Essentially I've tried about everything to fix these problems. You know, those annoying randomly linked words on websites that become ads when you hover over them? Can't get rid of 'em. Also AdBlock is constantly blocking ads on youtube that are trying to load. I can see them start to load and then immediately disappear once AB gets them. But it cause lag on video playback. I've ran AdwCleaner, Hitman Pro, MBAM, and Avast. All of them found malware, none have successfully fixed the problem. Any help?
Edit: Didn't do what I was supposed to and read first. Here's my OTL log.
OTL logfile created on: 3/28/2014 6:52:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wesdawg\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.98 Gb Total Physical Memory | 4.84 Gb Available Physical Memory | 60.63% Memory free
15.98 Gb Paging File | 12.15 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.76 Gb Total Space | 243.03 Gb Free Space | 52.18% Space Free | Partition Type: NTFS
Drive D: | 180.22 Gb Total Space | 179.89 Gb Free Space | 99.81% Space Free | Partition Type: NTFS
Drive F: | 6.06 Gb Total Space | 6.06 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Computer Name: WESDAWG-PC | User Name: Wesdawg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/03/28 18:52:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wesdawg\Downloads\OTL (1).exe
PRC - [2014/03/27 20:12:43 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/03/27 20:12:42 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/03/22 11:11:44 | 009,279,024 | ---- | M] (Blizzard Entertainment) -- C:\Program Files (x86)\Battle.net\Battle.net.4336\Battle.net.exe
PRC - [2014/03/22 11:09:02 | 008,840,240 | ---- | M] (Blizzard Entertainment) -- C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
PRC - [2014/03/21 04:38:56 | 000,494,592 | ---- | M] (LOL Replay) -- C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
PRC - [2014/03/09 08:34:30 | 000,859,464 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/02/14 16:51:41 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
PRC - [2014/01/30 15:05:24 | 021,822,128 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014/01/23 00:15:10 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Users\Wesdawg\AppData\Roaming\Spotify\spotify.exe
PRC - [2014/01/23 00:15:02 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Wesdawg\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/01/23 00:15:02 | 000,603,648 | ---- | M] () -- C:\Users\Wesdawg\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
PRC - [2013/11/17 18:10:18 | 001,142,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\Wesdawg\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013/10/30 20:09:08 | 002,990,304 | ---- | M] (Nota Inc.) -- C:\Program Files (x86)\Gyazo\GyStation.exe
PRC - [2013/09/26 10:50:36 | 006,914,048 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\PCE-N53 WLAN Card Utilities\Common\RaUI.exe
PRC - [2013/03/15 16:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2013/01/15 14:07:42 | 002,750,840 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
PRC - [2013/01/15 14:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2012/03/21 07:48:28 | 000,375,872 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\ASUS\PCE-N53 WLAN Card Utilities\Common\RaRegistry.exe
PRC - [2012/03/21 07:48:28 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\ASUS\PCE-N53 WLAN Card Utilities\Common\ASUSService.exe
========== Modules (No Company Name) ==========
MOD - [2014/03/28 17:01:00 | 001,157,120 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\_ssl.pyd
MOD - [2014/03/28 17:01:00 | 000,811,008 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\wx._windows_.pyd
MOD - [2014/03/28 17:01:00 | 000,805,888 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\wx._gdi_.pyd
MOD - [2014/03/28 17:01:00 | 000,712,192 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\_hashlib.pyd
MOD - [2014/03/28 17:01:00 | 000,110,080 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\pywintypes27.dll
MOD - [2014/03/28 17:01:00 | 000,087,040 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\_ctypes.pyd
MOD - [2014/03/28 17:01:00 | 000,070,656 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\wx._html2.pyd
MOD - [2014/03/28 17:01:00 | 000,038,912 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\win32inet.pyd
MOD - [2014/03/28 17:01:00 | 000,035,840 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\win32process.pyd
MOD - [2014/03/28 17:01:00 | 000,026,624 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\_multiprocessing.pyd
MOD - [2014/03/28 17:01:00 | 000,025,600 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\win32pdh.pyd
MOD - [2014/03/28 17:01:00 | 000,024,064 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\win32pipe.pyd
MOD - [2014/03/28 17:00:59 | 001,062,400 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\wx._controls_.pyd
MOD - [2014/03/28 17:00:59 | 000,686,080 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\unicodedata.pyd
MOD - [2014/03/28 17:00:59 | 000,525,640 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\windows._lib_cacheinvalidation.pyd
MOD - [2014/03/28 17:00:59 | 000,127,488 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\pyexpat.pyd
MOD - [2014/03/28 17:00:59 | 000,119,808 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\win32file.pyd
MOD - [2014/03/28 17:00:59 | 000,108,544 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\win32security.pyd
MOD - [2014/03/28 17:00:59 | 000,018,432 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\win32event.pyd
MOD - [2014/03/28 17:00:59 | 000,017,408 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\win32profile.pyd
MOD - [2014/03/28 17:00:59 | 000,010,240 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\select.pyd
MOD - [2014/03/28 17:00:58 | 001,175,040 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\wx._core_.pyd
MOD - [2014/03/28 17:00:58 | 000,557,056 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\pysqlite2._sqlite.pyd
MOD - [2014/03/28 17:00:58 | 000,364,544 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\pythoncom27.dll
MOD - [2014/03/28 17:00:58 | 000,320,512 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\win32com.shell.shell.pyd
MOD - [2014/03/28 17:00:58 | 000,128,512 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\_elementtree.pyd
MOD - [2014/03/28 17:00:58 | 000,098,816 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\win32api.pyd
MOD - [2014/03/28 17:00:58 | 000,044,032 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\_socket.pyd
MOD - [2014/03/28 17:00:58 | 000,022,528 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\win32ts.pyd
MOD - [2014/03/28 17:00:57 | 000,735,232 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\wx._misc_.pyd
MOD - [2014/03/28 17:00:57 | 000,122,368 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\wx._wizard.pyd
MOD - [2014/03/28 17:00:57 | 000,011,264 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Temp\_MEI50882\win32crypt.pyd
MOD - [2014/03/27 20:12:47 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/03/27 14:44:34 | 000,181,760 | ---- | M] () -- C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.324.433.1_0\plugin\ace.dll
MOD - [2014/03/22 11:11:27 | 026,118,656 | ---- | M] () -- C:\Program Files (x86)\Battle.net\Battle.net.4336\libcef.dll
MOD - [2014/03/22 11:11:27 | 000,739,840 | ---- | M] () -- C:\Program Files (x86)\Battle.net\Battle.net.4336\libGLESv2.dll
MOD - [2014/03/22 11:11:27 | 000,130,048 | ---- | M] () -- C:\Program Files (x86)\Battle.net\Battle.net.4336\libEGL.dll
MOD - [2014/03/21 04:38:46 | 000,378,880 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\LOLUtils.dll
MOD - [2014/03/09 08:37:07 | 013,632,840 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
MOD - [2014/03/09 08:35:39 | 004,060,488 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
MOD - [2014/03/09 08:35:39 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
MOD - [2014/03/09 08:35:39 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
MOD - [2014/03/09 08:35:39 | 000,394,568 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppgooglenaclpluginchrome.dll
MOD - [2014/03/09 08:35:39 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
MOD - [2014/03/09 08:35:39 | 000,051,016 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
MOD - [2014/02/14 12:13:27 | 000,978,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\97272e5adde36ea896d7216bf0270e15\System.Configuration.ni.dll
MOD - [2014/02/14 12:13:21 | 002,297,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\3430f069c93f4233f0dbb775cb73b49b\System.Core.ni.dll
MOD - [2014/02/14 12:04:21 | 005,463,040 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\e01f81a28ee1fdf91667594815903762\System.Xml.ni.dll
MOD - [2014/02/14 12:04:17 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a673aacf407b499981342bb709cce917\System.Windows.Forms.ni.dll
MOD - [2014/02/14 12:04:10 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d76ae95d56d39a59f727f5518ac8e396\System.Drawing.ni.dll
MOD - [2014/02/14 12:04:04 | 000,368,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e9ae0fb899850e416f1c7f19e91b64c\PresentationFramework.Aero.ni.dll
MOD - [2014/02/14 12:04:03 | 014,344,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\495d89631724cf0e7b1ace2c1edb4fa9\PresentationFramework.ni.dll
MOD - [2014/02/14 12:03:51 | 012,239,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eb357737121e026292287e3f53aae21\PresentationCore.ni.dll
MOD - [2014/02/14 12:03:42 | 003,349,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\3dce9bc573ada6f51434af3d3460a746\WindowsBase.ni.dll
MOD - [2014/02/14 12:03:40 | 007,993,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\20af51394609c937507288c2b1cf2c8c\System.ni.dll
MOD - [2014/02/14 12:03:36 | 011,499,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3de119146ed0e59408f896aa69cdfc42\mscorlib.ni.dll
MOD - [2014/01/23 00:15:03 | 036,967,424 | ---- | M] () -- C:\Users\Wesdawg\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2014/01/23 00:15:02 | 000,887,808 | ---- | M] () -- C:\Users\Wesdawg\AppData\Roaming\Spotify\Data\libglesv2.dll
MOD - [2014/01/23 00:15:02 | 000,603,648 | ---- | M] () -- C:\Users\Wesdawg\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
MOD - [2014/01/23 00:15:02 | 000,109,568 | ---- | M] () -- C:\Users\Wesdawg\AppData\Roaming\Spotify\Data\libegl.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/10/17 11:25:48 | 008,866,472 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/03/27 20:12:42 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/02/06 04:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/27 09:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/11/27 03:17:40 | 000,263,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/11/22 22:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/07 21:41:17 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/10/30 18:29:53 | 000,348,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/10/30 18:29:53 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/10/21 19:53:47 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/10/08 10:34:38 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013/10/08 06:52:58 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/10/04 02:10:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/09/20 23:38:15 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/09/20 23:34:45 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/08/31 04:00:10 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/08/22 13:11:18 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2013/08/22 13:11:17 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2013/08/22 06:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 05:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 05:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 05:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 05:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 05:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 04:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 04:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 04:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 03:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 03:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 03:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 03:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 03:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 03:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 03:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 03:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 03:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 03:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 03:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014/03/05 09:24:48 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/03/05 09:24:46 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/02/25 15:57:46 | 000,568,512 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/08/31 03:25:30 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/08/22 06:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 21:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 20:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/04/07 07:09:26 | 000,542,208 | ---- | M] () [Auto | Running] -- C:\Users\Wesdawg\AppData\Local\McMyAdmin\MCMA_Service.exe -- (McMyAdmin)
SRV - [2013/03/15 16:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2013/01/15 14:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2012/03/21 07:48:28 | 000,375,872 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\ASUS\PCE-N53 WLAN Card Utilities\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2012/03/21 07:48:28 | 000,184,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\PCE-N53 WLAN Card Utilities\Common\ASUSService.exe -- (ASUSWireless)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/03/28 16:59:10 | 000,032,512 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hitmanpro37.sys -- (hitmanpro37)
DRV:64bit: - [2014/03/27 20:12:54 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/03/27 20:12:54 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/03/27 20:12:54 | 000,208,928 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/03/27 20:12:54 | 000,084,816 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/03/27 20:12:54 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/03/27 20:12:54 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/03/27 20:12:52 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/03/05 09:26:22 | 000,063,192 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/03/05 09:26:04 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/02/26 20:57:26 | 000,046,136 | -H-- | M] (LogMeIn Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Hamdrv.sys -- (Hamachi)
DRV:64bit: - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2014/01/07 19:46:27 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/11/26 19:41:15 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/11/10 20:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 05:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/30 18:58:59 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/30 18:29:36 | 000,236,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/10/30 18:29:36 | 000,124,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/10/30 18:28:47 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/10/25 19:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/12 20:48:34 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/08 07:58:42 | 012,534,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/10/08 06:27:46 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/10/05 09:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/21 06:10:51 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/09/17 03:18:30 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/14 08:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/08/22 13:11:19 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013/08/22 13:11:18 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/08/22 13:11:12 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013/08/22 13:11:12 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013/08/22 13:11:12 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013/08/22 13:11:12 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013/08/22 13:11:12 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 07:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 07:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 06:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 06:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 06:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 06:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 06:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 06:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 06:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 06:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 06:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 06:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 06:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 06:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 06:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 06:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 06:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 06:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 06:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 06:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 06:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 06:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 06:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 06:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 06:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 06:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 06:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 06:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 06:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 06:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 06:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/08/22 06:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 06:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 06:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 06:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 06:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 05:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 05:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 05:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 05:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 05:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 05:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 05:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 05:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 05:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 05:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 05:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 05:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 05:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 05:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 05:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 05:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 05:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 05:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 05:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 05:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 05:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 05:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 05:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 05:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 05:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:27:46 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2013/08/22 02:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 17:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 18:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 12:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 13:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/25 13:05:37 | 002,607,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2013/06/22 10:49:50 | 000,138,240 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWB6.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/06/18 08:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/05/17 12:13:26 | 000,017,280 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2012/12/13 15:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/20 14:55:42 | 000,057,512 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2012/09/22 17:17:24 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/05/12 13:31:00 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011/12/07 20:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://t.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE A3 E6 A6 B2 44 CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Wesdawg\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Wesdawg\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Wesdawg\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Wesdawg\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
[2014/03/03 01:49:30 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Entanglement Web App = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\3.4.9_0\
CHR - Extension: Google Docs = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: TypingWeb Typing Tutor = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\clcgempicojkfhpnepfecmklndooebjk\1.0.0.3_0\
CHR - Extension: Google Search = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: avast! Online Security = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2016.82_0\
CHR - Extension: Cargo Bridge: Armor Games Edition = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlpiaibleklmjieibbnmkignbggodmmj\2.1.1_0\
CHR - Extension: Troll Emoticons = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\hndllphbhpadfpoikpaofkkkpkpnmjik\5.3.2_0\
CHR - Extension: Cargo Bridge = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn\1.5.7_0\
CHR - Extension: Poppit = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Plants vs Zombies = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0\
CHR - Extension: Cargo Bridge: Xmas level pack = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdcclndkdgngndhjfccoabooegcgamk\1.0.1_0\
CHR - Extension: Hangouts = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.324.433.1_0\
CHR - Extension: Google Wallet = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: USA = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\oecmgmlcbjhohkikjlppgpkbfidcnohb\1.2_0\
CHR - Extension: Gmail = C:\Users\Wesdawg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013/08/22 07:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C - No CLSID value found.
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe" --autostarted File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_1F3130CD746360472E393EDB0EC2D7C1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)
O4 - HKCU..\Run: [Spotify] C:\Users\Wesdawg\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Wesdawg\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Users\Wesdawg\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1979 ([http] in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF772021-D7BA-43A2-A4BB-D1C86BFB443B}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/03/28 16:46:43 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/03/28 16:30:17 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/27 23:27:01 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/03/27 23:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/03/27 23:26:46 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/03/27 23:26:46 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/03/27 23:26:46 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/03/27 23:26:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/03/27 23:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/03/27 22:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014/03/27 22:49:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/27 20:14:15 | 000,000,000 | ---D | C] -- C:\Users\Wesdawg\AppData\Roaming\AVAST Software
[2014/03/27 20:14:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/03/27 20:13:04 | 001,039,096 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2014/03/27 20:13:04 | 000,423,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2014/03/27 20:13:04 | 000,093,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2014/03/27 20:13:04 | 000,084,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2014/03/27 20:13:04 | 000,079,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2014/03/27 20:13:02 | 000,334,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014/03/27 20:12:50 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/03/27 20:11:54 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/03/27 20:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/03/27 18:40:47 | 000,000,000 | ---D | C] -- C:\Users\Wesdawg\AppData\Local\DynamicPricer
[2014/03/27 18:21:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows 8.1 Product Key Finder Ultimate v14.03.1
[2014/03/27 18:18:11 | 000,000,000 | ---D | C] -- C:\Users\Wesdawg\AppData\Roaming\key-find
[2014/03/26 10:38:31 | 000,040,664 | ---- | C] (The OpenVPN Project) -- C:\WINDOWS\SysNative\drivers\tap0901.sys
[2014/03/26 10:32:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014/03/26 10:32:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2014/03/26 10:31:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2014/03/26 10:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2014/03/26 10:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2014/03/26 10:29:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2014/03/26 10:28:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014/03/26 10:28:45 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/03/26 10:27:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/03/26 10:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/03/26 10:26:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/03/26 10:26:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/03/26 10:26:52 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/03/26 09:50:39 | 000,000,000 | R--D | C] -- C:\Users\Wesdawg\Google Drive
[2014/03/25 17:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2014/03/25 17:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2014/03/25 17:33:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2014/03/23 00:58:58 | 000,000,000 | ---D | C] -- C:\Users\Wesdawg\AppData\Local\McMyAdmin
[2014/03/19 02:17:54 | 000,000,000 | ---D | C] -- C:\Users\Wesdawg\AppData\Roaming\Mozilla
[2014/03/19 02:17:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/03/18 13:26:46 | 000,000,000 | ---D | C] -- C:\Users\Wesdawg\Desktop\Minecraft-Region-Fixer-0.1.3
[2014/03/18 12:34:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2014/03/13 18:06:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2014/03/10 14:02:14 | 000,000,000 | ---D | C] -- C:\Users\Wesdawg\.jmc
[2014/03/10 14:02:11 | 000,000,000 | ---D | C] -- C:\Users\Wesdawg\.eclipse
[2014/03/10 13:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2014/03/09 21:43:43 | 000,000,000 | ---D | C] -- C:\Users\Wesdawg\Desktop\Server
[2014/03/06 14:26:58 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/02/26 20:57:26 | 000,046,136 | -H-- | C] (LogMeIn Inc.) -- C:\WINDOWS\SysNative\drivers\Hamdrv.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/03/28 18:56:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/28 18:17:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3122219006-2716394625-877962512-1001UA.job
[2014/03/28 17:02:51 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/28 17:00:56 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/03/28 17:00:19 | 000,000,438 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts.ics
[2014/03/28 16:59:53 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/28 16:59:10 | 000,032,512 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\hitmanpro37.sys
[2014/03/28 16:58:50 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/03/28 16:58:47 | 2562,809,855 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/28 16:57:13 | 000,001,174 | ---- | M] () -- C:\WINDOWS\SysNative\.crusader
[2014/03/28 16:17:00 | 465,416,621 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2014/03/28 01:15:17 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/03/27 23:26:49 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/27 22:58:22 | 000,473,296 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/03/27 21:17:31 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3122219006-2716394625-877962512-1001Core.job
[2014/03/27 20:43:25 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/03/27 20:43:25 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/03/27 20:14:02 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/03/27 20:12:54 | 001,039,096 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2014/03/27 20:12:54 | 000,423,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2014/03/27 20:12:54 | 000,334,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014/03/27 20:12:54 | 000,208,928 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2014/03/27 20:12:54 | 000,084,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2014/03/27 20:12:54 | 000,079,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2014/03/27 20:12:54 | 000,065,776 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2014/03/27 20:12:52 | 000,093,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2014/03/27 20:12:50 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/03/27 18:33:08 | 000,000,538 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/03/27 18:23:28 | 000,002,299 | ---- | M] () -- C:\Users\Wesdawg\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/27 18:23:28 | 000,001,436 | ---- | M] () -- C:\Users\Wesdawg\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/03/26 17:51:32 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/03/26 17:51:32 | 000,730,408 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/03/26 17:51:32 | 000,135,520 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/03/26 10:27:57 | 000,001,795 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/03/26 09:50:40 | 000,001,693 | ---- | M] () -- C:\Users\Wesdawg\Desktop\Google Drive.lnk
[2014/03/23 10:09:38 | 000,001,561 | ---- | M] () -- C:\Users\Wesdawg\Desktop\McMyAdmin - Shortcut.lnk
[2014/03/23 09:59:50 | 000,002,005 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2014/03/23 09:59:50 | 000,001,913 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2014/03/18 12:34:24 | 000,002,058 | ---- | M] () -- C:\Users\Public\Desktop\Google Slides.lnk
[2014/03/18 12:34:24 | 000,002,056 | ---- | M] () -- C:\Users\Public\Desktop\Google Sheets.lnk
[2014/03/18 12:34:24 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\Google Docs.lnk
[2014/03/09 21:49:31 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/03/05 09:26:22 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/03/05 09:26:08 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/03/05 09:26:04 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/02/26 20:57:26 | 000,046,136 | -H-- | M] (LogMeIn Inc.) -- C:\WINDOWS\SysNative\drivers\Hamdrv.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/03/28 16:59:10 | 000,032,512 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\hitmanpro37.sys
[2014/03/28 16:57:13 | 000,001,174 | ---- | C] () -- C:\WINDOWS\SysNative\.crusader
[2014/03/28 01:16:25 | 465,416,621 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2014/03/27 23:26:49 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/27 22:58:11 | 000,473,296 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/03/27 20:14:02 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/03/27 20:13:04 | 000,208,928 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2014/03/27 20:13:04 | 000,065,776 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2014/03/26 10:27:57 | 000,001,795 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/03/26 09:50:40 | 000,001,693 | ---- | C] () -- C:\Users\Wesdawg\Desktop\Google Drive.lnk
[2014/03/23 10:09:38 | 000,001,561 | ---- | C] () -- C:\Users\Wesdawg\Desktop\McMyAdmin - Shortcut.lnk
[2014/03/18 12:34:24 | 000,002,058 | ---- | C] () -- C:\Users\Public\Desktop\Google Slides.lnk
[2014/03/18 12:34:24 | 000,002,056 | ---- | C] () -- C:\Users\Public\Desktop\Google Sheets.lnk
[2014/03/18 12:34:24 | 000,002,046 | ---- | C] () -- C:\Users\Public\Desktop\Google Docs.lnk
[2014/03/17 16:34:02 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014/03/17 16:34:02 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/03/12 08:11:25 | 000,386,722 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/02/27 22:12:28 | 000,000,938 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3122219006-2716394625-877962512-1001UA.job
[2014/02/27 22:12:27 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3122219006-2716394625-877962512-1001Core.job
[2014/02/17 11:27:02 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2014/02/15 11:12:33 | 000,000,538 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/11/27 18:07:30 | 000,013,973 | ---- | C] () -- C:\WINDOWS\SysWow64\RaCoInst.dat
[2013/11/27 18:07:29 | 000,000,451 | ---- | C] () -- C:\WINDOWS\SysWow64\DiagFunc.ini
[2013/11/27 18:07:28 | 000,792,416 | ---- | C] () -- C:\WINDOWS\SysWow64\DiagFunc.dll
[2013/11/17 14:57:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/10/08 10:45:08 | 000,038,912 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
[2013/10/08 06:25:02 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013/09/26 20:02:38 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013/09/26 20:02:38 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/09/26 20:02:36 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013/09/26 20:02:18 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013/09/26 20:02:18 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013/08/22 09:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 09:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 08:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 01:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 21:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 17:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 17:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
========== ZeroAccess Check ==========
[2013/11/21 18:00:50 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/12/09 02:05:24 | 021,199,256 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/12/08 22:51:04 | 018,643,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 03:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 20:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 03:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/03/24 12:04:48 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\.minecraft
[2014/02/07 09:30:28 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\Armagetron
[2014/03/27 20:14:15 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\AVAST Software
[2014/02/08 00:24:39 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\Awesomium
[2014/01/23 18:45:16 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\Battle.net
[2014/02/09 21:32:34 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\DAEMON Tools Lite
[2014/03/28 16:25:19 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\Gyazo
[2014/03/27 20:33:21 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\ImgBurn
[2014/01/16 18:46:49 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\IrfanView
[2014/03/27 18:23:45 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\key-find
[2013/11/17 22:34:28 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\LolClient
[2013/12/23 19:59:31 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\MotioninJoy
[2013/12/06 19:43:25 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\Notepad++
[2013/11/17 18:14:35 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\Riot Games
[2014/03/28 17:01:56 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\Spotify
[2013/11/24 09:34:42 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\Temp
[2013/11/22 15:48:55 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\Theta
[2013/11/26 19:59:13 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\Ubisoft
[2014/03/28 19:01:09 | 000,000,000 | ---D | M] -- C:\Users\Wesdawg\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 237 bytes -> C:\Users\Wesdawg\SkyDrive.old:ms-properties
@Alternate Data Stream - 200 bytes -> C:\Users\Wesdawg\SkyDrive:ms-properties
< End of report >