,361,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
MOD - [2014/05/09 20:20:26 | 003,839,088 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE

========== Services (SafeList) ==========

SRV:64bit: - [2014/05/30 05:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/12/16 21:17:18 | 000,627,992 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/02 18:33:46 | 000,580,608 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2012/01/11 00:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/12/14 18:11:38 | 000,833,976 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2011/12/08 13:44:04 | 000,594,704 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2011/12/08 13:43:56 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/12/08 13:43:48 | 000,618,256 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/12/08 13:43:44 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/11/25 21:52:36 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011/11/24 16:20:38 | 000,294,848 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2011/04/20 18:16:04 | 000,558,592 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2014/05/14 18:19:35 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/09 20:20:27 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/23 18:01:04 | 000,572,096 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/05 10:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/08/27 22:21:22 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/05/10 15:20:46 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/01/20 19:29:28 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/20 19:29:26 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/01/20 14:45:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/01/20 14:45:30 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2011/11/21 18:32:40 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/11 20:16:03 | 000,090,424 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013/11/11 20:16:03 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2013/11/11 20:16:02 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013/08/30 03:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/08/30 03:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/08/30 03:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/08/30 03:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/08/30 03:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/08/30 03:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/08/30 03:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/08/30 03:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/08/30 03:48:09 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/08/27 22:17:25 | 000,052,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012/07/28 02:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/05/10 15:11:04 | 014,759,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/27 06:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/27 06:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/27 06:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/02/24 20:11:54 | 000,412,944 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/02/24 20:11:52 | 000,022,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver.sys -- (SmbDrv)
DRV:64bit: - [2012/01/16 18:49:14 | 000,103,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012/01/09 04:44:44 | 011,416,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/12/20 20:38:36 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/12/20 20:38:36 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/12/13 18:00:32 | 000,259,176 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2011/12/06 07:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/29 22:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/10 04:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/03/23 20:10:28 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2011/03/18 18:03:18 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 11:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\..\SearchScopes,DefaultScope = {652F9CE1-253F-41E3-BD78-9E097B60BDFA}
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\..\SearchScopes\{2F7C0659-69DD-49B5-903C-8CE4C9C4881D}: "URL" = http://www.google.co...1I7TSNO_enUS493
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\..\SearchScopes\{34C44B18-A2BE-4BE8-8B3A-D6FC1EC80815}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\..\SearchScopes\{652F9CE1-253F-41E3-BD78-9E097B60BDFA}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://search.yahoo....=spigot-yhp-ff"
FF - prefs.js..extensions.enabledAddons: %7B58d2a791-6199-482f-a9aa-9b725ec61362%7D:2.2
FF - prefs.js..extensions.enabledAddons: savingsslider%40mybrowserbar.com:3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo....type=407453&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Olivia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/05/18 14:23:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/05/18 14:23:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/09/08 19:37:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/11/23 23:13:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\Extensions
[2012/11/23 23:13:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\Extensions\[email protected]
[2014/04/30 23:44:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\Firefox\Profiles\hbn48kr9.default\extensions
[2014/04/30 23:44:39 | 000,010,858 | ---- | M] () (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\extensions\[email protected]
[2014/04/13 23:09:33 | 000,010,082 | ---- | M] () (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
[2014/01/18 04:31:43 | 000,000,905 | ---- | M] () -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\searchplugins\yahoo_ff.xml
[2014/05/09 20:20:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/09 20:20:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2014/06/14 18:54:53 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SRS Premium Sound 3D] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DelayTSS] C:\Program Files\Toshiba\DelayTSS\DelayTSS.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{400FAA9F-183D-47C5-816F-A31E6C55C2A6}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/06/13 21:23:52 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
[2014/06/10 18:02:31 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2014/06/10 18:02:28 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2014/06/10 18:02:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2014/06/10 18:02:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2014/06/10 18:02:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2014/06/10 18:02:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2014/06/10 18:01:50 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/06/10 18:01:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/06/10 18:01:49 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/06/10 18:01:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/06/10 18:01:47 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/06/10 18:01:47 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/06/10 18:01:43 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/06/10 18:01:41 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/06/10 18:01:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/06/10 18:01:37 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/06/10 18:01:37 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/06/10 18:01:36 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/06/10 18:01:36 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/06/10 18:01:35 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/06/10 18:01:33 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/06/10 18:01:33 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/06/10 18:01:30 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/06/10 18:01:28 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/06/10 18:01:28 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/06/10 18:01:25 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/06/10 18:01:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/06/10 18:01:22 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/06/10 18:01:19 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/06/10 18:01:18 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/06/10 18:01:16 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/06/10 18:01:16 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/06/10 18:01:15 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/06/10 18:01:15 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/06/10 18:01:14 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/06/10 18:01:13 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/06/10 18:01:12 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/06/10 18:01:08 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/06/10 18:01:04 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/06/10 18:00:18 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/06/10 18:00:07 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/06/05 23:54:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2014/06/05 23:54:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2014/06/05 23:52:22 | 000,000,000 | ---D | C] -- C:\Users\Olivia\AppData\Local\Blizzard Entertainment
[2014/06/05 23:52:14 | 000,000,000 | ---D | C] -- C:\Users\Olivia\AppData\Roaming\Battle.net
[2014/06/05 23:52:13 | 000,000,000 | ---D | C] -- C:\Users\Olivia\AppData\Local\Battle.net
[2014/06/05 23:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2014/06/05 23:51:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2014/06/05 23:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2014/06/05 23:51:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2014/06/05 23:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2014/05/26 21:04:23 | 000,000,000 | ---D | C] -- C:\Users\Olivia\Desktop\Neverin's Night OST
[2014/05/18 22:03:44 | 000,000,000 | ---D | C] -- C:\Users\Olivia\Documents\Adobe Premiere Elements Preview Files
[15 C:\Users\Olivia\Documents\*.tmp files -> C:\Users\Olivia\Documents\*.tmp -> ]
[1 C:\Users\Olivia\Desktop\*.tmp files -> C:\Users\Olivia\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/06/14 21:56:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/14 21:19:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/06/14 20:39:43 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/06/14 19:59:38 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/14 19:59:38 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/14 19:55:05 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/14 19:54:58 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014/06/14 19:32:04 | 473,403,391 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/14 18:54:53 | 000,000,098 | ---- | M] () -- C:\windows\SysNative\drivers\etc\Hosts
[2014/06/14 18:30:21 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/06/13 21:25:03 | 000,016,896 | ---- | M] () -- C:\Users\Olivia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/06/12 18:35:38 | 781,012,669 | ---- | M] () -- C:\Users\Olivia\Documents\clip0020.avi
[2014/06/10 20:43:32 | 163,863,513 | ---- | M] () -- C:\Users\Olivia\Documents\Untitled.flv
[2014/06/08 05:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/06/08 05:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/06/05 23:55:03 | 000,001,253 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2014/06/03 22:41:56 | 1671,515,715 | ---- | M] () -- C:\Users\Olivia\Documents\clip0019.avi
[2014/06/03 18:40:30 | 4157,316,472 | ---- | M] () -- C:\Users\Olivia\Documents\clip0018.avi
[2014/06/03 05:18:17 | 842,443,752 | ---- | M] () -- C:\Users\Olivia\Documents\clip0017.avi
[2014/06/03 04:58:11 | 1767,493,947 | ---- | M] () -- C:\Users\Olivia\Documents\clip0016.avi
[2014/06/01 02:32:36 | 129,434,698 | ---- | M] () -- C:\Users\Olivia\Documents\Neverin's Symphony I.flv
[2014/05/30 21:29:32 | 003,172,152 | ---- | M] () -- C:\Users\Olivia\Desktop\The 'Neverin's Night' Symphony.prel
[2014/05/30 06:02:09 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/05/30 05:39:43 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/05/30 05:39:23 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/05/30 05:38:29 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/05/30 05:27:57 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/05/30 05:24:28 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/05/30 05:21:23 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/05/30 05:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/05/30 05:20:36 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/05/30 05:11:24 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/05/30 05:08:22 | 005,782,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/05/30 05:06:42 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/05/30 04:55:36 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/05/30 04:49:21 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/05/30 04:46:48 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/05/30 04:44:23 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/05/30 04:43:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/05/30 04:42:16 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/05/30 04:35:44 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/05/30 04:33:48 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/05/30 04:30:43 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/05/30 04:29:31 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/05/30 04:28:33 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/05/30 04:27:56 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/05/30 04:24:19 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/05/30 04:23:22 | 002,040,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/05/30 04:10:46 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/05/30 04:06:06 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/05/30 04:04:20 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/05/30 03:50:09 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/05/30 03:49:38 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/05/30 03:13:47 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/05/30 03:13:09 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/05/30 00:43:36 | 000,083,781 | ---- | M] () -- C:\Users\Olivia\Documents\the greatest brother.png
[2014/05/25 22:32:37 | 010,774,400 | ---- | M] () -- C:\Users\Olivia\Desktop\Dinosaur - Raptors _ Stand Together.mp3
[2014/05/25 21:42:23 | 005,902,986 | ---- | M] () -- C:\Users\Olivia\Desktop\Epic Music - Adrian von Ziegler - Wolf Blood.mp3
[2014/05/25 21:27:21 | 004,792,448 | ---- | M] () -- C:\Users\Olivia\Desktop\John Dreamer - Rise.mp3
[2014/05/25 21:27:20 | 006,919,040 | ---- | M] () -- C:\Users\Olivia\Desktop\John Dreamer - Becoming A Legend.mp3
[2014/05/25 21:25:31 | 006,004,352 | ---- | M] () -- C:\Users\Olivia\Desktop\Explosive - Bond.mp3
[2014/05/25 21:04:39 | 005,796,224 | ---- | M] () -- C:\Users\Olivia\Desktop\Thousand Foot Krutch-Step to me (Lyrics).mp3
[2014/05/25 21:02:22 | 007,605,632 | ---- | M] () -- C:\Users\Olivia\Desktop\Assassin's Creed 2 (Original Game Soundtrack) - Ezios Family.mp3
[2014/05/25 20:41:33 | 004,055,946 | ---- | M] () -- C:\Users\Olivia\Desktop\Inception Trailer 3 Music (Zack Hemsey - Mind Heist).mp3
[2014/05/25 20:37:09 | 003,708,810 | ---- | M] () -- C:\Users\Olivia\Desktop\Dieter's Theme (Rescue Dawn) by Klaus Badelt.mp3
[2014/05/25 20:35:23 | 014,096,010 | ---- | M] () -- C:\Users\Olivia\Desktop\Speedpaint_ Photoshop madness [2007].mp3
[2014/05/25 20:35:11 | 012,829,578 | ---- | M] () -- C:\Users\Olivia\Desktop\The Last Samurai OST #6 - Idyll's End.mp3
[2014/05/25 20:34:59 | 003,682,698 | ---- | M] () -- C:\Users\Olivia\Desktop\Street Fighter II V Soundtrack - Ryu Ken OST Theme.mpg.mp3
[2014/05/25 20:13:39 | 013,721,994 | ---- | M] () -- C:\Users\Olivia\Desktop\Narnia - The Battle Song.mp3
[2014/05/25 20:12:55 | 004,693,376 | ---- | M] () -- C:\Users\Olivia\Desktop\Walt Disney Dinosaur OST 9. James Newton Howard - Across The Desert.mp3
[2014/05/25 19:57:08 | 005,293,194 | ---- | M] () -- C:\Users\Olivia\Desktop\The Final Challenge - X Ray Dog.mp3
[2014/05/25 19:54:44 | 009,226,122 | ---- | M] () -- C:\Users\Olivia\Desktop\Pocahontas soundtrack- Farewell (Instrumental).mp3
[2014/05/25 19:54:41 | 006,290,052 | ---- | M] () -- C:\Users\Olivia\Desktop\Speedpaint_ Missing [2007].mp3
[2014/05/25 19:32:14 | 006,198,666 | ---- | M] () -- C:\Users\Olivia\Desktop\Mulan OST - 13. Mulan's decision (Synthesizer version score).mp3
[2014/05/25 19:23:10 | 011,050,122 | ---- | M] () -- C:\Users\Olivia\Desktop\My Name is Lincoln (Extended 5 Minute Version) - Steve Jablonsky - The Island.mp3
[2014/05/25 00:24:11 | 004,602,762 | ---- | M] () -- C:\Users\Olivia\Desktop\Hans Zimmer - Train Escape.mp3
[2014/05/25 00:03:33 | 019,194,762 | ---- | M] () -- C:\Users\Olivia\Desktop\The sound of rain w_o music.mp3
[2014/05/25 00:03:22 | 009,496,448 | ---- | M] () -- C:\Users\Olivia\Desktop\_Cold_ - Jorge Méndez (Sad Piano & Violin Instrumental).mp3
[2014/05/24 23:53:57 | 008,184,714 | ---- | M] () -- C:\Users\Olivia\Desktop\WIND CROWS FOX audio recording at night england.mp3
[2014/05/24 23:50:19 | 003,568,256 | ---- | M] () -- C:\Users\Olivia\Desktop\Audiomachine - Final Assault.mp3
[2014/05/24 22:55:33 | 008,606,346 | ---- | M] () -- C:\Users\Olivia\Desktop\Evanescence - My Immortal (Official Instrumental) HD.mp3
[2014/05/24 22:40:47 | 007,684,746 | ---- | M] () -- C:\Users\Olivia\Desktop\Click OST by Rupert Gregson-Williams (original score from the sad father and hospital scenes).mp3
[2014/05/24 22:01:56 | 013,320,330 | ---- | M] () -- C:\Users\Olivia\Desktop\Pirates of the Caribbean 2 - Soundtr 02 - The Kraken.mp3
[2014/05/24 21:29:39 | 003,691,914 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit - Get Off Of My Back (Japanese).mp3
[2014/05/24 21:25:02 | 003,790,218 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit_ Get off my back - Karaoke Instrumental - lyrics - Bryan Adams.mp3
[2014/05/24 21:17:48 | 011,740,554 | ---- | M] () -- C:\Users\Olivia\Desktop\Pirates of the Caribbean 2 - Soundtr 01 - Jack Sparrow.mp3
[2014/05/24 21:09:36 | 003,956,874 | ---- | M] () -- C:\Users\Olivia\Desktop\Kung Fu Panda Soundtrack-Oogway Ascends.mp3
[2014/05/24 20:58:57 | 004,621,194 | ---- | M] () -- C:\Users\Olivia\Desktop\Inception (2010) 528491 (Soundtrack OST).mp3
[2014/05/24 20:54:31 | 004,515,210 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit_ Stallion Of The Cimarron 05_ Investigating.mp3
[2014/05/24 00:29:55 | 005,284,746 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit-You Can't Take Me(Italian)Subs and Trans.mp3
[2014/05/23 22:38:54 | 009,157,770 | ---- | M] () -- C:\Users\Olivia\Desktop\The Chronicles Of Narnia OST- Imogen Heap - Can't Take It In (music).mp3
[2014/05/23 22:18:04 | 008,729,226 | ---- | M] () -- C:\Users\Olivia\Desktop\Adrian von Ziegler - Through the Mirror.mp3
[2014/05/23 22:18:00 | 009,223,050 | ---- | M] () -- C:\Users\Olivia\Desktop\Celtic Music - Ancient Storm.mp3
[2014/05/23 21:58:33 | 006,483,594 | ---- | M] () -- C:\Users\Olivia\Desktop\What Have You Done__Run Away - Lion King Theme.mp3
[2014/05/23 21:54:59 | 011,033,994 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit_ Stallion Of The Cimarron_ Young Hearts (Better Quality).mp3
[2014/05/23 21:23:46 | 007,799,178 | ---- | M] () -- C:\Users\Olivia\Desktop\Switchfoot - _Home_.mp3
[2014/05/21 21:02:46 | 008,026,506 | ---- | M] () -- C:\Users\Olivia\Desktop\Matt Redman - 10,000 Reasons (Bless The Lord) Piano Cover.mp3
[2014/05/20 22:56:37 | 007,136,394 | ---- | M] () -- C:\Users\Olivia\Desktop\Disney Dinosaur_ The Soundtrack Track 15-Kron And Aladar Fight..mp3
[2014/05/20 22:50:24 | 007,663,232 | ---- | M] () -- C:\Users\Olivia\Desktop\Dinosaur - The End Of Our Island.mp3
[2014/05/20 22:48:33 | 009,383,552 | ---- | M] () -- C:\Users\Olivia\Desktop\15. Balto Brings The Medicine! (score) - Balto OST.mp3
[2014/05/20 22:48:06 | 002,396,298 | ---- | M] () -- C:\Users\Olivia\Desktop\Wolf sounds.mp3
[2014/05/20 22:19:33 | 010,303,626 | ---- | M] () -- C:\Users\Olivia\Desktop\Skyrim Sounds - All Dragon Sounds (Attack,Walk,Death,etc...).mp3
[2014/05/20 22:16:52 | 017,524,362 | ---- | M] () -- C:\Users\Olivia\Desktop\Sound Effects - Dragons.mp3
[2014/05/20 21:43:51 | 000,688,266 | ---- | M] () -- C:\Users\Olivia\Desktop\Dragon Roar Scream from Dragon Slayer not Skyrim.mp3
[2014/05/20 21:38:16 | 006,557,322 | ---- | M] () -- C:\Users\Olivia\Desktop\Davy Jones's theme song.mp3
[2014/05/19 21:02:16 | 004,100,490 | ---- | M] () -- C:\Users\Olivia\Desktop\Dinosaur - They're All Gone.mp3
[2014/05/19 21:01:41 | 006,677,888 | ---- | M] () -- C:\Users\Olivia\Desktop\Dinosaur - Aladar & Neera.mp3
[2014/05/19 21:01:00 | 005,671,818 | ---- | M] () -- C:\Users\Olivia\Desktop\Dinosaur - Inner Sanctum _ The Nesting Grounds.mp3
[2014/05/19 20:59:49 | 008,316,032 | ---- | M] () -- C:\Users\Olivia\Desktop\The Lion King Soundtrack - To die For.mp3
[2014/05/19 20:58:14 | 022,538,634 | ---- | M] () -- C:\Users\Olivia\Desktop\Hans Zimmer - The Return [Battle Of Pride Rock].mp3
[2014/05/19 20:50:10 | 006,172,554 | ---- | M] () -- C:\Users\Olivia\Desktop\Lion King Soundtrack- This land.mp3
[2014/05/19 20:48:50 | 005,464,448 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit_ Stallion Of The Cimarron 10_ Rain.mp3
[2014/05/19 20:44:54 | 006,031,232 | ---- | M] () -- C:\Users\Olivia\Desktop\Two Steps From [bleep] - Black Blade.mp3
[2014/05/19 20:42:39 | 007,286,912 | ---- | M] () -- C:\Users\Olivia\Desktop\Forgotten World - Brand X Music.mp3
[2014/05/19 00:04:32 | 019,266,954 | ---- | M] () -- C:\Users\Olivia\Desktop\Strange noises coming from 'secret cave' in Tibet..mp3
[2014/05/18 21:19:20 | 006,674,826 | ---- | M] () -- C:\Users\Olivia\Desktop\The Lord of the Rings_ The Return of the King Soundtrack - 04. The White Tree.mp3
[2014/05/18 21:17:22 | 004,278,666 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit Score_ Village Attack - The River.mp3
[2014/05/18 21:16:30 | 000,644,490 | ---- | M] () -- C:\Users\Olivia\Desktop\Fire Burning Sound Effect.mp3
[2014/05/18 21:15:06 | 016,661,898 | ---- | M] () -- C:\Users\Olivia\Desktop\King Arthur OST - 06 - Do You Think I'm A Saxon.mp3
[2014/05/18 21:15:02 | 007,043,466 | ---- | M] () -- C:\Users\Olivia\Desktop\Dragon Sound Effects.mp3
[2014/05/18 21:01:11 | 012,370,304 | ---- | M] () -- C:\Users\Olivia\Desktop\The Rock - Hummell Gets The Rockets.mp3
[2014/05/18 20:59:45 | 008,651,648 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit Soundtrack - Here I Am..mp3
[2014/05/18 20:57:52 | 004,372,362 | ---- | M] () -- C:\Users\Olivia\Desktop\Two Steps From [bleep] - False King.mp3
[2014/05/18 20:50:02 | 007,566,464 | ---- | M] () -- C:\Users\Olivia\Desktop\We Won't Be Shaken by Building 429.mp3
[2014/05/18 20:49:37 | 005,663,360 | ---- | M] () -- C:\Users\Olivia\Desktop\You Can't Take Me Lyrics.mp3
[2014/05/18 20:38:28 | 012,212,864 | ---- | M] () -- C:\Users\Olivia\Desktop\Spirit - Run Free.mp3
[2014/05/18 20:37:54 | 007,566,474 | ---- | M] () -- C:\Users\Olivia\Desktop\The Last Samurai- Red Warrior.mp3
[2014/05/18 20:36:41 | 009,998,720 | ---- | M] () -- C:\Users\Olivia\Desktop\Dragonforce - Dawn Over a New World.mp3
[2014/05/18 20:35:06 | 018,723,968 | ---- | M] () -- C:\Users\Olivia\Desktop\Dragonforce - Soldiers of the Wasteland.mp3
[2014/05/18 20:31:14 | 014,211,968 | ---- | M] () -- C:\Users\Olivia\Desktop\Dragonforce-Through the Fire and the Flames Lyrics.mp3
[2014/05/18 17:15:41 | 003,573,783 | ---- | M] () -- C:\Users\Olivia\Desktop\IMG_1047.wmv
[2014/05/18 17:15:41 | 002,032,627 | ---- | M] () -- C:\Users\Olivia\Desktop\IMG_1048.wmv
[2014/05/18 17:15:41 | 001,624,091 | ---- | M] () -- C:\Users\Olivia\Desktop\IMG_1050.wmv
[2014/05/18 17:15:41 | 001,114,945 | ---- | M] () -- C:\Users\Olivia\Desktop\IMG_1051.wmv
[2014/05/18 17:15:40 | 000,780,741 | ---- | M] () -- C:\Users\Olivia\Desktop\IMG_1046.wmv
[15 C:\Users\Olivia\Documents\*.tmp files -> C:\Users\Olivia\Documents\*.tmp -> ]
[1 C:\Users\Olivia\Desktop\*.tmp files -> C:\Users\Olivia\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/06/12 17:59:27 | 781,012,669 | ---- | C] () -- C:\Users\Olivia\Documents\clip0020.avi
[2014/06/10 18:13:02 | 163,863,513 | ---- | C] () -- C:\Users\Olivia\Documents\Untitled.flv
[2014/06/05 23:55:03 | 000,001,253 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2014/06/03 21:46:24 | 1671,515,715 | ---- | C] () -- C:\Users\Olivia\Documents\clip0019.avi
[2014/06/03 17:23:15 | 4157,316,472 | ---- | C] () -- C:\Users\Olivia\Documents\clip0018.avi
[2014/06/03 04:58:14 | 842,443,752 | ---- | C] () -- C:\Users\Olivia\Documents\clip0017.avi
[2014/06/02 23:33:58 | 1767,493,947 | ---- | C] () -- C:\Users\Olivia\Documents\clip0016.avi
[2014/06/01 00:21:43 | 129,434,698 | ---- | C] () -- C:\Users\Olivia\Documents\Neverin's Symphony I.flv
[2014/05/30 00:43:33 | 000,083,781 | ---- | C] () -- C:\Users\Olivia\Documents\the greatest brother.png
[2014/05/25 22:32:14 | 010,774,400 | ---- | C] () -- C:\Users\Olivia\Desktop\Dinosaur - Raptors _ Stand Together.mp3
[2014/05/25 21:42:08 | 005,902,986 | ---- | C] () -- C:\Users\Olivia\Desktop\Epic Music - Adrian von Ziegler - Wolf Blood.mp3
[2014/05/25 21:27:14 | 004,792,448 | ---- | C] () -- C:\Users\Olivia\Desktop\John Dreamer - Rise.mp3
[2014/05/25 21:27:08 | 006,919,040 | ---- | C] () -- C:\Users\Olivia\Desktop\John Dreamer - Becoming A Legend.mp3
[2014/05/25 21:25:24 | 006,004,352 | ---- | C] () -- C:\Users\Olivia\Desktop\Explosive - Bond.mp3
[2014/05/25 21:04:27 | 005,796,224 | ---- | C] () -- C:\Users\Olivia\Desktop\Thousand Foot Krutch-Step to me (Lyrics).mp3
[2014/05/25 21:02:05 | 007,605,632 | ---- | C] () -- C:\Users\Olivia\Desktop\Assassin's Creed 2 (Original Game Soundtrack) - Ezios Family.mp3
[2014/05/25 20:41:23 | 004,055,946 | ---- | C] () -- C:\Users\Olivia\Desktop\Inception Trailer 3 Music (Zack Hemsey - Mind Heist).mp3
[2014/05/25 20:36:58 | 003,708,810 | ---- | C] () -- C:\Users\Olivia\Desktop\Dieter's Theme (Rescue Dawn) by Klaus Badelt.mp3
[2014/05/25 20:34:59 | 014,096,010 | ---- | C] () -- C:\Users\Olivia\Desktop\Speedpaint_ Photoshop madness [2007].mp3
[2014/05/25 20:34:52 | 003,682,698 | ---- | C] () -- C:\Users\Olivia\Desktop\Street Fighter II V Soundtrack - Ryu Ken OST Theme.mpg.mp3
[2014/05/25 20:34:45 | 012,829,578 | ---- | C] () -- C:\Users\Olivia\Desktop\The Last Samurai OST #6 - Idyll's End.mp3
[2014/05/25 20:13:04 | 013,721,994 | ---- | C] () -- C:\Users\Olivia\Desktop\Narnia - The Battle Song.mp3
[2014/05/25 20:12:44 | 004,693,376 | ---- | C] () -- C:\Users\Olivia\Desktop\Walt Disney Dinosaur OST 9. James Newton Howard - Across The Desert.mp3
[2014/05/25 19:56:54 | 005,293,194 | ---- | C] () -- C:\Users\Olivia\Desktop\The Final Challenge - X Ray Dog.mp3
[2014/05/25 19:54:33 | 006,290,052 | ---- | C] () -- C:\Users\Olivia\Desktop\Speedpaint_ Missing [2007].mp3
[2014/05/25 19:54:24 | 009,226,122 | ---- | C] () -- C:\Users\Olivia\Desktop\Pocahontas soundtrack- Farewell (Instrumental).mp3
[2014/05/25 19:31:59 | 006,198,666 | ---- | C] () -- C:\Users\Olivia\Desktop\Mulan OST - 13. Mulan's decision (Synthesizer version score).mp3
[2014/05/25 19:22:49 | 011,050,122 | ---- | C] () -- C:\Users\Olivia\Desktop\My Name is Lincoln (Extended 5 Minute Version) - Steve Jablonsky - The Island.mp3
[2014/05/25 00:24:01 | 004,602,762 | ---- | C] () -- C:\Users\Olivia\Desktop\Hans Zimmer - Train Escape.mp3
[2014/05/25 00:03:03 | 009,496,448 | ---- | C] () -- C:\Users\Olivia\Desktop\_Cold_ - Jorge Méndez (Sad Piano & Violin Instrumental).mp3
[2014/05/25 00:02:50 | 019,194,762 | ---- | C] () -- C:\Users\Olivia\Desktop\The sound of rain w_o music.mp3
[2014/05/24 23:53:41 | 008,184,714 | ---- | C] () -- C:\Users\Olivia\Desktop\WIND CROWS FOX audio recording at night england.mp3
[2014/05/24 23:50:12 | 003,568,256 | ---- | C] () -- C:\Users\Olivia\Desktop\Audiomachine - Final Assault.mp3
[2014/05/24 22:55:11 | 008,606,346 | ---- | C] () -- C:\Users\Olivia\Desktop\Evanescence - My Immortal (Official Instrumental) HD.mp3
[2014/05/24 22:40:25 | 007,684,746 | ---- | C] () -- C:\Users\Olivia\Desktop\Click OST by Rupert Gregson-Williams (original score from the sad father and hospital scenes).mp3
[2014/05/24 22:01:23 | 013,320,330 | ---- | C] () -- C:\Users\Olivia\Desktop\Pirates of the Caribbean 2 - Soundtr 02 - The Kraken.mp3
[2014/05/24 21:29:32 | 003,691,914 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit - Get Off Of My Back (Japanese).mp3
[2014/05/24 21:24:52 | 003,790,218 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit_ Get off my back - Karaoke Instrumental - lyrics - Bryan Adams.mp3
[2014/05/24 21:17:22 | 011,740,554 | ---- | C] () -- C:\Users\Olivia\Desktop\Pirates of the Caribbean 2 - Soundtr 01 - Jack Sparrow.mp3
[2014/05/24 21:09:27 | 003,956,874 | ---- | C] () -- C:\Users\Olivia\Desktop\Kung Fu Panda Soundtrack-Oogway Ascends.mp3
[2014/05/24 20:58:45 | 004,621,194 | ---- | C] () -- C:\Users\Olivia\Desktop\Inception (2010) 528491 (Soundtrack OST).mp3
[2014/05/24 20:54:22 | 004,515,210 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit_ Stallion Of The Cimarron 05_ Investigating.mp3
[2014/05/24 00:29:42 | 005,284,746 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit-You Can't Take Me(Italian)Subs and Trans.mp3
[2014/05/23 22:38:34 | 009,157,770 | ---- | C] () -- C:\Users\Olivia\Desktop\The Chronicles Of Narnia OST- Imogen Heap - Can't Take It In (music).mp3
[2014/05/23 22:17:43 | 008,729,226 | ---- | C] () -- C:\Users\Olivia\Desktop\Adrian von Ziegler - Through the Mirror.mp3
[2014/05/23 22:17:36 | 009,223,050 | ---- | C] () -- C:\Users\Olivia\Desktop\Celtic Music - Ancient Storm.mp3
[2014/05/23 21:58:22 | 006,483,594 | ---- | C] () -- C:\Users\Olivia\Desktop\What Have You Done__Run Away - Lion King Theme.mp3
[2014/05/23 21:54:39 | 011,033,994 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit_ Stallion Of The Cimarron_ Young Hearts (Better Quality).mp3
[2014/05/23 21:23:27 | 007,799,178 | ---- | C] () -- C:\Users\Olivia\Desktop\Switchfoot - _Home_.mp3
[2014/05/21 21:02:02 | 008,026,506 | ---- | C] () -- C:\Users\Olivia\Desktop\Matt Redman - 10,000 Reasons (Bless The Lord) Piano Cover.mp3
[2014/05/20 22:56:20 | 007,136,394 | ---- | C] () -- C:\Users\Olivia\Desktop\Disney Dinosaur_ The Soundtrack Track 15-Kron And Aladar Fight..mp3
[2014/05/20 22:50:13 | 007,663,232 | ---- | C] () -- C:\Users\Olivia\Desktop\Dinosaur - The End Of Our Island.mp3
[2014/05/20 22:48:12 | 009,383,552 | ---- | C] () -- C:\Users\Olivia\Desktop\15. Balto Brings The Medicine! (score) - Balto OST.mp3
[2014/05/20 22:48:00 | 002,396,298 | ---- | C] () -- C:\Users\Olivia\Desktop\Wolf sounds.mp3
[2014/05/20 22:19:08 | 010,303,626 | ---- | C] () -- C:\Users\Olivia\Desktop\Skyrim Sounds - All Dragon Sounds (Attack,Walk,Death,etc...).mp3
[2014/05/20 22:16:08 | 017,524,362 | ---- | C] () -- C:\Users\Olivia\Desktop\Sound Effects - Dragons.mp3
[2014/05/20 21:43:49 | 000,688,266 | ---- | C] () -- C:\Users\Olivia\Desktop\Dragon Roar Scream from Dragon Slayer not Skyrim.mp3
[2014/05/20 21:38:02 | 006,557,322 | ---- | C] () -- C:\Users\Olivia\Desktop\Davy Jones's theme song.mp3
[2014/05/19 21:02:07 | 004,100,490 | ---- | C] () -- C:\Users\Olivia\Desktop\Dinosaur - They're All Gone.mp3
[2014/05/19 21:01:30 | 006,677,888 | ---- | C] () -- C:\Users\Olivia\Desktop\Dinosaur - Aladar & Neera.mp3
[2014/05/19 21:00:51 | 005,671,818 | ---- | C] () -- C:\Users\Olivia\Desktop\Dinosaur - Inner Sanctum _ The Nesting Grounds.mp3
[2014/05/19 20:59:36 | 008,316,032 | ---- | C] () -- C:\Users\Olivia\Desktop\The Lion King Soundtrack - To die For.mp3
[2014/05/19 20:57:32 | 022,538,634 | ---- | C] () -- C:\Users\Olivia\Desktop\Hans Zimmer - The Return [Battle Of Pride Rock].mp3
[2014/05/19 20:50:00 | 006,172,554 | ---- | C] () -- C:\Users\Olivia\Desktop\Lion King Soundtrack- This land.mp3
[2014/05/19 20:48:40 | 005,464,448 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit_ Stallion Of The Cimarron 10_ Rain.mp3
[2014/05/19 20:44:40 | 006,031,232 | ---- | C] () -- C:\Users\Olivia\Desktop\Two Steps From [bleep] - Black Blade.mp3
[2014/05/19 20:42:22 | 007,286,912 | ---- | C] () -- C:\Users\Olivia\Desktop\Forgotten World - Brand X Music.mp3
[2014/05/19 00:04:07 | 019,266,954 | ---- | C] () -- C:\Users\Olivia\Desktop\Strange noises coming from 'secret cave' in Tibet..mp3
[2014/05/18 21:19:07 | 006,674,826 | ---- | C] () -- C:\Users\Olivia\Desktop\The Lord of the Rings_ The Return of the King Soundtrack - 04. The White Tree.mp3
[2014/05/18 21:17:14 | 004,278,666 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit Score_ Village Attack - The River.mp3
[2014/05/18 21:16:28 | 000,644,490 | ---- | C] () -- C:\Users\Olivia\Desktop\Fire Burning Sound Effect.mp3
[2014/05/18 21:14:50 | 007,043,466 | ---- | C] () -- C:\Users\Olivia\Desktop\Dragon Sound Effects.mp3
[2014/05/18 21:14:41 | 016,661,898 | ---- | C] () -- C:\Users\Olivia\Desktop\King Arthur OST - 06 - Do You Think I'm A Saxon.mp3
[2014/05/18 21:02:24 | 003,172,152 | ---- | C] () -- C:\Users\Olivia\Desktop\The 'Neverin's Night' Symphony.prel
[2014/05/18 21:00:49 | 012,370,304 | ---- | C] () -- C:\Users\Olivia\Desktop\The Rock - Hummell Gets The Rockets.mp3
[2014/05/18 20:59:27 | 008,651,648 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit Soundtrack - Here I Am..mp3
[2014/05/18 20:57:45 | 004,372,362 | ---- | C] () -- C:\Users\Olivia\Desktop\Two Steps From [bleep] - False King.mp3
[2014/05/18 20:49:47 | 007,566,464 | ---- | C] () -- C:\Users\Olivia\Desktop\We Won't Be Shaken by Building 429.mp3
[2014/05/18 20:49:26 | 005,663,360 | ---- | C] () -- C:\Users\Olivia\Desktop\You Can't Take Me Lyrics.mp3
[2014/05/18 20:37:58 | 012,212,864 | ---- | C] () -- C:\Users\Olivia\Desktop\Spirit - Run Free.mp3
[2014/05/18 20:37:36 | 007,566,474 | ---- | C] () -- C:\Users\Olivia\Desktop\The Last Samurai- Red Warrior.mp3
[2014/05/18 20:36:21 | 009,998,720 | ---- | C] () -- C:\Users\Olivia\Desktop\Dragonforce - Dawn Over a New World.mp3
[2014/05/18 20:34:32 | 018,723,968 | ---- | C] () -- C:\Users\Olivia\Desktop\Dragonforce - Soldiers of the Wasteland.mp3
[2014/05/18 20:30:54 | 014,211,968 | ---- | C] () -- C:\Users\Olivia\Desktop\Dragonforce-Through the Fire and the Flames Lyrics.mp3
[2014/05/18 17:15:23 | 001,114,945 | ---- | C] () -- C:\Users\Olivia\Desktop\IMG_1051.wmv
[2014/05/18 17:15:16 | 001,624,091 | ---- | C] () -- C:\Users\Olivia\Desktop\IMG_1050.wmv
[2014/05/18 17:15:08 | 002,032,627 | ---- | C] () -- C:\Users\Olivia\Desktop\IMG_1048.wmv
[2014/05/18 17:14:54 | 003,573,783 | ---- | C] () -- C:\Users\Olivia\Desktop\IMG_1047.wmv
[2014/05/18 17:14:48 | 000,780,741 | ---- | C] () -- C:\Users\Olivia\Desktop\IMG_1046.wmv
[2014/02/24 02:09:18 | 000,000,857 | ---- | C] () -- C:\Users\Olivia\AppData\Local\recently-used.xbel
[2013/10/12 04:14:43 | 000,000,094 | ---- | C] () -- C:\Users\Olivia\AppData\Local\fusioncache.dat
[2013/07/15 00:51:37 | 000,036,993 | ---- | C] () -- C:\Users\Olivia\woa black ortes flogo.png
[2013/07/15 00:48:49 | 000,030,388 | ---- | C] () -- C:\Users\Olivia\woa logo black forest.png
[2013/07/15 00:19:33 | 000,112,062 | ---- | C] () -- C:\Users\Olivia\nhh.png
[2013/06/14 01:57:19 | 000,016,896 | ---- | C] () -- C:\Users\Olivia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 21:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/27 01:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 21:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 23:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 23:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2014/04/11 22:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 18:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/09 01:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/09 00:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 23:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 23:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 02:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 21:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 21:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 23:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 21:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 21:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 21:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 13:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 07:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 02:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2014/04/11 22:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 21:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 23:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 23:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2014/04/11 22:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 23:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 23:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 23:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 23:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 23:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 23:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 21:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 01:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 23:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 23:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 23:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 23:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 23:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 23:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 23:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 18:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 23:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 23:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 23:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 23:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: MPSVC.DLL >
[2013/05/27 01:26:41 | 001,011,712 | ---- | M] (Microsoft Corporation) MD5=7B6CD2C784B13D63481B6BF49605C026 -- C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MpSvc.dll
[2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) MD5=7CBB1D4D13DC62D7F529D87151FD3CD3 -- C:\Program Files\Windows Defender\MpSvc.dll
[2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) MD5=7CBB1D4D13DC62D7F529D87151FD3CD3 -- C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpSvc.dll
[2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) MD5=CF318F60A84F15AF352439465A8D05F4 -- C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MpSvc.dll

< MD5 for: QMGR.DLL >
[2010/11/20 23:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\erdnt\cache64\qmgr.dll
[2010/11/20 23:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\windows\SysNative\qmgr.dll
[2010/11/20 23:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll

< MD5 for: RPCSS.DLL >
[2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\erdnt\cache64\rpcss.dll
[2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\windows\SysNative\rpcss.dll
[2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll

< MD5 for: SERVICES >
[2009/06/10 17:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.CFG >
[2012/09/23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2013/09/05 10:04:00 | 000,559,090 | ---- | M] () MD5=8ADD48E413D05BF2E7AEC00173DDFABC -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 03:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\SysNative\en-US\services.exe.mui
[2010/11/21 03:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\windows\SysNative\wbem\services.mof
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 03:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\en-US\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\services.msc
[2010/11/21 03:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 03:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 03:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011/03/01 04:10:51 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=635455A95EB8EC47AC72142E501465ED -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_14271b75353e4391\svchost.exe
[2011/03/01 04:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\erdnt\cache64\svchost.exe
[2011/03/01 04:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\windows\SysNative\svchost.exe
[2011/03/01 04:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_13af509c1c123937\svchost.exe
[2011/03/01 04:07:49 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011/03/01 04:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\erdnt\cache86\svchost.exe
[2011/03/01 04:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\SysWOW64\svchost.exe
[2011/03/01 04:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 07:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 05:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\windows\SysNative\winlogon.exe
[2014/03/04 05:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is TI106411W0E
Volume Serial Number is 6E11-F425
Directory of C:\
07/14/2009 01:08 AM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
Directory of C:\ProgramData
07/14/2009 01:08 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009 01:08 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009 01:08 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009 01:08 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009 01:08 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 01:08 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users
07/14/2009 01:08 AM    <SYMLINKD>     All Users [C:\ProgramData]
07/14/2009 01:08 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
Directory of C:\Users\All Users
07/14/2009 01:08 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009 01:08 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009 01:08 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009 01:08 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009 01:08 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 01:08 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Default
07/14/2009 01:08 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009 01:08 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
07/14/2009 01:08 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
07/14/2009 01:08 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 01:08 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 01:08 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 01:08 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 01:08 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 01:08 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 01:08 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
07/14/2009 01:08 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 01:08 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 01:08 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
07/14/2009 01:08 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
07/14/2009 01:08 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
Directory of C:\Users\Olivia
07/18/2012 08:55 PM    <JUNCTION>     Application Data [C:\Users\Olivia\AppData\Roaming]
07/18/2012 08:55 PM    <JUNCTION>     Cookies [C:\Users\Olivia\AppData\Roaming\Microsoft\Windows\Cookies]
07/18/2012 08:55 PM    <JUNCTION>     Local Settings [C:\Users\Olivia\AppData\Local]
07/18/2012 08:55 PM    <JUNCTION>     My Documents [C:\Users\Olivia\Documents]
07/18/2012 08:55 PM    <JUNCTION>     NetHood [C:\Users\Olivia\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/18/2012 08:55 PM    <JUNCTION>     PrintHood [C:\Users\Olivia\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/18/2012 08:55 PM    <JUNCTION>     Recent [C:\Users\Olivia\AppData\Roaming\Microsoft\Windows\Recent]
07/18/2012 08:55 PM    <JUNCTION>     SendTo [C:\Users\Olivia\AppData\Roaming\Microsoft\Windows\SendTo]
07/18/2012 08:55 PM    <JUNCTION>     Start Menu [C:\Users\Olivia\AppData\Roaming\Microsoft\Windows\Start Menu]
07/18/2012 08:55 PM    <JUNCTION>     Templates [C:\Users\Olivia\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Olivia\AppData\Local
07/18/2012 08:55 PM    <JUNCTION>     Application Data [C:\Users\Olivia\AppData\Local]
07/18/2012 08:55 PM    <JUNCTION>     History [C:\Users\Olivia\AppData\Local\Microsoft\Windows\History]
07/18/2012 08:55 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Olivia\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Users\Olivia\Documents
07/18/2012 08:55 PM    <JUNCTION>     My Music [C:\Users\Olivia\Music]
07/18/2012 08:55 PM    <JUNCTION>     My Pictures [C:\Users\Olivia\Pictures]
07/18/2012 08:55 PM    <JUNCTION>     My Videos [C:\Users\Olivia\Videos]
               0 File(s)              0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 01:08 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
07/14/2009 01:08 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
07/14/2009 01:08 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
Directory of C:\Windows\System32\config\systemprofile
10/05/2012 04:33 PM    <JUNCTION>     Application Data [C:\windows\system32\config\systemprofile\AppData\Roaming]
10/05/2012 04:33 PM    <JUNCTION>     Local Settings [C:\windows\system32\config\systemprofile\AppData\Local]
10/05/2012 04:33 PM    <JUNCTION>     My Documents [C:\windows\system32\config\systemprofile\Documents]
10/05/2012 04:33 PM    <JUNCTION>     NetHood [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/05/2012 04:33 PM    <JUNCTION>     PrintHood [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/05/2012 04:33 PM    <JUNCTION>     Recent [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
10/05/2012 04:33 PM    <JUNCTION>     SendTo [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
10/05/2012 04:33 PM    <JUNCTION>     Start Menu [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
10/05/2012 04:33 PM    <JUNCTION>     Templates [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
10/05/2012 04:33 PM    <JUNCTION>     Application Data [C:\windows\system32\config\systemprofile\AppData\Local]
10/05/2012 04:33 PM    <JUNCTION>     History [C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/05/2012 04:33 PM    <JUNCTION>     Temporary Internet Files [C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Windows\System32\config\systemprofile\Documents
10/05/2012 04:33 PM    <JUNCTION>     My Music [C:\windows\system32\config\systemprofile\Music]
10/05/2012 04:33 PM    <JUNCTION>     My Pictures [C:\windows\system32\config\systemprofile\Pictures]
10/05/2012 04:33 PM    <JUNCTION>     My Videos [C:\windows\system32\config\systemprofile\Videos]
               0 File(s)              0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile
10/05/2012 04:33 PM    <JUNCTION>     Application Data [C:\windows\system32\config\systemprofile\AppData\Roaming]
10/05/2012 04:33 PM    <JUNCTION>     Local Settings [C:\windows\system32\config\systemprofile\AppData\Local]
10/05/2012 04:33 PM    <JUNCTION>     My Documents [C:\windows\system32\config\systemprofile\Documents]
10/05/2012 04:33 PM    <JUNCTION>     NetHood [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/05/2012 04:33 PM    <JUNCTION>     PrintHood [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/05/2012 04:33 PM    <JUNCTION>     Recent [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
10/05/2012 04:33 PM    <JUNCTION>     SendTo [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
10/05/2012 04:33 PM    <JUNCTION>     Start Menu [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
10/05/2012 04:33 PM    <JUNCTION>     Templates [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local
10/05/2012 04:33 PM    <JUNCTION>     Application Data [C:\windows\system32\config\systemprofile\AppData\Local]
10/05/2012 04:33 PM    <JUNCTION>     History [C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/05/2012 04:33 PM    <JUNCTION>     Temporary Internet Files [C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile\Documents
10/05/2012 04:33 PM    <JUNCTION>     My Music [C:\windows\system32\config\systemprofile\Music]
10/05/2012 04:33 PM    <JUNCTION>     My Pictures [C:\windows\system32\config\systemprofile\Pictures]
10/05/2012 04:33 PM    <JUNCTION>     My Videos [C:\windows\system32\config\systemprofile\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              79 Dir(s) 349,137,297,408 bytes free

< End of report >

------------------------------------------------------------------------------------------------

Extras.txt

-----------------------------------------------------------------------------------------------

OTL Extras logfile created on: 6/14/2014 9:52:26 PM - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Olivia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.92 Gb Total Physical Memory | 3.37 Gb Available Physical Memory | 56.87% Memory free
11.84 Gb Paging File | 9.10 Gb Available in Paging File | 76.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682.74 Gb Total Space | 325.24 Gb Free Space | 47.64% Space Free | Partition Type: NTFS

Computer Name: OLIVIA-PC | User Name: Olivia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1147979992-2349924293-2197084131-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4397C659-CAC7-4A39-8788-0A716BD81292}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4405E6B3-2042-4732-9E19-9B10F1D528C9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01AE6C30-26B3-4251-A6D5-D876753EB2D8}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{16379EEA-B6FB-4565-8163-112CB282F5C8}" = protocol=17 | dir=in | app=c:\program files (x86)\creflo dollar ministries toolbar\toolbarupdate.exe |
"{1657004B-ADC2-4742-8DC3-850B53AF3F51}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{1BD3BD0D-60C2-4749-B22F-BE77505A033F}" = protocol=17 | dir=in | app=c:\program files (x86)\creflo dollar ministries toolbar\troubleshooter.exe |
"{28230BD9-5CAF-48FF-9F8B-AA6AC0B7D1C3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2F198404-80D0-4E32-BAD2-68DA8939BFB7}" = protocol=6 | dir=in | app=c:\program files (x86)\creflo dollar ministries toolbar\toolbarupdate.exe |
"{3E937F9C-FA2B-4BAE-9ABD-4D1454478671}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{53640CC2-EE06-423E-B1E8-F208E5C432E3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{5D8EF707-6173-41D3-89FC-772E9E4792C6}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{62741823-E9CF-4069-9BFD-0251DB5132A1}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{639E8DFD-EF7B-4A49-9B6C-6785B1D92CB7}" = protocol=6 | dir=in | app=c:\program files (x86)\creflo dollar ministries toolbar\troubleshooter.exe |
"{676470AA-8705-464E-AC7E-F01F431EEAAE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{7030CE7C-C895-41DF-83B0-E58EFAC3BFE8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{93001929-63AD-4F93-9CFB-F6EE24FF70D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{971F6983-B909-4ADE-8612-9D041DE5DA86}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{A75D135E-63C1-46F4-B7E7-AAAFA8609F5A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{B7F0D720-8902-4F6D-AF42-4E5DD3B85050}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\zoo tycoon 2 trial version\zt2demoretail.exe |
"{B91E866A-1CE1-4D68-BE39-AD66183D5D41}" = dir=in | app=c:\users\olivia\appdata\local\microsoft\skydrive\skydrive.exe |
"{C06DDBDD-752C-4083-9C6A-6C7313F4B08C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lord of the rings online\turbineinvoker.exe |
"{C1BCD6BF-A452-4E84-8174-4DB64720FADE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E13E3734-A384-420E-9531-61E6C649A6B3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EDB40462-2CD6-4191-9317-5C74CC550889}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\zoo tycoon 2 endangered species trial version\zt.exe |
"{F0FB9B5F-13FA-4834-A6C2-18C268E5DE52}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lord of the rings online\turbineinvoker.exe |
"{F1CE4318-729F-4E40-97AF-3BD51A1FAB88}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{F27A56BD-A5AD-48B5-BA97-4F115C1340EF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\zoo tycoon 2 endangered species trial version\zt.exe |
"{F59B1A4F-E5DA-4DF6-9B71-DD55992D8A21}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\zoo tycoon 2 trial version\zt2demoretail.exe |
"TCP Query User{64C69000-BB59-41FA-AE58-526B1B1B7A63}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{8114E37C-CCA6-4B7D-9ADA-EADB02D1E929}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe |
"TCP Query User{9C81EF5A-0589-441F-8B33-74484A119267}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe |
"UDP Query User{3C289659-88FF-4DB6-9D36-B172E8500EE3}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe |
"UDP Query User{952FB295-E362-4B83-811A-A96DBD31D0ED}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe |
"UDP Query User{99237E82-56F2-4698-8657-BA503F248D7E}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1C8C049A-145F-4A6E-8290-B5C245EBE39D}" = TOSHIBA Bulletin Board
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{27C3DB42-A9C1-4B44-A164-93849D160D12}" = TOSHIBA VIDEO PLAYER
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display
"{2C486987-D447-4E36-8D61-86E48E24199C}" = TOSHIBA eco Utility
"{538B98C3-773F-4F20-9C66-802D104DCBE2}" = Intel® Trusted Connect Service Client
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{75A43A49-A6A1-4FCB-A41E-02D76E166691}" = SRS Premium Sound Control Panel
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF7756DD-656A-45C3-BA71-74673E8259A9}" = Intel® PROSet/Wireless WiFi Software
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.0
"Pen Tablet Driver" = Wacom
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
"{0AF17224-CF88-40B8-BB1A-D179369847B4}" = TOSHIBA Supervisor Password
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.7.2
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3384E1D9-3F18-4A98-8655-180FEF0DFC02}" = TOSHIBA User's Guide
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{418BAAD1-754D-48B4-B078-46EF4F25AF42}" = Google Drive
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = TOSHIBARegistration
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{617773AE-ADBA-4479-BB04-65FE7758B35C}" = TOSHIBA Wireless Display Monitor
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{654F7484-88C5-46DC-AB32-C66BCB0E2102}" = TOSHIBA Sleep Utility
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}" = TOSHIBA Resolution+ Plug-in for Windows Media Player
"{6E0C3C3D-CF8A-4AEC-AD6C-B4486A96BE8E}" = Bamboo Tablets Tutorial
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C0F2FA-8AA8-482C-96E4-A8124F2DC84D}" = ArtRage Studio
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{85AF94EC-55DE-452A-8FD7-C34E598B3F1F}" = Adobe Premiere Elements 7.0 Templates
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{90DFD61B-8224-00C6-3D69-A983B60A394E}" = Bamboo Dock
"{93F34C5C-ACAA-48F3-9B26-70359A117F12}" = Intel® WiDi
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}" = TOSHIBA Hardware Setup
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel® Manageability Engine Firmware Recovery Agent
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04)
"{AFBBF30D-ADA9-4313-464E-14458B6BE034}" = PhotoshopdotcomInspirationBrowser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C31337DE-0CDC-45A9-9A32-F099AC78D557}" = Toshiba Book Place
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C7A4F26F-F9B0-41B2-8659-99181108CDE3}" = TOSHIBA Media Controller
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D564B5E2-CCB5-4A5C-B35E-2FC30BBC9336}" = Adobe Premiere Elements 7.0
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{EB87378B-E64A-4D27-8AB6-0786BAB3AC84}" = Autodesk SketchBook Express 2011 sp2
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = The Lord of the Rings Online™ v03.08.00.8029
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"avast" = avast! Free Antivirus
"Bamboo Dock" = Bamboo Dock
"Battle.net" = Battle.net
"Celtx (2.9.7)" = Celtx (2.9.7)
"Google Chrome" = Google Chrome
"HyperCam 2" = HyperCam 2
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}" = TOSHIBA Bulletin Board
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"PremElem70" = Adobe Premiere Elements 7.0
"PremElem70Templates" = Adobe Premiere Elements 7.0 Templates
"RealPlayer 16.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.95
"Steam App 212500" = The Lord of the Rings Online™
"ToshibaSD" = Toshiba Security Dashboard
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"Zoo Tycoon 1.0" = Microsoft Zoo Tycoon
"Zoo Tycoon 2 ES Trial Version" = Zoo Tycoon 2 Endangered Species Trial
"Zoo Tycoon 2 Trial Version" = Zoo Tycoon 2 Trial Version

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1147979992-2349924293-2197084131-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Last Moon" = Last Moon 0.3
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/15/2014 4:55:06 PM | Computer Name = Olivia-PC | Source = Application Error | ID = 1000
Description = Faulting application name: TPCHSrv.exe, version: 1.0.0.17, time stamp:
0x4ee83cbe Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp:
0x521eaf24 Exception code: 0xc0000374 Fault offset: 0x00000000000c4102 Faulting process
id: 0x1248 Faulting application start time: 0x01cf707fec388c2f Faulting application
path: C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report
Id: 3138d367-dc73-11e3-a6fa-00266c1abcc6

Error - 5/25/2014 5:17:04 PM | Computer Name = Olivia-PC | Source = Application Error | ID = 1000
Description = Faulting application name: GoogleUpdate.exe, version: 1.2.183.21,
time stamp: 0x4b95e661 Faulting module name: ntdll.dll, version: 6.1.7601.18247,
time stamp: 0x521ea8e7 Exception code: 0xc0000005 Fault offset: 0x000223e0 Faulting
process id: 0xc0f0 Faulting application start time: 0x01cf785d28d7911b Faulting application
path: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Faulting module path:
C:\windows\SysWOW64\ntdll.dll Report Id: eaf94021-e451-11e3-a6fa-00266c1abcc6

Error - 5/31/2014 1:09:42 AM | Computer Name = Olivia-PC | Source = CVHSVC | ID = 100
Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
DownloadLatest Failed: There are currently no active network connections. Background
Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error - 5/31/2014 5:26:28 PM | Computer Name = Olivia-PC | Source = Application Error | ID = 1000
Description = Faulting application name: GoogleUpdate.exe, version: 1.2.183.21,
time stamp: 0x4b95e661 Faulting module name: ntdll.dll, version: 6.1.7601.18247,
time stamp: 0x521ea8e7 Exception code: 0xc0000005 Fault offset: 0x000223e0 Faulting
process id: 0xf568 Faulting application start time: 0x01cf7d15bf994797 Faulting application
path: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Faulting module path:
C:\windows\SysWOW64\ntdll.dll Report Id: 397737ab-e90a-11e3-a6fa-00266c1abcc6

Error - 6/2/2014 5:45:24 PM | Computer Name = Olivia-PC | Source = Application Error | ID = 1000
Description = Faulting application name: GoogleUpdate.exe, version: 1.2.183.21,
time stamp: 0x4b95e661 Faulting module name: ntdll.dll, version: 6.1.7601.18247,
time stamp: 0x521ea8e7 Exception code: 0xc0000005 Fault offset: 0x000223e0 Faulting
process id: 0x11928 Faulting application start time: 0x01cf7eaa14ec5f40 Faulting
application path: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Faulting
module path: C:\windows\SysWOW64\ntdll.dll Report Id: 3352a392-ea9f-11e3-a6fa-00266c1abcc6

Error - 6/8/2014 7:33:55 PM | Computer Name = Olivia-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ytd.exe, version: 4.7.2.1, time stamp:
0x529efd67 Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp:
0x4ce7b96f Exception code: 0xc0000005 Fault offset: 0x0004866a Faulting process id:
0xb4b4 Faulting application start time: 0x01cf786fd188b916 Faulting application path:
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe Faulting
module path: C:\windows\syswow64\ole32.dll Report Id: 5aa63501-ef65-11e3-a6fa-00266c1abcc6

Error - 6/14/2014 6:37:56 PM | Computer Name = Olivia-PC | Source = Application Error | ID = 1000
Description = Faulting application name: PhotoshopElementsEditor.exe, version: 7.0.0.0,
time stamp: 0x48cff252 Faulting module name: PhotoshopElementsEditor.exe, version:
7.0.0.0, time stamp: 0x48cff252 Exception code: 0xc0000005 Fault offset: 0x00ae62d3
Faulting
process id: 0x1634c Faulting application start time: 0x01cf876f7d0553d1 Faulting
application path: C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsEditor.exe
Faulting
module path: C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsEditor.exe
Report
Id: 87268c6e-f414-11e3-a6fa-00266c1abcc6

Error - 6/14/2014 6:40:36 PM | Computer Name = Olivia-PC | Source = Application Hang | ID = 1002
Description = The program SketchBookExpress.exe version 5.2.1.0 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel.    Process ID: 177d4    Start
Time: 01cf850aa8894c5e    Termination Time: 1521    Application Path: C:\Program Files
(x86)\Autodesk\SketchBook Express 2011\SketchBookExpress.exe    Report Id: a6e19260-f414-11e3-a6fa-00266c1abcc6

Error - 6/14/2014 7:53:27 PM | Computer Name = Olivia-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/14/2014 7:58:20 PM | Computer Name = Olivia-PC | Source = Application Error | ID = 1000
Description = Faulting application name: TPCHSrv.exe, version: 1.0.0.17, time stamp:
0x4ee83cbe Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp:
0x521eaf24 Exception code: 0xc0000374 Fault offset: 0x00000000000c4102 Faulting process
id: 0x6c4 Faulting application start time: 0x01cf882c82e76d5f Faulting application
path: C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report
Id: c2679640-f41f-11e3-8f43-00266c1abcc6

[ System Events ]
Error - 5/15/2014 4:55:54 PM | Computer Name = Olivia-PC | Source = DCOM | ID = 10010
Description =

Error - 5/29/2014 5:29:44 PM | Computer Name = Olivia-PC | Source = DCOM | ID = 10010
Description =

Error - 5/31/2014 5:18:13 PM | Computer Name = Olivia-PC | Source = DCOM | ID = 10010
Description =

Error - 6/1/2014 5:37:04 PM | Computer Name = Olivia-PC | Source = DCOM | ID = 10010
Description =

Error - 6/5/2014 11:52:33 PM | Computer Name = Olivia-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 6/10/2014 6:01:53 PM | Computer Name = Olivia-PC | Source = DCOM | ID = 10010
Description =

Error - 6/12/2014 7:14:21 PM | Computer Name = Olivia-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 6/14/2014 7:30:19 PM | Computer Name = Olivia-PC | Source = DCOM | ID = 10010
Description =

Error - 6/14/2014 7:58:23 PM | Computer Name = Olivia-PC | Source = Service Control Manager | ID = 7034
Description = The TPCH Service service terminated unexpectedly. It has done this
1 time(s).

Error - 6/14/2014 7:58:47 PM | Computer Name = Olivia-PC | Source = DCOM | ID = 10010
Description =

< End of report >

#10
Biscuithd

Posted 15 June 2014 - 10:01 AM

Trusted Helper

Malware Removal
2,573 posts

Hello TerraceHill,

Here are the first steps in cleaning your computer. If you have any questions, please let me know.

OTL Fix

Run OTL as you did before.
Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.

xotlrunfix.jpg.pagespeed.ic.wT-vY4tHzw.j

:Commands
[createrestorepoint]

:OTL
PRC - File not found --
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\..\SearchScopes,DefaultScope = {652F9CE1-253F-41E3-BD78-9E097B60BDFA}
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\..\SearchScopes\{2F7C0659-69DD-49B5-903C-8CE4C9C4881D}: "URL" = http://www.google.co...1I7TSNO_enUS493
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\..\SearchScopes\{34C44B18-A2BE-4BE8-8B3A-D6FC1EC80815}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-1147979992-2349924293-2197084131-1000\..\SearchScopes\{652F9CE1-253F-41E3-BD78-9E097B60BDFA}: "URL" = http://search.yahoo....p={searchTerms}
FF - prefs.js..browser.startup.homepage: "http://search.yahoo....=spigot-yhp-ff"
FF - prefs.js..extensions.enabledAddons: %7B58d2a791-6199-482f-a9aa-9b725ec61362%7D:2.2
FF - prefs.js..extensions.enabledAddons: savingsslider%40mybrowserbar.com:3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo....type=407453&p="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
[2012/11/23 23:13:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\Extensions
[2012/11/23 23:13:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\Extensions\[email protected]
[2014/04/30 23:44:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\Firefox\Profiles\hbn48kr9.default\extensions
[2014/04/30 23:44:39 | 000,010,858 | ---- | M] () (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\extensions\[email protected]
[2014/04/13 23:09:33 | 000,010,082 | ---- | M] () (No name found) -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
[2014/01/18 04:31:43 | 000,000,905 | ---- | M] () -- C:\Users\Olivia\AppData\Roaming\mozilla\firefox\profiles\hbn48kr9.default\searchplugins\yahoo_ff.xml
[2014/05/09 20:20:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/09 20:20:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014/06/14 18:30:21 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/06/13 21:25:03 | 000,016,896 | ---- | M] () -- C:\Users\Olivia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:commands
[resethosts]
[emptytemp]

Then press the Run Fix button

Your computer will reboot. If it does not, please manually reboot.

Next, download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1

Right-click on AdwCleaner.exe and select Run as administrator.
Click Scan and let the scan run.
When it finishes, click Clean, following the on screen prompts
After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.

Note: The log can also be found in here: C:\AdwCleaner\

Next, download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

When JRT (Junkware Removal Tool) is complete, make sure you Reboot your computer and assure that your security software (Anti-Virus, etc.) is turned on and operating.

Then, re-run OTL as you have done before and this time select Quick Scan. When complete, post the results.

To summarize, please post results of the AdwCleaner, Junkware Removal Tool and the OTL scan.

If you have any issues running the above or questions, let me know. Also, let me know how the computer is running.

#11
TerraceHill

Posted 19 June 2014 - 03:55 PM

Member

Topic Starter
Member
32 posts

Sorry I haven't replied sooner, but the OTl program keeps "Not Responding"... I will get it though, just give me more time.

#12
Biscuithd

Posted 20 June 2014 - 07:19 AM

Trusted Helper

Malware Removal
2,573 posts

Sorry I haven't replied sooner,

No problem

but the OTl program keeps "Not Responding"...

That's not encouraging. I don't see any malware that would necessarily account for that, but, sometime you never know. Maybe try booting to Safe Mode with Networking or Safe Mode (the one without networking, but save the fix to a text file first so you'll have it to run.) Hopefully after you run the OTL fix, the other programs will run without issue in Normal Boot Mode.

Keep me posted on your progress