Good Morning everyone. Thank you in advance :-)
I made a mistake last night and accepted and UPDATE thinking it was a real update for Java. *hangs head in shame*C
It only appears when I am using Google Chrome Websearch.
A pop up comes everytime I go to a webpage or even click it off it will return.
S.mjystw.com
Warning: Your Java Version is outdated Has Security Risks, Please Update Now.
If you hit Ok it takes you to a webpage S6.mobaea.com
Then it downloads a dl setup ex which info is
File Angels
COMODO Code signing CA2
((there is a lot more under info within the Certificate and such not under more information)
Another message that keeps reappearing.
Recommend
Your current Google Chrome needs an updated video player to the fastest version
In addition these pages pop up when I start Google Chrome up.
Trovi.com Astromenda Search
Also partion drives me nuts lol but not part of the problem.LOL
OTL Log Below.
OTL logfile created on: 10/25/2014 9:07:23 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nanette\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
23.95 Gb Total Physical Memory | 19.88 Gb Available Physical Memory | 82.99% Memory free
27.83 Gb Paging File | 22.92 Gb Available in Paging File | 82.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 94.95 Gb Total Space | 28.09 Gb Free Space | 29.58% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 291.47 Gb Free Space | 62.58% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 427.45 Gb Free Space | 91.78% Space Free | Partition Type: NTFS
Drive F: | 121.98 Gb Total Space | 121.83 Gb Free Space | 99.88% Space Free | Partition Type: NTFS
Computer Name: STITCH | User Name: Nanette | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/10/25 09:07:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nanette\Downloads\OTL.exe
PRC - [2014/10/24 15:21:49 | 005,748,224 | ---- | M] () -- C:\Program Files (x86)\Search Extensions\Client.exe
PRC - [2014/10/22 02:27:10 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
PRC - [2014/09/22 15:47:32 | 000,741,408 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2014/09/16 21:15:08 | 002,460,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/09/16 21:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/09/13 15:12:58 | 000,411,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/09/12 04:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/06/27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/06/24 10:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014/06/24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/09/04 14:03:30 | 000,283,648 | ---- | M] () -- C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
PRC - [2013/08/19 20:35:26 | 000,055,368 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2013/08/16 17:29:08 | 000,183,408 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
PRC - [2013/07/23 12:54:34 | 000,602,936 | ---- | M] (ASUS) -- C:\Program Files\ASUS\P4G\InsOnWMI.exe
PRC - [2013/07/23 12:54:34 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files\ASUS\P4G\InsOnSrv.exe
PRC - [2013/06/13 15:04:12 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2013/05/30 17:17:48 | 000,205,624 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2013/05/29 20:11:48 | 000,303,928 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2013/05/21 12:50:34 | 000,406,328 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2013/05/15 17:39:12 | 000,463,872 | ---- | M] () -- C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
PRC - [2013/04/24 04:44:20 | 000,181,208 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2013/03/14 04:46:12 | 000,040,960 | ---- | M] () -- C:\Windows\SysWOW64\UMonit64.exe
PRC - [2013/03/08 18:18:34 | 000,095,192 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2013/01/15 19:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2012/09/18 15:51:54 | 001,124,032 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012/05/28 13:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2011/11/21 17:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (No Company Name) ==========
MOD - [2014/10/24 15:21:49 | 005,748,224 | ---- | M] () -- C:\Program Files (x86)\Search Extensions\Client.exe
MOD - [2014/10/24 13:02:02 | 005,467,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\49201f5658aca21352debffb85ff41df\System.Xml.ni.dll
MOD - [2014/10/24 12:54:48 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6b1a3043fa76fc0f83502099411d2a10\System.Windows.Forms.ni.dll
MOD - [2014/10/24 12:54:44 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\828956d62d94914af63efc7fb36d1120\System.Drawing.ni.dll
MOD - [2014/10/24 12:54:26 | 007,995,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4976746d2f27ea6b60301a84d6c3e4be\System.ni.dll
MOD - [2014/10/24 12:54:24 | 011,500,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\5bd3374f05d46ba0563f44d032209f08\mscorlib.ni.dll
MOD - [2014/10/24 12:54:19 | 007,785,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\43edd630a9f8cd6ac38c527b106ec94f\System.Xml.ni.dll
MOD - [2014/10/24 12:54:16 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\70c6bf4a51d18b4a9a1805cd48d1caad\System.Windows.Forms.ni.dll
MOD - [2014/10/24 12:54:00 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8efdc7a3726640f79d9333da88accaf8\System.Drawing.ni.dll
MOD - [2014/10/24 12:53:56 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\00fc7d14bbb38db00e4103912c041adf\System.Configuration.ni.dll
MOD - [2014/10/24 12:53:42 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\483443985708dc5439abe7fd6350abe4\System.Core.ni.dll
MOD - [2014/10/24 12:53:39 | 010,030,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\1c5fe4cb68f67046baec4c3a854f722f\System.ni.dll
MOD - [2014/09/24 02:24:28 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2014/05/26 23:39:19 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2014/05/13 12:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014/05/13 12:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014/05/13 12:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2013/09/04 14:03:30 | 000,283,648 | ---- | M] () -- C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
MOD - [2013/08/19 20:16:48 | 000,015,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
MOD - [2013/08/16 13:03:12 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
MOD - [2013/05/15 17:39:12 | 000,463,872 | ---- | M] () -- C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
MOD - [2013/03/14 04:46:12 | 000,040,960 | ---- | M] () -- C:\Windows\SysWOW64\UMonit64.exe
MOD - [2012/05/25 04:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/09/24 03:38:43 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/09/24 03:16:43 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/09/24 03:16:43 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/09/24 03:03:47 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/24 03:03:47 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/09/24 02:50:29 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/09/24 02:50:27 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/09/24 02:33:15 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/09/24 02:24:03 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/09/24 02:24:02 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/09/24 02:23:54 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/09/24 02:23:52 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/09/24 02:23:51 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/09/24 02:23:47 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/09/16 21:14:56 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2014/09/16 21:14:52 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/08/15 22:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/15 19:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/15 19:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 15:09:54 | 001,041,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2014/06/20 10:30:38 | 000,189,912 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014/06/20 10:23:12 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2014/06/12 16:10:46 | 000,603,424 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2014/04/25 18:34:42 | 000,178,528 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\mcafee\MSC\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2013/09/04 14:03:42 | 000,342,016 | ---- | M] (Qualcomm Atheros) [Auto | Running] -- C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe -- (Qualcomm Atheros Killer Service V2)
SRV:64bit: - [2013/08/22 06:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 06:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 06:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 06:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 06:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 05:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 05:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 04:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 04:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 04:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 04:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 04:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 04:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 04:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 04:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013/07/23 12:54:34 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\P4G\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2014/09/24 03:16:42 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/09/16 21:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/09/13 15:12:58 | 000,411,968 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/09/12 04:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/15 22:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 22:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 21:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/06/13 15:47:02 | 000,312,448 | ---- | M] (Windows ® Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/06/13 15:04:12 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2013/04/24 20:44:20 | 000,247,768 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2013/01/15 19:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2012/12/19 01:10:38 | 000,072,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe -- (Asus WebStorage Windows Service)
SRV - [2011/11/21 17:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/09/24 03:46:53 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/09/24 03:03:47 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/24 03:03:47 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/24 03:03:47 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/09/24 02:50:37 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/09/24 02:50:30 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/09/24 02:50:28 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/09/24 02:33:00 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/09/24 02:32:54 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/09/24 02:32:54 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/09/24 02:23:53 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/09/24 02:23:48 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/09/24 02:23:32 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/09/24 02:23:31 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/09/24 02:23:31 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2014/09/24 02:23:31 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/09/24 02:23:31 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/09/24 02:23:31 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/09/24 02:23:31 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/09/24 02:23:30 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/09/24 02:23:30 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/09/24 02:23:30 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/09/24 01:53:14 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/09/24 01:53:09 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2014/09/16 23:51:20 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/09/16 21:14:52 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/09/04 14:14:38 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/08/14 19:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 14:32:30 | 000,096,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2014/07/24 14:31:56 | 000,444,720 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2014/06/20 10:38:22 | 000,072,128 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2014/06/20 10:31:06 | 000,348,552 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014/06/20 10:26:02 | 000,786,296 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/06/20 10:23:40 | 000,523,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2014/06/20 10:21:48 | 000,313,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014/06/20 10:20:54 | 000,181,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014/06/20 10:09:34 | 000,070,600 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2014/04/28 06:33:30 | 000,599,240 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/09/23 13:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2013/08/22 08:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 08:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 07:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 07:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 07:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 07:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 07:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 07:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 07:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 07:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 07:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 07:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 07:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 07:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 07:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 07:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 07:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 07:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 07:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 07:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 07:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 07:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 07:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 07:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 07:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 07:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 07:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 07:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 07:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 06:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 06:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 06:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 06:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 06:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 06:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 06:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 06:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 06:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 06:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 06:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 06:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 06:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 06:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 06:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 06:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 06:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 06:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 06:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 06:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 06:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 06:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 06:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 03:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 18:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 19:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/08/08 21:31:50 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/08/06 04:29:56 | 000,019,256 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV:64bit: - [2013/07/30 13:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 14:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/23 12:54:34 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Program Files\ASUS\P4G\PLCTRL.sys -- (plctrl)
DRV:64bit: - [2013/06/23 23:05:26 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013/06/13 15:26:44 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/06/13 15:26:42 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/06/13 15:26:42 | 000,115,912 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/06/13 15:26:42 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/06/13 15:26:42 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/06/13 15:26:42 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/06/13 15:26:40 | 000,347,336 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/05/30 19:57:42 | 003,812,048 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akw8x64.sys -- (akw8x64)
DRV:64bit: - [2013/04/26 03:46:02 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2013/04/11 01:53:22 | 000,363,920 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013/02/13 18:11:24 | 000,075,056 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\bwcW8x64.sys -- (BfLwf)
DRV:64bit: - [2012/09/18 15:51:54 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2012/08/01 22:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2011/09/07 12:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/02 20:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearc...&cr=64052401=
IE:64bit: - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://www.bing.com/...R&pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...R&pc=ASU2JS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://xfinity.comcast.net/?cid=wn [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {9AA97128-9101-4195-A4FE-8CD6B7A36797}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...NewSP218A_sp_ie
IE - HKCU\..\SearchScopes\{020F3A18-4782-4AEF-9E8C-08846C9DE968}: "URL" = http://astromenda.co...r=1242180888=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearc...&cr=64052401=
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\..\SearchScopes\{9AA97128-9101-4195-A4FE-8CD6B7A36797}: "URL" = https://search.yahoo...&p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53945;https=127.0.0.1:53945
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: D:\Program Files (x86)\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: D:\Program Files (x86)\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2014/10/18 19:42:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2014/10/05 11:22:48 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.xfinity.com/
CHR - plugin: Error reading preferences file
CHR - Extension: SiteAdvisor = C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_1\
CHR - Extension: Cocktail Maker = C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiacbhfnlfebjddbeigkkajdpeichne\222\
CHR - Extension: HTTP Headers = C:\Users\Nanette\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhbpoeinkhpajikalhfpjjafpfgjnmgk\216\
O1 HOSTS File: ([2013/08/22 08:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [UMonit64] C:\Windows\SysWOW64\UMonit64.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S File not found
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [QuickTime Task] "E:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime File not found
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ROGNB] C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe ()
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\ASUSWSLoader.exe ()
O4 - HKCU..\Run: [EADM] D:\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk = C:\Users\Nanette\AppData\Local\StormWatch\StormWatch.exe (Weather Protector LLC)
O4 - Startup: C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk = C:\Users\Nanette\AppData\Local\StormWatch\StormWatchApp.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63F51D66-BE30-48A9-8AEC-D1A33B4C3B12}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/10/24 22:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/10/24 15:21:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ORBTR
[2014/10/24 15:21:46 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Local\Weather_Protector_LLC
[2014/10/24 15:21:46 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch
[2014/10/24 15:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\374311380
[2014/10/24 15:21:45 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\WSE_Astromenda
[2014/10/24 15:21:45 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Local\StormWatch
[2014/10/24 15:21:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Search Extensions
[2014/10/24 12:43:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2014/10/24 12:20:07 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/10/24 12:19:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/10/24 12:19:47 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/10/24 12:19:47 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/10/24 12:19:47 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/10/24 12:19:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/10/23 11:48:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/10/23 11:48:01 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe
[2014/10/23 11:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/10/23 11:47:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/10/23 11:34:21 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\AppData\Local\EmieUserList
[2014/10/23 11:34:21 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\AppData\Local\EmieSiteList
[2014/10/23 01:51:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2014/10/23 01:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/10/23 01:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/10/23 01:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/10/23 01:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/10/22 23:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Atheros
[2014/10/22 23:13:50 | 000,000,000 | ---D | C] -- C:\Users\Nanette\OneDrive
[2014/10/22 23:12:41 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\Identities
[2014/10/22 22:56:28 | 000,000,000 | --SD | C] -- C:\Users\Nanette\AppData\Roaming\Microsoft
[2014/10/22 22:56:28 | 000,000,000 | R--D | C] -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/10/22 22:56:28 | 000,000,000 | R--D | C] -- C:\Users\Nanette\Favorites
[2014/10/22 22:56:28 | 000,000,000 | R--D | C] -- C:\Users\Nanette\Documents
[2014/10/22 22:56:28 | 000,000,000 | R--D | C] -- C:\Users\Nanette\Desktop
[2014/10/22 22:56:28 | 000,000,000 | R--D | C] -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/10/22 22:56:28 | 000,000,000 | R--D | C] -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\AppData\Local\Temporary Internet Files
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Templates
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Start Menu
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\SendTo
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Recent
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\PrintHood
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\NetHood
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Documents\My Videos
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Documents\My Pictures
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Documents\My Music
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\My Documents
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Local Settings
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\AppData\Local\History
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Cookies
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\Application Data
[2014/10/22 22:56:28 | 000,000,000 | -HSD | C] -- C:\Users\Nanette\AppData\Local\Application Data
[2014/10/22 22:56:28 | 000,000,000 | -H-D | C] -- C:\Users\Nanette\AppData
[2014/10/22 22:56:28 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Local\Temp
[2014/10/22 22:56:28 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Local\Microsoft
[2014/10/22 22:56:28 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/10/22 22:52:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/10/22 22:52:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/10/22 22:52:10 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/10/22 22:52:05 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2014/10/22 22:51:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2014/10/22 22:51:57 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/10/22 22:51:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/10/22 22:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/10/22 22:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/10/22 22:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/10/22 22:42:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/10/22 22:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Interenet Optimizer
[2014/10/22 22:34:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\wEEbsaverr
[2014/10/22 14:32:14 | 000,000,000 | ---D | C] -- C:\ProgramData\wEEbsaverr
[2014/10/22 08:43:21 | 000,000,000 | ---D | C] -- C:\ProgramData\LizardSales
[2014/10/22 04:43:53 | 000,000,000 | ---D | C] -- C:\ProgramData\71b842e80ccd339
[2014/10/01 21:16:04 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Local\Astromenda
[2014/10/01 20:17:35 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\FileZilla
[2014/10/01 20:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2014/10/01 17:36:36 | 000,000,000 | ---D | C] -- C:\Users\Nanette\AppData\Roaming\OpenOffice
[2014/10/01 17:35:55 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
[2014/10/01 17:35:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice 4
[2014/10/01 16:33:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
========== Files - Modified Within 30 Days ==========
[2014/10/25 08:32:00 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cf8b979d615e98.job
[2014/10/25 08:23:50 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/10/24 15:21:47 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\WSE_Astromenda.job
[2014/10/24 15:21:46 | 000,001,120 | ---- | M] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
[2014/10/24 15:21:45 | 000,001,117 | ---- | M] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
[2014/10/24 15:19:19 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/10/24 15:18:39 | 000,000,075 | ---- | M] () -- C:\Users\Nanette\AppData\Roaming\sp_data.sys
[2014/10/24 15:17:08 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/10/24 15:17:07 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/24 13:25:14 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/10/24 13:25:14 | 000,731,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/10/24 13:25:14 | 000,135,726 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/10/24 13:17:57 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/10/24 13:17:49 | 3393,605,628 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/24 12:19:52 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/10/24 12:16:01 | 000,000,110 | ---- | M] () -- C:\Users\Nanette\AppData\Roaming\WB.CFG
[2014/10/23 11:48:06 | 000,001,397 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/10/22 23:09:23 | 000,026,673 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/10/22 23:09:23 | 000,026,673 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/10/22 23:06:35 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/10/22 23:00:46 | 000,362,544 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/10/22 22:52:04 | 000,001,316 | ---- | M] () -- C:\Users\Public\Desktop\AudioWizard.lnk
[2014/10/22 22:52:03 | 000,316,934 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\RTWAVES40.dat
[2014/10/22 22:52:03 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2014/10/22 22:51:52 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/10/22 20:02:01 | 000,001,860 | ---- | M] () -- C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
[2014/10/21 17:52:13 | 000,035,877 | ---- | M] () -- C:\Users\Nanette\Desktop\6b993cfd-3f0d-47cb-a5cc-aac190e2ef85.jpg
[2014/10/21 17:50:32 | 000,026,829 | ---- | M] () -- C:\Users\Nanette\Desktop\402850_399438636789150_1364588454_n.jpg
[2014/10/21 16:04:06 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\The Sims 4.lnk
[2014/10/20 10:01:20 | 000,022,214 | ---- | M] () -- C:\Users\Nanette\Desktop\BenefitVerificationLetter.do
[2014/10/20 08:27:22 | 000,104,920 | ---- | M] () -- C:\Users\Nanette\Desktop\$_57 (3).JPG
[2014/10/20 08:27:16 | 000,612,888 | ---- | M] () -- C:\Users\Nanette\Desktop\$_57 (2).JPG
[2014/10/17 13:20:30 | 000,185,511 | ---- | M] () -- C:\Users\Nanette\Desktop\Divorce-Questionnaire-fill-in-blank (1).pdf
[2014/10/17 13:15:33 | 000,185,511 | ---- | M] () -- C:\Users\Nanette\Desktop\Divorce-Questionnaire-fill-in-blank.pdf
[2014/10/01 20:16:12 | 000,000,270 | ---- | M] () -- C:\Users\Nanette\Desktop\Cut the Rope.url
[2014/10/01 17:35:55 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
[2014/10/01 11:11:30 | 000,064,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/10/01 11:11:16 | 000,093,400 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/10/01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/09/28 00:57:02 | 000,000,872 | ---- | M] () -- C:\Users\Public\Desktop\Titanfall.lnk
[2014/09/28 00:56:46 | 000,001,288 | ---- | M] () -- C:\Users\Public\Desktop\WebStorage.lnk
========== Files Created - No Company Name ==========
[2014/10/24 15:21:47 | 000,000,314 | ---- | C] () -- C:\WINDOWS\tasks\WSE_Astromenda.job
[2014/10/24 15:21:46 | 000,001,120 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
[2014/10/24 15:21:45 | 000,001,117 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
[2014/10/24 12:42:04 | 000,388,729 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/10/24 12:41:22 | 000,050,745 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2014/10/24 12:19:52 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/10/23 11:48:06 | 000,001,409 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/10/23 11:48:06 | 000,001,397 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/10/22 23:12:42 | 000,001,448 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/10/22 23:06:35 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/10/22 22:59:58 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/10/22 22:56:28 | 000,000,369 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/10/22 22:56:28 | 000,000,369 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/10/22 22:56:28 | 000,000,352 | ---- | C] () -- C:\Users\Nanette\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/10/22 22:56:28 | 000,000,334 | ---- | C] () -- C:\Users\Nanette\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/10/22 22:54:30 | 000,026,673 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/10/22 22:54:30 | 000,026,673 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2014/10/22 22:52:23 | 003,961,833 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2014/10/22 22:52:04 | 000,001,328 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
[2014/10/22 22:52:04 | 000,001,316 | ---- | C] () -- C:\Users\Public\Desktop\AudioWizard.lnk
[2014/10/22 22:52:03 | 000,316,934 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTWAVES40.dat
[2014/10/22 22:52:03 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/10/22 22:51:52 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/10/21 17:52:13 | 000,035,877 | ---- | C] () -- C:\Users\Nanette\Desktop\6b993cfd-3f0d-47cb-a5cc-aac190e2ef85.jpg
[2014/10/21 17:50:32 | 000,026,829 | ---- | C] () -- C:\Users\Nanette\Desktop\402850_399438636789150_1364588454_n.jpg
[2014/10/20 10:01:20 | 000,022,214 | ---- | C] () -- C:\Users\Nanette\Desktop\BenefitVerificationLetter.do
[2014/10/20 08:27:22 | 000,104,920 | ---- | C] () -- C:\Users\Nanette\Desktop\$_57 (3).JPG
[2014/10/20 08:27:16 | 000,612,888 | ---- | C] () -- C:\Users\Nanette\Desktop\$_57 (2).JPG
[2014/10/17 13:20:30 | 000,185,511 | ---- | C] () -- C:\Users\Nanette\Desktop\Divorce-Questionnaire-fill-in-blank (1).pdf
[2014/10/17 13:15:32 | 000,185,511 | ---- | C] () -- C:\Users\Nanette\Desktop\Divorce-Questionnaire-fill-in-blank.pdf
[2014/10/01 20:16:12 | 000,000,270 | ---- | C] () -- C:\Users\Nanette\Desktop\Cut the Rope.url
[2014/10/01 17:35:55 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
[2014/10/01 16:32:05 | 000,026,956 | ---- | C] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2014/09/25 14:07:45 | 000,010,450 | ---- | C] () -- C:\WINDOWS\SysNative\autoconfig.cab
[2014/09/24 02:24:06 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/09/24 02:23:34 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/05/08 11:40:54 | 000,000,110 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\WB.CFG
[2014/03/12 09:57:45 | 000,000,110 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014/03/11 17:31:46 | 000,000,075 | ---- | C] () -- C:\Users\Nanette\AppData\Roaming\sp_data.sys
[2013/11/13 18:35:33 | 000,172,097 | ---- | C] () -- C:\WINDOWS\SysWow64\NoMSGuninstall.exe
[2013/11/13 18:35:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\SysWow64\UMonit64.exe
[2013/11/13 18:35:33 | 000,001,519 | ---- | C] () -- C:\WINDOWS\SysWow64\_IconCfg0.ini
[2013/11/13 18:35:33 | 000,000,911 | ---- | C] () -- C:\WINDOWS\SysWow64\ProductName.ini
[2013/11/13 18:35:33 | 000,000,213 | ---- | C] () -- C:\WINDOWS\SysWow64\IconCfg0.ini
[2013/08/22 10:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 10:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 09:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 02:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 18:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/05/11 20:17:52 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2013/05/01 04:34:24 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2013/05/01 04:34:24 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2013/05/01 04:34:24 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS
========== ZeroAccess Check ==========
[2014/10/23 11:59:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/15 23:08:41 | 021,195,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/15 22:16:40 | 018,722,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 04:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 04:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/03/11 17:33:20 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\ASUS
[2014/03/11 17:33:19 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\ASUS WebStorage
[2014/09/14 01:37:59 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\Awesomium
[2014/03/14 02:05:02 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\Battle.net
[2014/04/23 02:36:29 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\CompuClever
[2014/10/01 22:29:40 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\FileZilla
[2014/09/09 15:47:09 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\MMFApplications
[2014/10/01 17:36:36 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\OpenOffice
[2014/03/15 02:10:58 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\Origin
[2014/10/24 15:21:46 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\UpdaterEX
[2014/09/21 15:21:16 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\Virtual Mechanics
[2014/04/04 20:03:02 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\WebStorage
[2014/05/08 10:50:48 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\Windows
[2014/10/24 15:21:48 | 000,000,000 | ---D | M] -- C:\Users\Nanette\AppData\Roaming\WSE_Astromenda
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 237 bytes -> C:\Users\Nanette\OneDrive:ms-properties
< End of report >