API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 7th, 2014
335
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 71.62 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 3/7/2014 7:25:38 PM - Run 2
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jesse\Desktop
  3. 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.10.9200.16736)
  5. Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
  6.  
  7. 7.86 Gb Total Physical Memory | 5.68 Gb Available Physical Memory | 72.27% Memory free
  8. 15.73 Gb Paging File | 13.26 Gb Available in Paging File | 84.35% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 420.56 Gb Total Space | 138.10 Gb Free Space | 32.84% Space Free | Partition Type: NTFS
  13. Drive D: | 25.47 Gb Total Space | 21.56 Gb Free Space | 84.67% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: JESSE-PC | User Name: Jesse | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
  17. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Processes (SafeList) ==========[/color]
  20.  
  21. PRC - [2014/03/07 16:41:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jesse\Desktop\OTL.exe
  22. PRC - [2014/02/13 14:29:16 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
  23. PRC - [2014/02/08 15:53:13 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
  24. PRC - [2013/12/31 14:13:45 | 004,739,392 | ---- | M] (Evernote) -- C:\Program Files (x86)\Evernote\Skitch\Skitch.exe
  25. PRC - [2013/12/18 14:51:44 | 001,103,712 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Users\Jesse\AppData\Local\Apps\Evernote\EvernoteClipper.exe
  26. PRC - [2013/11/30 18:33:49 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
  27. PRC - [2013/11/30 18:33:49 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  28. PRC - [2013/11/29 11:57:02 | 002,273,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
  29. PRC - [2013/11/29 11:56:51 | 001,370,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
  30. PRC - [2013/10/23 17:39:14 | 001,017,224 | ---- | M] (Flux Software LLC) -- C:\Users\Jesse\AppData\Local\FluxSoftware\Flux\flux.exe
  31. PRC - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Updater\Updater.exe
  32. PRC - [2013/10/17 20:35:01 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
  33. PRC - [2013/09/22 10:27:44 | 000,119,000 | ---- | M] () -- C:\Program Files (x86)\WizMouse\WizMouse.exe
  34. PRC - [2013/08/16 16:38:08 | 003,161,088 | ---- | M] (Corsair Components Inc) -- C:\Program Files (x86)\Corsair\Corsair Headset Software\HeadsetControlPanel.exe
  35. PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
  36. PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
  37. PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
  38. PRC - [2012/09/11 09:02:38 | 002,377,840 | ---- | M] (ROCCAT) -- C:\Program Files (x86)\ROCCAT\Lua Mouse\Lua Config.exe
  39. PRC - [2012/04/24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
  40. PRC - [2012/04/16 02:16:54 | 000,164,184 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
  41. PRC - [2012/02/27 06:01:58 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
  42. PRC - [2012/02/20 18:08:36 | 000,066,608 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Lenovo Smart Update\LenovoSmartConnectService.exe
  43. PRC - [2012/02/16 20:35:18 | 001,876,992 | ---- | M] (LENOVO) -- C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe
  44. PRC - [2012/02/06 15:55:04 | 000,066,096 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\BootShield\BootShieldSupport.exe
  45. PRC - [2012/02/05 13:49:04 | 000,193,536 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\irstrtsv.exe
  46. PRC - [2011/12/08 13:12:40 | 000,291,272 | ---- | M] () -- C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
  47. PRC - [2011/01/28 22:29:36 | 000,136,488 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
  48. PRC - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
  49.  
  50.  
  51. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  52.  
  53. MOD - [2014/02/27 17:36:35 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
  54. MOD - [2014/02/26 14:33:20 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
  55. MOD - [2014/02/26 14:33:11 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
  56. MOD - [2014/02/26 14:33:08 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
  57. MOD - [2014/02/26 14:33:00 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
  58. MOD - [2014/02/26 14:32:57 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
  59. MOD - [2014/02/26 14:32:51 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
  60. MOD - [2014/02/26 14:32:51 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
  61. MOD - [2014/02/26 14:32:48 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
  62. MOD - [2014/02/26 14:32:46 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
  63. MOD - [2014/02/26 14:32:44 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
  64. MOD - [2014/02/26 14:32:43 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
  65. MOD - [2014/02/26 14:32:37 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
  66. MOD - [2014/02/08 13:34:51 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
  67. MOD - [2013/12/30 11:44:13 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Evernote\Skitch\libgcc_s_dw2-1.dll
  68. MOD - [2013/12/30 11:44:13 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\Evernote\Skitch\mingwm10.dll
  69. MOD - [2013/11/30 18:33:49 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
  70. MOD - [2013/11/25 10:00:22 | 000,433,664 | ---- | M] () -- C:\Users\Jesse\AppData\Local\Apps\Evernote\libxml2.dll
  71. MOD - [2013/11/25 10:00:10 | 000,315,392 | ---- | M] () -- C:\Users\Jesse\AppData\Local\Apps\Evernote\libtidy.dll
  72. MOD - [2013/09/22 10:27:44 | 000,119,000 | ---- | M] () -- C:\Program Files (x86)\WizMouse\WizMouse.exe
  73. MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
  74. MOD - [2011/12/08 13:12:40 | 000,291,272 | ---- | M] () -- C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
  75. MOD - [2011/06/28 01:28:38 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\QTKB.dll
  76. MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
  77.  
  78.  
  79. [color=#E56717]========== Services (SafeList) ==========[/color]
  80.  
  81. SRV:[b]64bit:[/b] - [2013/11/30 18:33:49 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
  82. SRV:[b]64bit:[/b] - [2013/11/29 11:56:40 | 015,128,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
  83. SRV:[b]64bit:[/b] - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  84. SRV:[b]64bit:[/b] - [2013/04/18 17:15:18 | 003,388,144 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
  85. SRV:[b]64bit:[/b] - [2013/04/18 17:14:58 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
  86. SRV:[b]64bit:[/b] - [2013/04/18 17:14:46 | 000,621,296 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
  87. SRV:[b]64bit:[/b] - [2013/04/18 17:14:20 | 000,149,744 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
  88. SRV:[b]64bit:[/b] - [2013/04/11 01:12:50 | 000,772,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
  89. SRV:[b]64bit:[/b] - [2012/09/12 17:07:06 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
  90. SRV:[b]64bit:[/b] - [2012/07/30 16:13:04 | 008,515,544 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
  91. SRV:[b]64bit:[/b] - [2012/03/07 04:00:46 | 000,629,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
  92. SRV:[b]64bit:[/b] - [2012/02/06 15:55:34 | 000,123,952 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Windows\SysNative\BootShieldSvc.exe -- (BootShieldSvc)
  93. SRV:[b]64bit:[/b] - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
  94. SRV - [2014/02/25 16:57:46 | 000,568,512 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
  95. SRV - [2014/02/24 14:53:48 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  96. SRV - [2014/02/13 14:29:16 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
  97. SRV - [2014/02/08 15:53:13 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
  98. SRV - [2013/11/29 11:56:51 | 001,370,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
  99. SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  100. SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  101. SRV - [2013/06/23 10:19:46 | 012,867,584 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe -- (wampmysqld)
  102. SRV - [2013/06/23 10:09:48 | 000,024,576 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\wamp\bin\apache\Apache2.4.4\bin\httpd.exe -- (wampapache)
  103. SRV - [2013/06/05 16:47:52 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
  104. SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
  105. SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
  106. SRV - [2013/03/01 20:13:27 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
  107. SRV - [2012/04/24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
  108. SRV - [2012/04/16 02:17:10 | 000,362,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
  109. SRV - [2012/04/16 02:17:06 | 000,276,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
  110. SRV - [2012/04/16 02:17:02 | 000,127,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
  111. SRV - [2012/04/16 02:16:54 | 000,164,184 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
  112. SRV - [2012/02/20 18:08:36 | 000,066,608 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Lenovo Smart Update\LenovoSmartConnectService.exe -- (LenovoSmartConnectService)
  113. SRV - [2012/02/05 13:49:04 | 000,193,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysWOW64\irstrtsv.exe -- (irstrtsv)
  114. SRV - [2012/02/01 18:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
  115. SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  116. SRV - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
  117.  
  118.  
  119. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  120.  
  121. DRV:[b]64bit:[/b] - [2014/02/08 13:34:51 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
  122. DRV:[b]64bit:[/b] - [2013/11/30 18:33:50 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
  123. DRV:[b]64bit:[/b] - [2013/11/30 18:33:50 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
  124. DRV:[b]64bit:[/b] - [2013/11/30 18:33:50 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
  125. DRV:[b]64bit:[/b] - [2013/11/30 18:33:50 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
  126. DRV:[b]64bit:[/b] - [2013/11/30 18:33:50 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
  127. DRV:[b]64bit:[/b] - [2013/11/30 18:33:50 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
  128. DRV:[b]64bit:[/b] - [2013/11/30 18:33:50 | 000,065,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
  129. DRV:[b]64bit:[/b] - [2013/11/30 18:33:50 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
  130. DRV:[b]64bit:[/b] - [2013/10/30 12:03:12 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
  131. DRV:[b]64bit:[/b] - [2013/07/30 22:44:00 | 000,101,376 | ---- | M] (Corsair) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\corsveng2kamd64.sys -- (CorsairAudioFilter)
  132. DRV:[b]64bit:[/b] - [2013/05/13 14:36:06 | 000,050,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
  133. DRV:[b]64bit:[/b] - [2013/05/07 16:25:24 | 000,442,368 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
  134. DRV:[b]64bit:[/b] - [2013/05/07 16:22:42 | 004,431,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
  135. DRV:[b]64bit:[/b] - [2013/04/18 06:31:40 | 011,524,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwsw00.sys -- (NETwNs64)
  136. DRV:[b]64bit:[/b] - [2013/04/12 10:41:28 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
  137. DRV:[b]64bit:[/b] - [2013/04/11 01:13:08 | 000,164,832 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
  138. DRV:[b]64bit:[/b] - [2013/04/11 01:13:08 | 000,164,832 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
  139. DRV:[b]64bit:[/b] - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
  140. DRV:[b]64bit:[/b] - [2013/03/01 20:06:04 | 000,052,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
  141. DRV:[b]64bit:[/b] - [2013/02/22 02:17:04 | 000,188,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
  142. DRV:[b]64bit:[/b] - [2013/02/22 02:17:04 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
  143. DRV:[b]64bit:[/b] - [2013/02/22 02:17:04 | 000,158,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
  144. DRV:[b]64bit:[/b] - [2013/02/22 02:17:04 | 000,021,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
  145. DRV:[b]64bit:[/b] - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
  146. DRV:[b]64bit:[/b] - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  147. DRV:[b]64bit:[/b] - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  148. DRV:[b]64bit:[/b] - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  149. DRV:[b]64bit:[/b] - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
  150. DRV:[b]64bit:[/b] - [2012/07/30 20:18:28 | 000,017,408 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_6.3.40660.0.sys -- (DisplayLinkUsbPort)
  151. DRV:[b]64bit:[/b] - [2012/07/30 16:13:23 | 000,318,840 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
  152. DRV:[b]64bit:[/b] - [2012/07/30 16:13:23 | 000,015,224 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
  153. DRV:[b]64bit:[/b] - [2012/07/26 19:23:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
  154. DRV:[b]64bit:[/b] - [2012/07/26 19:23:34 | 000,030,816 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
  155. DRV:[b]64bit:[/b] - [2012/07/26 18:32:31 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  156. DRV:[b]64bit:[/b] - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
  157. DRV:[b]64bit:[/b] - [2012/04/16 19:18:18 | 000,031,536 | ---- | M] (Lenovo Corporation") [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BootShield.sys -- (BootShield)
  158. DRV:[b]64bit:[/b] - [2012/02/27 06:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
  159. DRV:[b]64bit:[/b] - [2012/02/27 06:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
  160. DRV:[b]64bit:[/b] - [2012/02/27 06:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
  161. DRV:[b]64bit:[/b] - [2012/02/16 11:28:38 | 000,061,744 | ---- | M] (Lenovo Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BootShieldfltr.sys -- (BootShieldfltr)
  162. DRV:[b]64bit:[/b] - [2012/02/11 06:59:34 | 000,334,936 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0200.sys -- (RsFx0200)
  163. DRV:[b]64bit:[/b] - [2012/02/06 08:51:38 | 008,217,704 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
  164. DRV:[b]64bit:[/b] - [2012/02/06 05:49:04 | 000,026,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\irstrtdv.sys -- (irstrtdv)
  165. DRV:[b]64bit:[/b] - [2012/02/01 03:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
  166. DRV:[b]64bit:[/b] - [2012/01/27 12:00:28 | 000,109,056 | ---- | M] (Ozmo Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hswpan.sys -- (hswpan)
  167. DRV:[b]64bit:[/b] - [2012/01/26 20:37:24 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
  168. DRV:[b]64bit:[/b] - [2012/01/26 20:37:24 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
  169. DRV:[b]64bit:[/b] - [2012/01/13 02:03:36 | 000,008,192 | ---- | M] (TODO: <Company name>) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LAD.sys -- (LAD)
  170. DRV:[b]64bit:[/b] - [2011/12/05 03:05:26 | 001,600,128 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
  171. DRV:[b]64bit:[/b] - [2011/11/17 16:08:16 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys -- (WsAudioDevice_383S(1)
  172. DRV:[b]64bit:[/b] - [2011/11/10 07:40:26 | 000,401,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
  173. DRV:[b]64bit:[/b] - [2011/10/10 02:56:15 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  174. DRV:[b]64bit:[/b] - [2011/10/10 02:56:15 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  175. DRV:[b]64bit:[/b] - [2011/08/23 08:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
  176. DRV:[b]64bit:[/b] - [2011/08/11 12:46:46 | 000,694,376 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
  177. DRV:[b]64bit:[/b] - [2011/01/28 22:29:58 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
  178. DRV:[b]64bit:[/b] - [2011/01/10 02:42:06 | 000,045,704 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60)
  179. DRV:[b]64bit:[/b] - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  180. DRV:[b]64bit:[/b] - [2010/09/23 02:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
  181. DRV:[b]64bit:[/b] - [2009/07/21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
  182. DRV:[b]64bit:[/b] - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  183. DRV:[b]64bit:[/b] - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  184. DRV:[b]64bit:[/b] - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  185. DRV:[b]64bit:[/b] - [2009/07/13 18:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
  186. DRV:[b]64bit:[/b] - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  187. DRV:[b]64bit:[/b] - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  188. DRV:[b]64bit:[/b] - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  189. DRV:[b]64bit:[/b] - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  190. DRV - [2011/01/10 02:42:06 | 000,045,704 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60)
  191. DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  192.  
  193.  
  194. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  195.  
  196.  
  197. [color=#E56717]========== Internet Explorer ==========[/color]
  198.  
  199. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  200. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  201. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  202. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  203. IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  204. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  205. IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  206.  
  207. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  208. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
  209. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
  210. IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
  211. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
  212. IE - HKCU\..\SearchScopes\{0795A977-4854-423D-BA80-1ECE7C0F5BB7}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=983D9A99-89EA-456B-8AC5-8D32CA7FDB12&apn_sauid=B86C8DA4-E6EA-46D7-A793-52BD29C183A8
  213. IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_enUS506
  214. IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = Playbryte-fa-ptn/search/redirect/?type=default&user_id=1af2846f-eb99-4c3c-aa16-89825f6d0c07&query={searchTerms}
  215. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  216. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
  217. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 10.21.0.34:8080
  218.  
  219. [color=#E56717]========== FireFox ==========[/color]
  220.  
  221. FF - prefs.js..browser.search.defaultengine: "Google"
  222. FF - prefs.js..browser.search.selectedEngine: "Web Search"
  223. FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
  224. FF - prefs.js..extensions.enabledAddons: %7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.2.5
  225. FF - prefs.js..extensions.enabledAddons: firequery%40binaryage.com:1.4.1
  226. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
  227.  
  228.  
  229. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll File not found
  230. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  231. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
  232. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  233. FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
  234. FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
  235. FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
  236. FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
  237. FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
  238. FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
  239. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
  240. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
  241. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  242. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  243. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  244. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
  245. FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  246. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  247. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  248. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  249. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
  250. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
  251. FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Jesse\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
  252. FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Jesse\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
  253. FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Jesse\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
  254. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jesse\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
  255. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jesse\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
  256. FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jesse\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
  257. FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
  258.  
  259. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
  260. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/12/20 15:36:39 | 000,000,000 | ---D | M]
  261. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  262. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  263.  
  264. [2012/10/05 15:01:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jesse\AppData\Roaming\Mozilla\Extensions
  265. [2014/02/24 14:55:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jesse\AppData\Roaming\Mozilla\Firefox\Profiles\eb6e1ck8.default\extensions
  266. [2014/02/24 14:54:15 | 002,197,828 | ---- | M] () (No name found) -- C:\Users\Jesse\AppData\Roaming\Mozilla\Firefox\Profiles\eb6e1ck8.default\extensions\firebug@software.joehewitt.com.xpi
  267. [2014/02/24 14:55:13 | 000,116,414 | ---- | M] () (No name found) -- C:\Users\Jesse\AppData\Roaming\Mozilla\Firefox\Profiles\eb6e1ck8.default\extensions\firequery@binaryage.com.xpi
  268. [2014/02/24 14:55:13 | 001,360,435 | ---- | M] () (No name found) -- C:\Users\Jesse\AppData\Roaming\Mozilla\Firefox\Profiles\eb6e1ck8.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
  269. [2013/03/19 12:16:22 | 000,002,308 | ---- | M] () -- C:\Users\Jesse\AppData\Roaming\Mozilla\Firefox\Profiles\eb6e1ck8.default\searchplugins\askcom.xml
  270. [2013/08/09 15:26:32 | 000,006,547 | ---- | M] () -- C:\Users\Jesse\AppData\Roaming\Mozilla\Firefox\Profiles\eb6e1ck8.default\searchplugins\babylon.xml
  271. [2013/02/02 13:04:13 | 000,001,300 | ---- | M] () -- C:\Users\Jesse\AppData\Roaming\Mozilla\Firefox\Profiles\eb6e1ck8.default\searchplugins\claro.xml
  272. [2014/02/24 14:53:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
  273. [2014/02/24 14:53:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  274.  
  275. [color=#E56717]========== Chrome ==========[/color]
  276.  
  277. CHR - default_search_provider: Google (Enabled)
  278. CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
  279. CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
  280. CHR - homepage: chrome://apps/
  281. CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll
  282. CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
  283. CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
  284. CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
  285. CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
  286. CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
  287. CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
  288. CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
  289. CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
  290. CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
  291. CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
  292. CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
  293. CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
  294. CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
  295. CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
  296. CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
  297. CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
  298. CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
  299. CHR - plugin: Java Deployment Toolkit 7.0.450.18 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
  300. CHR - plugin: Java(TM) Platform SE 7 U45 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
  301. CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
  302. CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
  303. CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
  304. CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
  305. CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
  306. CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
  307. CHR - plugin: Unity Player (Enabled) = C:\Users\Jesse\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
  308. CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
  309. CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
  310. CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
  311. CHR - Extension: Google Drive = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
  312. CHR - Extension: YouTube Center = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcegdpionpopahcglnfiiioapcclamdj\2.1.0_0\
  313. CHR - Extension: Session Buddy = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko\3.2.7_0\
  314. CHR - Extension: Free Rider 3 = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\efgciaombdjbpmepfcndmfidlklafhcc\3.83_0\
  315. CHR - Extension: YouTube Center = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabnjlibfmlilpljjkkbkebfaopgpjmk\1.0.1_0\
  316. CHR - Extension: Facebook\u2122 Chat Privacy = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfpgaanechfneiboempkfjghninbibjn\0.0.15_0\
  317. CHR - Extension: The Camelizer - Amazon Price Tracker = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo\2.4.2_0\
  318. CHR - Extension: AdBlock = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
  319. CHR - Extension: LastPass: Free Password Manager = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.1.1_0\
  320. CHR - Extension: Windows Media Player Extension for HTML5 = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\
  321. CHR - Extension: Zinc Save = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilhdgckadlnbjppaaeinaekjcoanhbce\0.1.3_0\
  322. CHR - Extension: Reddit Enhancement Suite = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.1.2_0\
  323. CHR - Extension: The Great Suspender = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg\4.74_0\
  324. CHR - Extension: Spelunky HTML5 = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhagnkphcmpkmabhocgimoncfaihkpof\2_0\
  325. CHR - Extension: Google Wallet = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
  326. CHR - Extension: Recently Closed Tabs = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\opefiliglgllmponlmoajkfbcaigocfc\1.3.0.2_0\
  327. CHR - Extension: Click&Clean App = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.5_0\
  328. CHR - Extension: Evernote Web Clipper = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.1_0\
  329. CHR - Extension: Canvas Rider = C:\Users\Jesse\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.71_0\
  330.  
  331. O1 HOSTS File: ([2014/03/07 17:43:38 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
  332. O1 - Hosts: 127.0.0.1 localhost
  333. O1 - Hosts: ::1 localhost
  334. O2:[b]64bit:[/b] - BHO: (UTubeNoAds) - {1B734709-D7D9-AB6E-A41A-01D1C9472391} - C:\ProgramData\UTubeNoAds\FAP8wPB.x64.dll File not found
  335. O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
  336. O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
  337. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
  338. O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
  339. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  340. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
  341. O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
  342. O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
  343. O4:[b]64bit:[/b] - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.)
  344. O4:[b]64bit:[/b] - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
  345. O4:[b]64bit:[/b] - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
  346. O4:[b]64bit:[/b] - HKLM..\Run: [ForteConfig] C:\Program Files\CONEXANT\ForteConfig\fmapp.exe ()
  347. O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
  348. O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
  349. O4:[b]64bit:[/b] - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
  350. O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
  351. O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
  352. O4:[b]64bit:[/b] - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
  353. O4:[b]64bit:[/b] - HKLM..\Run: [SynLenovoGestureMgr] C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics)
  354. O4:[b]64bit:[/b] - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
  355. O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
  356. O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
  357. O4 - HKLM..\Run: [CAPOSD] C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe (LENOVO)
  358. O4 - HKLM..\Run: [Corsair Headset Software] C:\Program Files (x86)\Corsair\Corsair Headset Software\HeadsetControlPanel.exe (Corsair Components Inc)
  359. O4 - HKLM..\Run: [Intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe ()
  360. O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
  361. O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
  362. O4 - HKLM..\Run: [YouCam Mirage] c:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
  363. O4 - HKCU..\Run: [f.lux] C:\Users\Jesse\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
  364. O4 - HKCU..\Run: [Skitch] C:\Program Files (x86)\Evernote\Skitch\Skitch.exe (Evernote)
  365. O4 - HKCU..\Run: [WizMouse] C:\Program Files (x86)\WizMouse\WizMouse.exe ()
  366. O4 - Startup: C:\Users\Jesse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Users\Jesse\AppData\Local\Apps\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
  367. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
  368. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  369. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
  370. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
  371. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  372. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
  373. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  374. O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  375. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
  376. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
  377. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Google Search
  378. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://www.google.com/search?q=%w
  379. O8:[b]64bit:[/b] - Extra context menu item: Clip Image - C:\Users\Jesse\AppData\Local\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
  380. O8:[b]64bit:[/b] - Extra context menu item: Clip selection - C:\Users\Jesse\AppData\Local\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
  381. O8:[b]64bit:[/b] - Extra context menu item: Clip this page - C:\Users\Jesse\AppData\Local\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
  382. O8:[b]64bit:[/b] - Extra context menu item: Clip URL - C:\Users\Jesse\AppData\Local\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
  383. O8:[b]64bit:[/b] - Extra context menu item: New Note - C:\Users\Jesse\AppData\Local\Apps\Evernote\\EvernoteIERes\NewNote.html ()
  384. O8 - Extra context menu item: Clip Image - C:\Users\Jesse\AppData\Local\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
  385. O8 - Extra context menu item: Clip selection - C:\Users\Jesse\AppData\Local\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
  386. O8 - Extra context menu item: Clip this page - C:\Users\Jesse\AppData\Local\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
  387. O8 - Extra context menu item: Clip URL - C:\Users\Jesse\AppData\Local\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
  388. O8 - Extra context menu item: New Note - C:\Users\Jesse\AppData\Local\Apps\Evernote\\EvernoteIERes\NewNote.html ()
  389. O9:[b]64bit:[/b] - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
  390. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
  391. O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
  392. O13 - gopher Prefix: missing
  393. O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
  394. O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
  395. O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
  396. O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
  397. O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Reg Error: Key error.)
  398. O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 1.7.0_45)
  399. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
  400. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F7F7D31-A85F-4C33-A15F-3CE95C3A7C1C}: DhcpNameServer = 8.8.8.8 8.8.4.4
  401. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7172CB2D-B7D9-427E-A89B-A36AF35A6014}: DhcpNameServer = 75.75.75.75 75.75.76.76
  402. O18:[b]64bit:[/b] - Protocol\Handler\linkscanner - No CLSID value found
  403. O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
  404. O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
  405. O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
  406. O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
  407. O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
  408. O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
  409. O18 - Protocol\Handler\linkscanner - No CLSID value found
  410. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  411. O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
  412. O20 - AppInit_DLLs: (c:\Windows\SysWOW64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
  413. O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
  414. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe ()
  415. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  416. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  417. O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
  418. O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
  419. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  420. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  421. O32 - HKLM CDRom: AutoRun - 1
  422. O34 - HKLM BootExecute: (autocheck autochk *)
  423. O34 - HKLM BootExecute: (/sync /restart)
  424. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  425. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  426. O35 - HKLM\..comfile [open] -- "%1" %*
  427. O35 - HKLM\..exefile [open] -- "%1" %*
  428. O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
  429. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  430. O37 - HKLM\...com [@ = ComFile] -- "%1" %*
  431. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  432. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  433. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  434. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  435.  
  436. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  437.  
  438. [2014/03/07 17:43:24 | 000,000,000 | ---D | C] -- C:\_OTL
  439. [2014/03/07 16:41:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jesse\Desktop\OTL.exe
  440. [2014/03/07 15:39:22 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
  441. [2014/03/07 14:47:55 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
  442. [2014/03/07 14:47:55 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
  443. [2014/03/07 14:47:55 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
  444. [2014/03/07 14:47:02 | 000,000,000 | ---D | C] -- C:\Qoobox
  445. [2014/03/07 14:46:38 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
  446. [2014/02/26 17:16:01 | 000,000,000 | ---D | C] -- C:\Users\Jesse\AppData\Roaming\Sublime Text 3
  447. [2014/02/26 17:16:01 | 000,000,000 | ---D | C] -- C:\Users\Jesse\AppData\Local\Sublime Text 3
  448. [2014/02/26 17:15:48 | 000,000,000 | ---D | C] -- C:\Program Files\Sublime Text 3
  449. [2014/02/26 14:31:31 | 000,000,000 | ---D | C] -- C:\Config.Msi
  450. [2014/02/25 16:20:34 | 000,000,000 | ---D | C] -- C:\Windows\Migration
  451. [2014/02/24 17:52:45 | 000,000,000 | ---D | C] -- C:\Users\Jesse\Aptana Rubles
  452. [2014/02/24 17:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aptana
  453. [2014/02/24 14:53:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
  454. [2014/02/19 10:24:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
  455. [2014/02/19 10:24:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
  456. [2014/02/19 10:24:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
  457. [2014/02/18 15:21:08 | 000,000,000 | ---D | C] -- C:\Users\Jesse\.gradle
  458. [2014/02/18 08:55:36 | 000,000,000 | ---D | C] -- C:\Users\Jesse\.idlerc
  459. [2014/02/18 08:55:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
  460. [2014/02/13 22:15:28 | 000,000,000 | ---D | C] -- C:\Users\Jesse\AppData\Local\Packages
  461. [2014/02/13 14:20:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
  462. [2014/02/12 23:58:09 | 000,000,000 | ---D | C] -- C:\Users\Jesse\AppData\Roaming\steamvr
  463. [2014/02/12 23:37:19 | 000,000,000 | ---D | C] -- C:\Users\Jesse\AppData\Roaming\dvdcss
  464. [2014/02/09 09:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitFilm 2 Express
  465. [2014/02/09 09:25:04 | 000,000,000 | ---D | C] -- C:\Program Files\FXhome
  466. [2014/02/06 22:13:19 | 000,000,000 | ---D | C] -- C:\Users\Jesse\Documents\Rainmeter
  467. [2014/02/06 19:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\SetApp
  468. [2014/02/06 19:44:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GS Supporter
  469. [2014/02/06 19:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
  470. [2014/02/05 22:02:24 | 000,000,000 | -HSD | C] -- C:\Users\Jesse\AppData\Roaming\Common
  471. [2014/02/05 22:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Binary Fortress Software
  472. [2014/02/05 22:01:04 | 000,000,000 | ---D | C] -- C:\Users\Jesse\Documents\DisplayFusion Backups
  473. [2014/02/05 21:58:12 | 000,000,000 | ---D | C] -- C:\Users\Jesse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
  474. [2014/02/05 21:58:10 | 000,000,000 | ---D | C] -- C:\Users\Jesse\AppData\Local\FluxSoftware
  475.  
  476. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  477.  
  478. [2014/03/07 19:23:59 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  479. [2014/03/07 19:23:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  480. [2014/03/07 19:15:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-474631609-1521078636-1054246077-1001UA.job
  481. [2014/03/07 18:31:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  482. [2014/03/07 18:29:13 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  483. [2014/03/07 18:29:13 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  484. [2014/03/07 18:25:17 | 000,911,078 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  485. [2014/03/07 18:25:17 | 000,752,550 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  486. [2014/03/07 18:25:17 | 000,158,204 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  487. [2014/03/07 17:43:38 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
  488. [2014/03/07 16:41:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jesse\Desktop\OTL.exe
  489. [2014/03/07 10:15:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-474631609-1521078636-1054246077-1001Core.job
  490. [2014/03/03 17:04:54 | 000,000,600 | ---- | M] () -- C:\Users\Jesse\AppData\Local\PUTTY.RND
  491. [2014/02/26 14:30:36 | 000,903,692 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  492. [2014/02/13 22:15:11 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
  493. [2014/02/13 14:29:16 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
  494. [2014/02/13 14:29:06 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
  495. [2014/02/12 21:46:56 | 002,601,752 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_moh.exe
  496. [2014/02/09 21:58:20 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
  497. [2014/02/08 15:53:13 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
  498. [2014/02/08 13:34:51 | 000,024,544 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
  499.  
  500. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  501.  
  502. [2014/03/07 14:47:55 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
  503. [2014/03/07 14:47:55 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
  504. [2014/03/07 14:47:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
  505. [2014/03/07 14:47:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
  506. [2014/03/07 14:47:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
  507. [2014/02/26 17:15:49 | 000,001,049 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
  508. [2014/02/13 22:15:11 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
  509. [2014/02/06 22:13:16 | 000,001,869 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
  510. [2014/02/02 10:44:15 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
  511. [2014/02/02 10:44:07 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
  512. [2014/01/21 22:23:48 | 000,017,408 | ---- | C] () -- C:\Users\Jesse\AppData\Local\WebpageIcons.db
  513. [2014/01/06 21:27:37 | 000,000,000 | ---- | C] () -- C:\Users\Jesse\.drjava
  514. [2013/10/31 13:27:48 | 000,012,005 | ---- | C] () -- C:\Users\Jesse\AppData\Roaming\alsoft.ini
  515. [2013/09/30 16:12:49 | 000,000,053 | ---- | C] () -- C:\Users\Jesse\.hgrc
  516. [2013/09/30 15:49:27 | 000,000,057 | ---- | C] () -- C:\Users\Jesse\.gitconfig
  517. [2013/09/25 14:23:42 | 000,000,600 | ---- | C] () -- C:\Users\Jesse\AppData\Local\PUTTY.RND
  518. [2013/09/02 09:41:51 | 000,005,650 | ---- | C] () -- C:\Users\Jesse\AppData\Local\recently-used.xbel
  519. [2013/08/28 18:05:56 | 000,000,108 | ---- | C] () -- C:\Windows\VSWizard.ini
  520. [2013/08/25 23:43:13 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
  521. [2013/07/20 14:51:14 | 000,018,526 | ---- | C] () -- C:\Users\Jesse\AppData\Roaming\UserTile.png
  522. [2013/07/19 19:50:14 | 000,013,381 | ---- | C] () -- C:\Users\Jesse\AppData\Local\WiDiSetupLog.20130719.205014.wdl
  523. [2013/07/09 08:54:31 | 000,007,600 | ---- | C] () -- C:\Users\Jesse\AppData\Local\Resmon.ResmonCfg
  524. [2013/05/07 16:20:26 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
  525. [2013/05/07 16:20:24 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
  526. [2013/05/07 16:16:22 | 019,587,072 | ---- | C] () -- C:\Windows\SysWow64\igdfcl32.dll
  527. [2013/03/20 14:16:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumdfb9.dll
  528. [2013/03/20 14:16:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumdfb11.dll
  529. [2013/03/20 14:16:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumdfb10.dll
  530. [2013/03/20 14:16:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
  531. [2013/03/20 14:16:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd11.dll
  532. [2013/03/20 14:16:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
  533. [2013/03/01 22:40:08 | 000,037,854 | ---- | C] () -- C:\Users\Jesse\AppData\Roaming\Comma Separated Values (Windows).ADR
  534. [2013/01/27 13:23:33 | 000,000,134 | ---- | C] () -- C:\Users\Jesse\AppData\Roaming\AbsoluteReminder.xml
  535. [2013/01/24 23:18:17 | 000,005,632 | ---- | C] () -- C:\Users\Jesse\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  536. [2013/01/16 13:59:17 | 000,703,104 | ---- | C] () -- C:\Users\Jesse\AppData\Roaming\technic-launcher.jar.bak
  537. [2012/11/12 18:20:42 | 002,388,992 | ---- | C] () -- C:\Windows\explorer.exe
  538. [2012/10/10 02:22:32 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
  539. [2012/10/10 02:22:16 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
  540. [2012/08/26 17:51:07 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat
  541. [2012/07/26 19:14:45 | 001,500,512 | ---- | C] () -- C:\Windows\SysWow64\Apblend.dll
  542. [2012/07/26 19:14:45 | 001,171,456 | ---- | C] () -- C:\Windows\SysWow64\PicNotify.dll
  543. [2012/07/26 19:14:22 | 001,044,480 | ---- | C] () -- C:\Windows\SysWow64\3DImageRenderer.dll
  544. [2012/07/26 19:12:13 | 000,903,692 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  545. [2012/03/22 15:03:54 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\drivers\ProtInstall.exe
  546. [2012/03/11 21:00:49 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
  547. [2012/03/11 21:00:43 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
  548.  
  549. [color=#E56717]========== ZeroAccess Check ==========[/color]
  550.  
  551. [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  552.  
  553. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  554.  
  555. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  556.  
  557. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  558.  
  559. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  560.  
  561. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  562. "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
  563. "ThreadingModel" = Apartment
  564.  
  565. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  566. "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
  567. "ThreadingModel" = Apartment
  568.  
  569. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  570. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  571. "ThreadingModel" = Free
  572.  
  573. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  574. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
  575. "ThreadingModel" = Free
  576.  
  577. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  578. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  579. "ThreadingModel" = Both
  580.  
  581. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  582.  
  583. [color=#E56717]========== LOP Check ==========[/color]
  584.  
  585. [2014/02/28 20:06:03 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\.minecraft
  586. [2013/11/27 12:17:13 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Actual Tools
  587. [2013/12/20 18:30:42 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Audacity
  588. [2013/11/30 22:28:19 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\AVAST Software
  589. [2013/01/11 21:24:14 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\AVG
  590. [2013/02/10 20:27:24 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\BANDISOFT
  591. [2013/12/25 12:08:36 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Bioshock
  592. [2013/11/18 20:20:05 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Bitcoin
  593. [2013/01/18 18:09:36 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Blender Foundation
  594. [2012/10/17 18:42:03 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\CoffeeCup Software
  595. [2014/02/05 22:02:24 | 000,000,000 | -HSD | M] -- C:\Users\Jesse\AppData\Roaming\Common
  596. [2013/04/22 14:32:28 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\DAEMON Tools Ultra
  597. [2014/01/01 21:47:58 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Dexpot
  598. [2013/09/29 20:24:42 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Dropbox
  599. [2013/11/27 12:21:54 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Dual Monitor
  600. [2014/01/07 13:58:00 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\FEZ
  601. [2014/03/07 11:34:59 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\FileZilla
  602. [2013/04/24 14:09:25 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\FreeScreenToVideo
  603. [2014/02/16 17:06:11 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\ftblauncher
  604. [2013/05/01 14:14:25 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\GameSalad
  605. [2014/03/07 11:34:55 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\GitHub
  606. [2012/08/26 17:53:56 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Leadertech
  607. [2013/03/07 17:06:26 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\LibreOffice
  608. [2013/02/17 11:30:37 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\logs
  609. [2013/03/28 17:26:08 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\LogSys
  610. [2014/03/02 21:51:29 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\MediaMonkey
  611. [2013/11/23 22:15:33 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\MotioninJoy
  612. [2013/10/29 08:08:56 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Mumble
  613. [2013/11/16 11:23:08 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Need for Speed World
  614. [2013/07/19 19:39:07 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Notepad++
  615. [2013/11/08 21:11:55 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\OBS
  616. [2013/03/02 09:52:50 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\ooVoo Details
  617. [2014/01/02 21:48:30 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\openvr
  618. [2013/08/05 03:00:29 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Origin
  619. [2013/01/21 13:47:27 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Participatory Culture Foundation
  620. [2013/07/20 14:51:13 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\PeerNetworking
  621. [2013/03/01 19:55:46 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Pegtop
  622. [2012/12/30 12:13:04 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Rainmeter
  623. [2012/08/25 18:39:11 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\SecondLife
  624. [2013/10/26 11:13:45 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\skyz
  625. [2013/10/16 20:13:41 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\SplitMediaLabs
  626. [2014/02/12 23:58:10 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\steamvr
  627. [2013/07/27 08:30:19 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Sublime Text 2
  628. [2014/02/26 17:16:01 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Sublime Text 3
  629. [2013/03/11 14:21:13 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Subversion
  630. [2013/11/23 12:11:15 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\SumatraPDF
  631. [2013/09/30 16:11:54 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\syntevo
  632. [2014/02/28 20:38:27 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\TS3Client
  633. [2012/09/27 14:25:03 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\TuneUp Software
  634. [2013/03/23 21:46:05 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\TunkDesign
  635. [2012/12/27 21:19:51 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Ubisoft
  636. [2012/11/30 15:21:35 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Unity
  637. [2012/09/19 14:16:01 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\wargaming.net
  638. [2013/10/02 17:03:19 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Wings3D
  639. [2013/01/12 16:08:14 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\Wondershare
  640. [2013/03/03 13:52:48 | 000,000,000 | ---D | M] -- C:\Users\Jesse\AppData\Roaming\WorldPainter
  641.  
  642. [color=#E56717]========== Purity Check ==========[/color]
  643.  
  644.  
  645.  
  646. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!