Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Reduxmedia popups in all browsers and some other issues.


  • This topic is locked This topic is locked
72 replies to this topic

#1 ThatElijahGuy

ThatElijahGuy

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:57 PM

Posted 19 May 2014 - 03:15 PM

(Before I start, I cannot run DDS as shown in the guide. I am running on a Windows 8.1 x64 bit computer and it is not specifically designed to run [as it mentions compatibility mode])

 

I am getting a popup from "reduxmedia" an ad website that redirects me to another website telling me that I need to update "Windows NT, my browser, flash or another type of software". I usually either close or the tab/window. Malware Chameleon has not helped me in the process of finding any rootkits. The malware is affecting all browsers, including the browser inside "Steam" (Steam is a digital distribution, multiplayer and communications platform). In browsers that I can, I have resetted my settings (Chrome, Internet Explorer, and Firefox).

 

The virus has started to be more sudden and more "violet" by popping up a lot more than it would usually. I have no suspicious programs that I have seen by the iOBT Unistaller and Windows Uninstaller. I have taken steps of backing up some data but doing a restore isn't possible at my current situation in school right now. Also, when helping me try to remember that some programs will not run on my machine. (Windows 8.1 x64 bit)

 

Another problem that has affected me is that the "real time protection" for malware bytes cannot be enabled, even after using Chameleon. I suppose the Virus is doing this as it worked before I was getting popups. 

 

Note- Whoever responds to this topic, I would like to thank you for taking the time out of your life to volunteer and help me.


Edited by ThatElijahGuy, 19 May 2014 - 06:40 PM.


BC AdBot (Login to Remove)

 


#2 ThatElijahGuy

ThatElijahGuy
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:57 PM

Posted 20 May 2014 - 05:16 PM

(sorry for bumping)

 

To add on to my issue, I am getting a popup on my mobile device ONLY in Chrome [none in Safari on my iOS device]. (iPad Mini Retina running 7.1.1 UNJAILBROKEN)

I am pretty sure it has an issue that is being synced through chrome to my mobile; yet I have deleted the cookies, cache, and other stuff exception for saved passwords on my mobile and my desktop. I am going to try to unsync and see if that gets rid of it. 

 

I am still having the issue with my PC as described above though.



#3 Jo*

Jo*

  • Malware Response Team
  • 3,429 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:57 PM

Posted 21 May 2014 - 10:38 AM

:welcome:

Hello ThatElijahGuy,

my name is Jo and I will help you with your computer problems.



Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Download OTL to your desktop.
  • Double click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note: These logs can be located in the OTL folder on your C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#4 ThatElijahGuy

ThatElijahGuy
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:57 PM

Posted 21 May 2014 - 03:29 PM

Jo, here are the log files you requested.

 

 Results of screen317's Security Check version 0.99.83  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 55  
 Adobe Flash Player 13.0.0.214  
 Google Chrome 34.0.1847.131  
 Google Chrome 34.0.1847.137  
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Windows Defender MpCmdRun.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
--

OTL logfile created on: 5/21/2014 4:17:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Elijah\Desktop
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 2.13 Gb Available Physical Memory | 56.82% Memory free
5.37 Gb Paging File | 3.35 Gb Available in Paging File | 62.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.48 Gb Total Space | 345.06 Gb Free Space | 59.34% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 14.50 Gb Free Space | 99.02% Space Free | Partition Type: NTFS
 
Computer Name: DELL-PC | User Name: Elijah | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Elijah\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Elijah\Desktop\SecurityCheck.exe ()
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Users\Elijah\AppData\Local\StartIsBack\StartScreen.exe (www.startisback.com)
PRC - C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
PRC - C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe (Anvisoft)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Users\Elijah\Desktop\Other Files\Shairport4w.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Elijah\Desktop\SecurityCheck.exe ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files (x86)\Steam\SDL2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\libavcodec-55.dll ()
MOD - C:\Program Files (x86)\Steam\libavutil-53.dll ()
MOD - C:\Program Files (x86)\Steam\libavformat-55.dll ()
MOD - C:\Program Files (x86)\Steam\libavresample-1.dll ()
MOD - C:\Program Files (x86)\Steam\video.dll ()
MOD - C:\Program Files (x86)\Steam\libswscale-2.dll ()
MOD - C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll ()
MOD - C:\Users\Elijah\Desktop\Other Files\Shairport4w.exe ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (BstHdUpdaterSvc) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (RzKLService) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
SRV - (AnviCsbSvc) -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe (Anvisoft)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (Te.Service) -- C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation)
SRV - (fussvc) -- C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MWAC) -- C:\WINDOWS\SysNative\drivers\ [2014/05/18 20:56:39 | 000,000,000 | ---D | M]
DRV:64bit: - (MBAMProtector) -- C:\WINDOWS\SysNative\drivers\ [2014/05/18 20:56:39 | 000,000,000 | ---D | M]
DRV:64bit: - (MQAC) -- C:\Windows\SysNative\drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (RZMAELSTROMVADService) -- C:\Windows\SysNative\drivers\RzMaelstromVAD.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys (IObit)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- C:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatformMp) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (VBAudioVACMME) -- C:\Windows\SysNative\drivers\vbaudio_cable64_win7.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL63AL.SYS (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (tapoas) -- C:\Windows\SysNative\drivers\tapoas.sys (The OpenVPN Project)
DRV:64bit: - (NW1900) -- C:\Windows\SysNative\drivers\NW1900.sys (NextWindow Limited)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (UnlockerDriver5) -- C:\Program Files\Unlocker\UnlockerDriver5.sys ()
DRV:64bit: - (FXOSDDRV) -- C:\Windows\SysNative\drivers\FxOSDdrv64.sys (Foxconn Group)
DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Almico Software)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
IE - HKCU\..\SearchScopes,DefaultScope = {F490F778-177A-41DE-B606-0BCC7F752FCF}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{8EE5F13B-07D4-4C1A-858A-BEE4C8A6E6D7}: "URL" = https://duckduckgo.com/?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Elijah\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Elijah\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Elijah\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Elijah\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Elijah\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\anvisoft.com/AdblockPlugin: C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll File not found
 
 
[2014/04/25 13:23:58 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Widevine Content Decryption Module (Disabled) = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll
CHR - plugin: Mixesoft Click&Clean Plug-In (Enabled) = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\plugin/npccch32.dll
CHR - plugin: Bitdefender QuickScan (Disabled) = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\plugin/npqscan.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2013 (Disabled) = C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Disabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java Deployment Toolkit 7.0.550.14 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U55 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Disabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Disabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Elijah\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Elijah\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
CHR - plugin: Google Talk Plugin (Disabled) = C:\Users\Elijah\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Renderer (Disabled) = C:\Users\Elijah\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
CHR - Extension: Magic Actions for YouTubeâ„¢ = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\6.7.7_0\
CHR - Extension: Google Drive = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Cast = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\14.421.1.1_0\
CHR - Extension: Mancala = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjlhjhpnhabnfepdfemepiilbjbkecpe\1.0.5_0\
CHR - Extension: Spotify - Music for every moment = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh\0.2.3_0\
CHR - Extension: Google Search = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Netflix = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh\1.0.0.2_0\
CHR - Extension: Google News = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc\3.0_0\
CHR - Extension: MaskMe = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.40.353_0\
CHR - Extension: No name found = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi\1.212.0_0\
CHR - Extension: Click&Clean = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\
CHR - Extension: AdBlock = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.34_0\
CHR - Extension: Deathamns = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab\0.9.8.9_0\
CHR - Extension: OneDrive = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk\1.0.4_0\
CHR - Extension: Google Wallet = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: WeVideo - Video Editor and Maker = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb\3.3.3_0\
CHR - Extension: Picasa = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Click&Clean App = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.5_0\
CHR - Extension: Gmail = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: No name found = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pofoighmmpljaikjiidkkfhldjndfdbk\3.6.7_0\
 
O1 HOSTS File: ([2014/05/18 20:47:03 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [InstallerLauncher] "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe" File not found
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Elijah\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 184.107.180.178 50.30.37.164 207.255.0.43
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FD22285-FE1C-44BF-9A4C-EE6DACBB4103}: DhcpNameServer = 162.243.39.21 199.231.184.246 207.255.0.43
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABBD440E-4FEE-4C1E-BF6F-1386E476613C}: DhcpNameServer = 184.107.180.178 50.30.37.164 207.255.0.43
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[7513/04/28 11:11:21 | 000,000,000 | ---D | C] -- C:\WIN NETWORK FILE
[2014/05/21 15:58:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Elijah\Desktop\OTL.exe
[2014/05/21 15:50:54 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Mozilla
[2014/05/18 21:17:56 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UltraUXThemePatcher
[2014/05/18 21:17:55 | 002,862,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll.backup
[2014/05/18 21:17:55 | 002,862,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll
[2014/05/18 21:17:55 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxinit.dll.backup
[2014/05/18 21:17:55 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxinit.dll
[2014/05/18 21:17:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UltraUXThemePatcher
[2014/05/18 21:17:54 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll.backup
[2014/05/18 21:17:54 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2014/05/18 21:14:17 | 000,000,000 | ---D | C] -- C:\Users\Elijah\Desktop\imac  64 bit version
[2014/05/18 21:03:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/18 20:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/05/18 20:32:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/05/18 20:32:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/05/18 20:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/05/17 11:55:50 | 000,693,240 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/05/17 11:55:50 | 000,105,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/16 22:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/16 18:58:52 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Anvisoft
[2014/05/16 18:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2014/05/16 18:48:01 | 000,052,752 | ---- | C] (Anvisoft) -- C:\WINDOWS\SysNative\drivers\asd2fsm.sys
[2014/05/16 18:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2014/05/16 18:44:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2014/05/16 18:44:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2014/05/15 03:59:36 | 000,047,632 | ---- | C] (Anvisoft) -- C:\WINDOWS\SysNative\drivers\asdids.sys
[2014/05/14 09:28:20 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wusa.exe
[2014/05/14 09:28:20 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wusa.exe
[2014/05/14 09:28:18 | 000,257,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/05/14 09:28:17 | 000,123,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/05/14 09:28:16 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/05/14 09:27:46 | 013,288,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/05/14 09:27:46 | 000,921,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/05/14 09:27:45 | 011,792,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/05/14 09:27:45 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/05/14 09:27:45 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/05/14 09:27:44 | 001,705,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/05/14 09:27:44 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2014/05/14 09:27:44 | 000,827,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/05/14 09:27:44 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/05/14 09:27:44 | 000,555,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2014/05/14 09:27:44 | 000,419,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2014/05/14 09:27:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/05/14 09:27:44 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/05/14 09:27:43 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2014/05/14 09:27:43 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/05/14 09:27:43 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/14 09:27:43 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2014/05/14 09:27:43 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/14 09:27:43 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/05/14 09:27:43 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/05/14 09:27:43 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/05/14 09:27:42 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/05/14 09:27:42 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/05/14 09:27:42 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSReset.exe
[2014/05/14 09:27:42 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/05/14 09:27:42 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014/05/14 09:26:48 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/05/14 09:26:46 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/14 09:26:27 | 000,086,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mrt_map.dll
[2014/05/14 09:26:27 | 000,080,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mrt_map.dll
[2014/05/14 09:26:27 | 000,028,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mrt100.dll
[2014/05/14 09:26:27 | 000,026,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mrt100.dll
[2014/05/12 00:03:36 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
[2014/05/09 21:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\Hyper-V
[2014/05/09 21:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\msmq
[2014/05/09 21:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\BestPractices
[2014/05/09 21:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\BestPractices
[2014/05/09 21:28:08 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hyper-V Management Tools
[2014/05/09 21:28:03 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa.tlb
[2014/05/09 21:28:03 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa30.tlb
[2014/05/09 21:28:03 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa20.tlb
[2014/05/09 21:28:03 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa10.tlb
[2014/05/09 21:28:02 | 000,606,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqsnap.dll
[2014/05/09 21:28:02 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisRtl.dll
[2014/05/09 21:28:02 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ahadmin.dll
[2014/05/09 21:28:02 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\admwprox.dll
[2014/05/09 21:28:02 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisreset.exe
[2014/05/09 21:28:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wamregps.dll
[2014/05/09 21:28:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqcertui.dll
[2014/05/09 21:28:01 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisrstap.dll
[2014/05/09 21:27:59 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mqac.sys
[2014/05/09 21:27:59 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisRtl.dll
[2014/05/09 21:27:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\admwprox.dll
[2014/05/09 21:27:58 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqrt.dll
[2014/05/09 21:27:58 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ahadmin.dll
[2014/05/09 21:27:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisreset.exe
[2014/05/09 21:27:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wamregps.dll
[2014/05/09 21:27:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisrstap.dll
[2014/05/09 21:27:57 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmconnect.exe
[2014/05/09 21:27:57 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa.dll
[2014/05/09 21:27:57 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsec.dll
[2014/05/09 21:27:57 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqad.dll
[2014/05/09 21:27:57 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqcmiplugin.dll
[2014/05/09 21:27:57 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqmigplugin.dll
[2014/05/09 21:27:56 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqutil.dll
[2014/05/09 21:27:56 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqlogmgr.dll
[2014/05/09 21:27:53 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemoteFileBrowse.dll
[2014/05/09 21:27:53 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa.tlb
[2014/05/09 21:27:53 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa30.tlb
[2014/05/09 21:27:53 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa20.tlb
[2014/05/09 21:27:53 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa10.tlb
[2014/05/09 21:27:52 | 000,788,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsnap.dll
[2014/05/09 21:27:51 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqcertui.dll
[2014/05/09 21:27:50 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa.dll
[2014/05/09 21:27:49 | 001,408,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqqm.dll
[2014/05/09 21:27:49 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqrt.dll
[2014/05/09 21:27:48 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqsec.dll
[2014/05/09 21:27:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqad.dll
[2014/05/09 21:27:48 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqmigplugin.dll
[2014/05/09 21:27:48 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqcmiplugin.dll
[2014/05/09 21:27:47 | 000,563,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqutil.dll
[2014/05/09 21:27:44 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqbkup.exe
[2014/05/09 21:27:44 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsvc.exe
[2014/05/06 22:16:39 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/06 22:16:16 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/05/06 18:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/05/06 18:39:48 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/05/06 18:39:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/05/06 18:29:06 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Opera Software
[2014/05/06 18:29:05 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Opera Software
[2014/05/06 18:28:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2014/05/05 20:23:14 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2014/05/05 20:23:10 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2014/05/05 20:23:10 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2014/05/05 20:23:10 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/05/05 20:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/05/05 19:35:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014/05/05 17:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirServer (64-bit)
[2014/05/05 17:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\App Dynamic
[2014/05/05 17:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Reflector
[2014/05/05 17:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Reflection
[2014/05/05 17:33:06 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Reflector
[2014/05/05 17:31:29 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reflector
[2014/05/05 17:31:28 | 000,000,000 | ---D | C] -- C:\Program Files\Reflector
[2014/05/05 16:43:49 | 000,773,632 | ---- | C] (Robert Simpson, et al.) -- C:\Users\Elijah\AppData\Roaming\System.Data.SQLite.dll
[2014/05/04 22:00:58 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/05/04 22:00:48 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/05/04 22:00:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/05/04 20:01:00 | 000,000,000 | ---D | C] -- C:\Users\Elijah\.VirtualBox
[2014/05/03 23:40:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2014/05/03 14:07:59 | 000,000,000 | ---D | C] -- C:\Users\Elijah\Documents\7 Days To Die
[2014/05/03 09:05:09 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\WINDOWS\SysNative\bdsandboxuiskin32.dll
[2014/05/03 08:46:53 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2014/05/03 08:46:46 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\capicom.dll
[2014/05/03 08:46:46 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\WINDOWS\SysWow64\bdsandboxuiskin32.dll
[2014/05/03 08:33:48 | 000,084,848 | ---- | C] (BitDefender SRL) -- C:\WINDOWS\SysNative\BDSandBoxUISkin.dll
[2014/05/03 08:33:48 | 000,034,384 | ---- | C] (BitDefender SRL) -- C:\WINDOWS\SysNative\BDSandBoxUH.dll
[2014/05/03 08:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2014/05/03 08:33:29 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\QuickScan
[2014/05/03 08:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2014/05/03 08:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
[2014/05/03 08:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/05/03 07:27:19 | 000,000,000 | ---D | C] -- C:\Users\Elijah\Documents\My Cheat Tables
[2014/05/02 21:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2014/05/02 21:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2014/05/02 21:09:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2014/05/02 21:08:32 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Bluestacks
[2014/05/02 20:41:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/05/02 20:40:32 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/05/02 20:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Elijah\AppData\Local\EmieUserList
[2014/05/02 20:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Elijah\AppData\Local\EmieSiteList
[2014/05/01 15:59:13 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/05/01 15:59:11 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/04/28 21:31:50 | 016,875,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/04/28 21:31:48 | 001,291,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014/04/28 21:31:47 | 001,112,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/04/28 21:31:47 | 000,376,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2014/04/28 21:31:45 | 012,732,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/04/28 21:31:42 | 008,653,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/04/28 21:31:42 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/04/28 21:31:41 | 000,157,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wof.sys
[2014/04/28 21:31:40 | 007,425,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/04/28 21:31:37 | 006,641,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/04/28 21:31:36 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/04/28 21:31:36 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/04/28 21:31:33 | 005,770,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/04/28 21:31:33 | 002,900,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014/04/28 21:31:32 | 004,268,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/04/28 21:31:31 | 002,270,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014/04/28 21:31:30 | 002,641,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/04/28 21:31:30 | 002,373,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2014/04/28 21:31:29 | 002,141,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014/04/28 21:31:29 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/04/28 21:31:29 | 002,088,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2014/04/28 21:31:29 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/04/28 21:31:28 | 002,317,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/04/28 21:31:28 | 001,542,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2014/04/28 21:31:27 | 001,411,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/04/28 21:31:27 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWfdProvider.dll
[2014/04/28 21:31:26 | 001,779,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014/04/28 21:31:26 | 001,764,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014/04/28 21:31:26 | 001,129,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/04/28 21:31:26 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/04/28 21:31:25 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2014/04/28 21:31:25 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/04/28 21:31:24 | 001,023,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/04/28 21:31:24 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2014/04/28 21:31:24 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/04/28 21:31:24 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2014/04/28 21:31:23 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2014/04/28 21:31:22 | 001,466,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/04/28 21:31:22 | 001,339,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014/04/28 21:31:22 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidprov.dll
[2014/04/28 21:31:21 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2014/04/28 21:31:21 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/04/28 21:31:21 | 000,492,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014/04/28 21:31:20 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/04/28 21:31:20 | 000,467,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014/04/28 21:31:20 | 000,388,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014/04/28 21:31:20 | 000,356,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014/04/28 21:31:19 | 000,364,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/04/28 21:31:19 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidprov.dll
[2014/04/28 21:31:18 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2014/04/28 21:31:18 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2014/04/28 21:31:18 | 000,379,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/04/28 21:31:17 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2014/04/28 21:31:16 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2014/04/28 21:31:16 | 000,305,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/04/28 21:31:15 | 000,924,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/04/28 21:31:15 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2014/04/28 21:31:15 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014/04/28 21:31:14 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2014/04/28 21:31:13 | 000,872,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/04/28 21:31:13 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/04/28 21:31:13 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/04/28 21:31:13 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll
[2014/04/28 21:31:13 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2014/04/28 21:31:12 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/04/28 21:31:12 | 000,488,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2014/04/28 21:31:12 | 000,463,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014/04/28 21:31:12 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2014/04/28 21:31:12 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014/04/28 21:31:12 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/04/28 21:31:11 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll
[2014/04/28 21:31:11 | 000,390,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2014/04/28 21:31:11 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2014/04/28 21:31:11 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/04/28 21:31:11 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll
[2014/04/28 21:31:10 | 000,467,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/04/28 21:31:10 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2014/04/28 21:31:10 | 000,244,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014/04/28 21:31:09 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/04/28 21:31:09 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/04/28 21:31:09 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AdmTmpl.dll
[2014/04/28 21:31:09 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pdh.dll
[2014/04/28 21:31:09 | 000,113,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\userenv.dll
[2014/04/28 21:31:09 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2014/04/28 21:31:08 | 000,360,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2014/04/28 21:31:08 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2014/04/28 21:31:08 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReInfo.dll
[2014/04/28 21:31:08 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2014/04/28 21:31:08 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2014/04/28 21:31:07 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlangpui.dll
[2014/04/28 21:31:07 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2014/04/28 21:31:07 | 000,355,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2014/04/28 21:31:07 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2014/04/28 21:31:06 | 001,015,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aclui.dll
[2014/04/28 21:31:06 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll
[2014/04/28 21:31:06 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2014/04/28 21:31:05 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/04/28 21:31:05 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spp.dll
[2014/04/28 21:31:05 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2014/04/28 21:31:04 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll
[2014/04/28 21:31:04 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pdh.dll
[2014/04/28 21:31:04 | 000,136,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2014/04/28 21:31:04 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2014/04/28 21:31:04 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\w32tm.exe
[2014/04/28 21:31:03 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014/04/28 21:31:03 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014/04/28 21:31:03 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014/04/28 21:31:02 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlangpui.dll
[2014/04/28 21:31:02 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2014/04/28 21:31:02 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2014/04/28 21:31:02 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvcfg.exe
[2014/04/28 21:31:02 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/04/28 21:31:01 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aclui.dll
[2014/04/28 21:31:01 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2014/04/28 21:31:01 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2014/04/28 21:31:01 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMapi.dll
[2014/04/28 21:31:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\w32tm.exe
[2014/04/28 21:31:01 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/04/28 21:31:00 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/04/28 21:31:00 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2014/04/28 21:31:00 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationApi.dll
[2014/04/28 21:31:00 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2014/04/28 21:31:00 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014/04/28 21:30:59 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/04/28 21:30:59 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AdmTmpl.dll
[2014/04/28 21:30:59 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReInfo.dll
[2014/04/28 21:30:59 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerDeviceEncryption.exe
[2014/04/28 21:30:58 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvewiz.dll
[2014/04/28 21:30:58 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2014/04/28 21:30:58 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014/04/28 21:30:58 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2014/04/28 21:30:58 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevPropMgr.dll
[2014/04/28 21:30:57 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2014/04/28 21:30:57 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationApi.dll
[2014/04/28 21:30:57 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxproxy.dll
[2014/04/28 21:30:57 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SetNetworkLocation.dll
[2014/04/28 21:30:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxproxy.dll
[2014/04/28 21:30:56 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2014/04/28 21:30:55 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2014/04/28 21:30:55 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfg.exe
[2014/04/28 21:30:55 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfgLib.dll
[2014/04/28 21:30:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\l2gpstore.dll
[2014/04/28 21:30:55 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\l2gpstore.dll
[2014/04/28 21:30:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanhlp.dll
[2014/04/28 21:30:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2014/04/28 21:30:54 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014/04/28 21:28:37 | 002,678,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/04/28 09:22:20 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Rogue Amoeba
[2014/04/27 08:23:28 | 000,000,000 | ---D | C] -- C:\Users\Elijah\.shsh
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/21 15:59:32 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/21 15:59:20 | 000,002,213 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/21 15:59:14 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/21 15:58:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Elijah\Desktop\OTL.exe
[2014/05/21 15:58:00 | 000,854,367 | ---- | M] () -- C:\Users\Elijah\Desktop\SecurityCheck.exe
[2014/05/21 15:50:56 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3108133871-108172081-1357250756-1001UA.job
[2014/05/21 15:47:01 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/05/21 15:44:57 | 3220,582,400 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/21 15:44:57 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/05/20 16:50:12 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3108133871-108172081-1357250756-1001Core.job
[2014/05/19 21:32:25 | 006,199,182 | ---- | M] () -- C:\Users\Elijah\Desktop\tumblr_n3cd3sBkpS1qi81ts.mp4
[2014/05/19 17:57:20 | 000,675,988 | ---- | M] () -- C:\Users\Elijah\Desktop\Minecraft.exe
[2014/05/18 21:17:55 | 002,862,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll
[2014/05/18 21:17:55 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxinit.dll
[2014/05/18 21:17:54 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2014/05/18 20:47:03 | 000,000,741 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2014/05/18 20:33:08 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/16 18:44:21 | 000,001,320 | ---- | M] () -- C:\Users\Public\Desktop\Cloud System Booster.lnk
[2014/05/15 03:59:38 | 000,052,752 | ---- | M] (Anvisoft) -- C:\WINDOWS\SysNative\drivers\asd2fsm.sys
[2014/05/15 03:59:36 | 000,047,632 | ---- | M] (Anvisoft) -- C:\WINDOWS\SysNative\drivers\asdids.sys
[2014/05/14 08:01:14 | 000,000,036 | ---- | M] () -- C:\Users\Elijah\AppData\Local\housecall.guid.cache
[2014/05/13 18:52:29 | 000,259,272 | ---- | M] () -- C:\ProgramData\1400021306.bdinstall.bin
[2014/05/11 11:56:39 | 000,579,984 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/05/09 22:08:58 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
[2014/05/09 21:47:57 | 000,002,272 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk
[2014/05/09 21:29:57 | 001,037,398 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/05/09 21:29:57 | 000,860,032 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/05/09 21:29:57 | 000,180,258 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/05/09 21:29:52 | 001,015,600 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/05/09 21:28:03 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa.tlb
[2014/05/09 21:28:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa30.tlb
[2014/05/09 21:28:03 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa20.tlb
[2014/05/09 21:28:03 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa10.tlb
[2014/05/09 21:28:02 | 000,606,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqsnap.dll
[2014/05/09 21:28:02 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisRtl.dll
[2014/05/09 21:28:02 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ahadmin.dll
[2014/05/09 21:28:02 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\admwprox.dll
[2014/05/09 21:28:02 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisreset.exe
[2014/05/09 21:28:02 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wamregps.dll
[2014/05/09 21:28:02 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqcertui.dll
[2014/05/09 21:28:01 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisrstap.dll
[2014/05/09 21:27:59 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mqac.sys
[2014/05/09 21:27:59 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisRtl.dll
[2014/05/09 21:27:59 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\admwprox.dll
[2014/05/09 21:27:58 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqrt.dll
[2014/05/09 21:27:58 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ahadmin.dll
[2014/05/09 21:27:58 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisreset.exe
[2014/05/09 21:27:58 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wamregps.dll
[2014/05/09 21:27:58 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisrstap.dll
[2014/05/09 21:27:57 | 000,533,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmconnect.exe
[2014/05/09 21:27:57 | 000,253,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa.dll
[2014/05/09 21:27:57 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsec.dll
[2014/05/09 21:27:57 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqad.dll
[2014/05/09 21:27:57 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqcmiplugin.dll
[2014/05/09 21:27:57 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqmigplugin.dll
[2014/05/09 21:27:57 | 000,009,096 | ---- | M] () -- C:\WINDOWS\SysWow64\msmqtrc.mof
[2014/05/09 21:27:56 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqutil.dll
[2014/05/09 21:27:56 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqlogmgr.dll
[2014/05/09 21:27:55 | 000,144,967 | ---- | M] () -- C:\WINDOWS\SysNative\virtmgmt.msc
[2014/05/09 21:27:53 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemoteFileBrowse.dll
[2014/05/09 21:27:53 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa.tlb
[2014/05/09 21:27:53 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa30.tlb
[2014/05/09 21:27:53 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa20.tlb
[2014/05/09 21:27:53 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa10.tlb
[2014/05/09 21:27:52 | 000,788,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsnap.dll
[2014/05/09 21:27:51 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqcertui.dll
[2014/05/09 21:27:50 | 000,302,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa.dll
[2014/05/09 21:27:50 | 000,009,096 | ---- | M] () -- C:\WINDOWS\SysNative\msmqtrc.mof
[2014/05/09 21:27:49 | 001,408,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqqm.dll
[2014/05/09 21:27:49 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqrt.dll
[2014/05/09 21:27:48 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqsec.dll
[2014/05/09 21:27:48 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqad.dll
[2014/05/09 21:27:48 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqmigplugin.dll
[2014/05/09 21:27:48 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqcmiplugin.dll
[2014/05/09 21:27:47 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqutil.dll
[2014/05/09 21:27:44 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqbkup.exe
[2014/05/09 21:27:44 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsvc.exe
[2014/05/09 20:29:15 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk
[2014/05/09 20:28:43 | 000,447,752 | ---- | M] (On2.com) -- C:\WINDOWS\SysWow64\vp6vfw.dll
[2014/05/06 22:16:39 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/06 22:16:16 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/05/06 18:39:50 | 000,000,996 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/05 23:00:47 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/05/05 22:10:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/05 20:23:01 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/05/05 20:23:00 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2014/05/05 20:23:00 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2014/05/05 20:23:00 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2014/05/05 16:58:53 | 000,001,200 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2014/05/05 16:43:49 | 000,773,632 | ---- | M] (Robert Simpson, et al.) -- C:\Users\Elijah\AppData\Roaming\System.Data.SQLite.dll
[2014/05/04 22:18:49 | 000,001,128 | ---- | M] () -- C:\WINDOWS\SysNative\.crusader
[2014/05/04 12:54:47 | 000,000,385 | ---- | M] () -- C:\WINDOWS\SysNative\user_gensett.xml
[2014/05/03 17:42:15 | 000,007,605 | ---- | M] () -- C:\Users\Elijah\AppData\Local\Resmon.ResmonCfg
[2014/05/03 09:47:32 | 000,040,801 | ---- | M] () -- C:\ProgramData\1399124847.bdinstall.bin
[2014/05/03 09:05:09 | 000,074,512 | ---- | M] (BitDefender SRL) -- C:\WINDOWS\SysNative\bdsandboxuiskin32.dll
[2014/05/03 08:48:39 | 000,561,043 | ---- | M] () -- C:\ProgramData\1399120867.bdinstall.bin
[2014/05/03 08:47:02 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/05/03 08:36:17 | 000,114,935 | ---- | M] () -- C:\ProgramData\1399120409.3740.bin
[2014/05/03 08:36:17 | 000,033,466 | ---- | M] () -- C:\ProgramData\1399120409.6280.bin
[2014/05/03 08:36:17 | 000,011,684 | ---- | M] () -- C:\ProgramData\1399120409.5064.bin
[2014/05/03 08:36:17 | 000,004,264 | ---- | M] () -- C:\ProgramData\1399120409.1120.bin
[2014/05/03 08:36:17 | 000,000,991 | ---- | M] () -- C:\ProgramData\1399120409.6964.bin
[2014/05/03 08:36:16 | 000,010,767 | ---- | M] () -- C:\ProgramData\1399120409.7124.bin
[2014/05/03 08:36:16 | 000,001,090 | ---- | M] () -- C:\ProgramData\1399120409.5848.bin
[2014/05/03 08:33:57 | 000,003,735 | ---- | M] () -- C:\ProgramData\1399120409.3568.bin
[2014/05/03 08:33:53 | 000,017,887 | ---- | M] () -- C:\ProgramData\1399120409.5712.bin
[2014/05/03 08:33:53 | 000,010,649 | ---- | M] () -- C:\ProgramData\1399120409.3028.bin
[2014/05/03 08:33:53 | 000,001,090 | ---- | M] () -- C:\ProgramData\1399120409.6376.bin
[2014/05/01 16:30:26 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/05/01 16:30:26 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/01 15:59:13 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/05/01 15:59:11 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/04/27 08:58:32 | 000,000,950 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts.umbrella
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/05/21 15:58:06 | 000,854,367 | ---- | C] () -- C:\Users\Elijah\Desktop\SecurityCheck.exe
[2014/05/19 21:32:12 | 006,199,182 | ---- | C] () -- C:\Users\Elijah\Desktop\tumblr_n3cd3sBkpS1qi81ts.mp4
[2014/05/19 18:23:07 | 000,675,988 | ---- | C] () -- C:\Users\Elijah\Desktop\Minecraft.exe
[2014/05/18 20:33:08 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/17 11:16:20 | 000,000,001 | -HS- | C] () -- C:\BOOTNXT
[2014/05/17 11:16:19 | 000,403,946 | RHS- | C] () -- C:\bootmgr
[2014/05/16 18:44:21 | 000,001,320 | ---- | C] () -- C:\Users\Public\Desktop\Cloud System Booster.lnk
[2014/05/14 08:01:14 | 000,000,036 | ---- | C] () -- C:\Users\Elijah\AppData\Local\housecall.guid.cache
[2014/05/13 18:52:29 | 000,259,272 | ---- | C] () -- C:\ProgramData\1400021306.bdinstall.bin
[2014/05/13 13:41:03 | 000,001,130 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014/05/09 22:08:58 | 000,002,344 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
[2014/05/09 21:47:57 | 000,002,272 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk
[2014/05/09 21:27:57 | 000,009,096 | ---- | C] () -- C:\WINDOWS\SysWow64\msmqtrc.mof
[2014/05/09 21:27:55 | 000,144,967 | ---- | C] () -- C:\WINDOWS\SysNative\virtmgmt.msc
[2014/05/09 21:27:50 | 000,009,096 | ---- | C] () -- C:\WINDOWS\SysNative\msmqtrc.mof
[2014/05/09 20:29:15 | 000,002,340 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk
[2014/05/06 18:39:50 | 000,000,996 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/04 22:18:49 | 000,001,128 | ---- | C] () -- C:\WINDOWS\SysNative\.crusader
[2014/05/04 12:54:47 | 000,000,385 | ---- | C] () -- C:\WINDOWS\SysNative\user_gensett.xml
[2014/05/03 09:47:32 | 000,040,801 | ---- | C] () -- C:\ProgramData\1399124847.bdinstall.bin
[2014/05/03 08:48:39 | 000,561,043 | ---- | C] () -- C:\ProgramData\1399120867.bdinstall.bin
[2014/05/03 08:47:02 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/05/03 08:36:10 | 000,011,684 | ---- | C] () -- C:\ProgramData\1399120409.5064.bin
[2014/05/03 08:33:47 | 000,017,887 | ---- | C] () -- C:\ProgramData\1399120409.5712.bin
[2014/05/03 08:33:47 | 000,010,649 | ---- | C] () -- C:\ProgramData\1399120409.3028.bin
[2014/05/03 08:33:47 | 000,004,264 | ---- | C] () -- C:\ProgramData\1399120409.1120.bin
[2014/05/03 08:33:47 | 000,001,090 | ---- | C] () -- C:\ProgramData\1399120409.6376.bin
[2014/05/03 08:33:47 | 000,001,090 | ---- | C] () -- C:\ProgramData\1399120409.5848.bin
[2014/05/03 08:33:47 | 000,000,991 | ---- | C] () -- C:\ProgramData\1399120409.6964.bin
[2014/05/03 08:33:40 | 000,003,735 | ---- | C] () -- C:\ProgramData\1399120409.3568.bin
[2014/05/03 08:33:35 | 000,033,466 | ---- | C] () -- C:\ProgramData\1399120409.6280.bin
[2014/05/03 08:33:35 | 000,010,767 | ---- | C] () -- C:\ProgramData\1399120409.7124.bin
[2014/05/03 08:33:29 | 000,114,935 | ---- | C] () -- C:\ProgramData\1399120409.3740.bin
[2014/04/28 21:30:54 | 000,387,210 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/04/12 10:59:35 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/21 16:38:20 | 000,000,085 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014/03/18 18:47:25 | 000,000,128 | ---- | C] () -- C:\Users\Elijah\.java.policy
[2014/03/08 20:56:05 | 001,015,600 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/02/17 14:49:16 | 000,000,218 | ---- | C] () -- C:\Users\Elijah\AppData\Local\recently-used.xbel
[2014/02/14 17:50:30 | 000,000,000 | -HS- | C] () -- C:\Users\Elijah\AppData\Local\LumaEmu
[2014/02/14 00:34:43 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/25 22:23:26 | 000,012,484 | ---- | C] () -- C:\Users\Elijah\1524665_626217224109935_1040360520_n.jpg
[2013/12/13 23:25:49 | 000,029,115 | ---- | C] () -- C:\Users\Elijah\AppData\Roaming\Comma Separated Values.ADR
[2013/12/10 18:33:54 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/11/20 10:59:15 | 000,151,902 | ---- | C] () -- C:\ProgramData\1367021324.bdinstall.bin
[2013/11/20 10:59:15 | 000,074,278 | ---- | C] () -- C:\ProgramData\1367103931.bdinstall.bin
[2013/11/20 10:59:15 | 000,022,805 | ---- | C] () -- C:\ProgramData\1367103928.bdinstall.bin
[2013/11/20 10:59:15 | 000,003,628 | ---- | C] () -- C:\ProgramData\1368224736.bdinstall.bin
[2013/11/20 10:59:15 | 000,003,628 | ---- | C] () -- C:\ProgramData\1368224734.bdinstall.bin
[2013/11/20 10:59:15 | 000,003,628 | ---- | C] () -- C:\ProgramData\1368224720.bdinstall.bin
[2013/11/20 10:59:15 | 000,003,627 | ---- | C] () -- C:\ProgramData\1367164837.bdinstall.bin
[2013/11/20 10:59:15 | 000,000,209 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/10/19 09:14:11 | 000,001,147 | ---- | C] () -- C:\Users\Elijah\Steam.lnk
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/07/01 01:32:40 | 000,008,192 | ---- | C] () -- C:\Users\Elijah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/29 21:26:10 | 000,007,605 | ---- | C] () -- C:\Users\Elijah\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2013/11/22 01:12:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/27 05:12:37 | 021,225,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/27 03:48:28 | 018,679,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/05/20 22:22:27 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\.minecraft
[2014/03/18 18:47:14 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\AIR
[2014/05/01 19:10:32 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\Audacity
[2014/05/19 16:17:16 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\BitTorrent
[2014/05/09 19:45:38 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\DiskAid
[2013/12/23 19:39:47 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\dotPDN LLC
[2014/05/16 18:50:35 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\FileZilla
[2014/04/05 20:12:28 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\flightgear.org
[2014/04/05 19:50:07 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\fltk.org
[2013/12/10 11:46:09 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\HexChat
[2014/05/02 20:36:43 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\iFunBox.NXGen
[2014/01/18 12:43:55 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\iFunbox_UserCache
[2014/01/11 00:42:38 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\iMobie
[2014/02/19 10:35:23 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\IObit
[2014/03/08 21:03:40 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\KoshyJohn.com
[2013/12/08 07:01:34 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\LolClient
[2014/04/05 23:48:04 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\Mount&Blade Warband
[2014/03/20 22:11:30 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\MultiForce
[2014/03/20 22:05:21 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\MultiForce Backup
[2014/05/18 20:45:48 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\Notepad++
[2013/11/24 11:58:01 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\OBS
[2014/05/16 18:56:11 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\Opera Software
[2014/02/16 18:57:08 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\Origin
[2014/02/19 10:07:15 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\ProductData
[2014/05/03 08:33:29 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\QuickScan
[2014/02/20 22:44:39 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\Screaming Bee
[2014/05/05 20:12:46 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\SketchUp
[2013/12/10 18:03:34 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\Smart PC Solutions
[2014/01/16 21:54:15 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\Spotiamp
[2014/05/19 22:01:06 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\Spotify
[2013/04/28 13:25:30 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\Subversion
[2014/03/02 22:30:38 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\System
[2014/05/16 18:50:35 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\TeamViewer
[2013/11/27 15:28:19 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\TFP
[2014/02/17 02:32:25 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\TS3Client
[2014/02/27 19:50:13 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\TuneUp Software
[2013/12/08 04:51:33 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\Unity
[2014/05/16 18:50:44 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\uTorrent
[2013/12/17 21:38:40 | 000,000,000 | ---D | M] -- C:\Users\Elijah\AppData\Roaming\Waterfox Limited
[2014/03/02 22:30:50 | 000,000,000 | -HSD | M] -- C:\Users\Elijah\AppData\Roaming\wyUpdate AU
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Elijah\SkyDrive (2):ms-properties
@Alternate Data Stream - 183 bytes -> C:\Users\Elijah\SkyDrive (3).old:ms-properties
@Alternate Data Stream - 162 bytes -> C:\Users\Elijah\SkyDrive:ms-properties
 
< End of report >
 
--
OTL EXTRA
 

OTL Extras logfile created on: 5/21/2014 4:17:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Elijah\Desktop
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 2.13 Gb Available Physical Memory | 56.82% Memory free
5.37 Gb Paging File | 3.35 Gb Available in Paging File | 62.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.48 Gb Total Space | 345.06 Gb Free Space | 59.34% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 14.50 Gb Free Space | 99.02% Space Free | Partition Type: NTFS
 
Computer Name: DELL-PC | User Name: Elijah | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Menu_CMD] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Menu_CMD] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13235461-B71B-4944-86BA-38C0AE0EAC6C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{28090620-2B60-4119-9B2F-C0376CB2AE07}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{399226A8-1054-498C-AC8B-B7DA467DAD07}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{54DF5EA6-7446-4D23-8B29-B8FA88020443}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{6242690B-4532-4592-A260-1C0EFCCA955B}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{7592EB5D-BE09-4490-8C2F-EBE51D7D3DF1}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{78B1055A-45D8-4CA9-9022-B3E87589ED44}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe | 
"{8375216F-2D74-41F2-8E21-5EFCFE1403C2}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{88F86B5A-89AC-4125-801F-783E33C92DBE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{962479C8-156B-438A-BD36-59D384AE3C4B}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{99EA18AD-FD8D-4002-A8AF-4942811C34BD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9A0E30A8-1BBE-466E-96F9-3E2D78D6DE75}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{A70E7317-F6D1-46E1-9D5E-19E3FAC74806}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B52856C2-35EC-4EC2-8A6C-37C4091EB93F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CF4D6485-C4F5-42D3-B315-9F3BD233DE1B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DE513AF5-0F72-4212-9258-21E774CD7CC0}" = lport=1688 | protocol=6 | dir=in | name=0pen port kms | 
"{F165EC6E-F3E9-4C55-9407-D72F374C4AAC}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00EBA2B9-FBAD-43E9-A656-0BAFCB3C5DF3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{011E0AF0-E779-4C65-A50C-7DFAAA44BCB9}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{028B55A3-E8C1-46D1-BEB2-CE44FD0EB344}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{046D504C-5FC5-4F9D-939A-073620AE016D}" = dir=out | name=7 minute workout | 
"{04D167A4-8376-4B3A-8BC0-BE4BEA16D8F8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{04FF6F47-D255-413B-9213-2B13D627569B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{0500036B-54ED-4D07-83B7-AF83141C86E4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe | 
"{06A90515-48A5-48B4-BC26-40A39257EA29}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{0720506B-E1BB-40A3-BB3F-2AC1BB3D9BBE}" = protocol=17 | dir=in | app=c:\users\elijah\appdata\local\google\google talk plugin\googletalkplugin.exe | 
"{074BF13D-988E-4804-A467-88B4777E67A8}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{07BFA868-6E99-42FC-9D54-AD765704F50F}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{084D53CA-6A70-4C9B-AECC-9F1A0E146CA4}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{095E179E-5587-4159-A117-7955DF8CEB1D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{0AD67296-5C6E-4447-8FEB-7E1E96617A28}" = dir=out | name=@{microsoft.bingtravel_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | 
"{0C68C216-A91C-499F-88C9-A3AF3BCDF40A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0E6D9CC0-DFB8-4ECD-8596-51222A140565}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{104DDFAB-467D-4F3E-AA7C-775BFC33A5A5}" = dir=in | name=skype | 
"{106B4F3A-E96B-46B8-ADA6-8309AE5EAB1C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | 
"{1431567F-661B-4196-AEC4-4389AB3A957A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{1604585A-AD8D-46D0-A939-FBD2B5FE653C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe | 
"{16F30041-5547-4573-9B29-3495F168BF0A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{186B5016-C068-4FA3-8A40-00B25F251B88}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe | 
"{1AD444DA-C7F0-434B-830B-0F99E12FFF60}" = dir=out | name=windows_ie_ac_001 | 
"{1E24C54B-A078-4C1D-8107-113A0F9110EF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{1FF628C7-045F-4EB7-9088-7B339DD0E015}" = dir=out | name=@{microsoft.bingnews_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | 
"{23E67037-B2CF-4189-99AA-5A3A18207E9E}" = dir=out | name=shazam | 
"{256521F4-C5F2-44F3-9800-C6A03006EA00}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{26B7C0D9-8516-4534-84E5-D2A98331844C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{26CD9FA2-C62C-4ED4-AA87-5C71D6E05C0B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\game dev tycoon\gamedevtycoon.exe | 
"{27C2EBCE-4FC0-454C-9E7C-30AD5B1DF36D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{29FC3C95-F314-415A-83B0-F3BCD76D7F43}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe | 
"{2A9278D4-75BD-46BC-9ABE-9ABA0C4D87B4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{2AB8EA72-D0A4-4130-AD58-3DBF6ED4913E}" = dir=out | name=songza | 
"{2C179C02-0002-4A95-8808-B0F0D6653019}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\universe sandbox\universe sandbox.exe | 
"{2C57F2A8-06AC-4C4E-82A6-610DE6F5A3D1}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{2CFE6249-FCF2-4497-B149-82E2FDBF2F41}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{2FBF8C4E-B930-4279-AC8F-D3C7FF7625B4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount and blade warband - demo\mb_warband.exe | 
"{2FF2FA53-BA87-42E9-B03B-F9C226CF7573}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{302C79A3-AA14-4D3F-871A-CC61D1AF856C}" = dir=out | name=realplayer cloud | 
"{3212007C-3C80-45DE-85B5-454476E43AB8}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe | 
"{3218A33D-ABBF-41DC-8F2F-DAA547E8F560}" = dir=out | name=cnn app for windows | 
"{32F91FAF-9989-4C62-8A13-4ADEDA0FB76F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal\hl2.exe | 
"{36F6ED50-8405-45C0-9EE9-472370692E58}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{39961B63-21B0-403F-8543-C6B23F04DBA2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{3D1EA684-630D-483E-9B4D-938DCDFA677E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rust\rustlauncher.exe | 
"{3FBDE5EA-67BF-4E8D-82AA-58816F779BC4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | 
"{3FD72BBB-E904-444D-B306-257CB93A1149}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{40E8ABE5-1E49-4EAB-9EC2-F60230D1DB78}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{41004B59-BEFD-470B-BFC8-9E29D1819B30}" = dir=out | name=google search | 
"{41CBD216-1A36-4AEC-B4FD-D5890833D494}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\game dev tycoon\gamedevtycoon.exe | 
"{4249F414-F959-4797-A45A-7408F7DD2652}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | 
"{42A48569-D259-4E16-85EE-84E06E97B383}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{42B17832-8E9A-4931-B966-69E5F7348CC5}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{44BA8CB6-26D0-4CF2-A91C-AB32D8DD0E5C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\game dev tycoon\gamedevtycoon.exe | 
"{45922DC6-5E1B-462F-A285-3B589F282659}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{4753967B-93DB-4AF9-9BE2-770AD767D1CC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | 
"{47637777-CEF2-430D-87BA-87A37A55EA17}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe | 
"{4934AF7F-7936-42D6-ACF7-458C2D114B84}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{497EA911-8F94-4CF7-A8EF-89D9DF4BD9E5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe | 
"{4B27F598-2622-442C-BCA0-1A857A986745}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal\hl2.exe | 
"{4CDDDA92-C867-4D71-A44B-CFF09EC23A8B}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{4D8A6206-3CE6-4A90-8153-D48B081E11F4}" = dir=out | name=the weather channel | 
"{4DDA1930-8E93-48DE-BC72-0C54050FD0DB}" = dir=out | name=steam tile | 
"{4FABCD38-8152-4E12-870E-282740BB8E45}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{50ABB09D-661D-446B-ADF1-1E4F37DA6581}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cities xl platinum\citiesxl_platinum.exe | 
"{53F8018B-2868-4A81-9CB2-817913A9E10B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | 
"{5962DB1F-EA13-4D7E-9B3F-7ADB0EFC7036}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{597EBDDD-080F-43D6-A086-9DB64DE5CD17}" = dir=out | name=@{microsoft.zunevideo_2.2.767.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{59945DF0-470B-49EB-84B0-B42688B0E2C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{5A5943D6-D515-4356-B262-759DEBBC915F}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{5BF35142-7F08-44D5-BCD4-432A3EBC8B71}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{5C61B0E6-429F-4DA0-A6A8-7C82874B48E4}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.201_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{5D03E245-3BA3-481A-8005-6D92AFDC7252}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{5D6078EC-A03B-4FD3-916A-1C01EFB2D987}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe | 
"{5EAA3D7B-0DD1-4208-9F3E-8C985B3697AD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | 
"{5F6E13B1-4275-422D-A357-55723BB86C0D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 
"{60A000E9-A350-4397-9ED3-BFC9B58F0F88}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{60C5FFA6-ADF9-4900-A42A-A927CEC3491A}" = dir=out | name=@{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{628890C1-EA62-4E02-9AD1-47F333C3318C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe | 
"{64F566C8-F8F6-4F5B-8644-F52A73E655C2}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | 
"{66EFC126-19D3-4F39-8EC4-5578FFC5ED1B}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20321_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{6A36FF9A-2429-4894-ADCC-2FC058B62250}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} | 
"{6B73CDC7-82D9-4541-ADD5-62A767A658C5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{6C2569EB-A7F1-4F2B-96F9-291C0212A71F}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | 
"{6EF0C04D-DA05-4868-BEBC-4110BD37CFC9}" = dir=out | name=iheartradio | 
"{6F8B4F0D-7EE7-4FE3-BBF2-7D214198D5AD}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{7095FC12-3CB7-4B70-B783-33493CDBA344}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rust\rustlauncher.exe | 
"{71859D79-145D-4E6B-8B97-CD3A85AEE1BE}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{71FB3861-D379-40BB-8258-342AB773CE7F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{7565A8EB-5553-4F05-99B8-FF2CFC3CFB07}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{76E2F501-A769-4799-9C8E-1B321ABFEC64}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | 
"{77380628-3040-4F8B-A531-01783BBACFB0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{78E6C255-AFBC-48EE-90C0-B0605A375E17}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe | 
"{7B2F6D31-61A6-41AA-B4C8-2210C06C5077}" = dir=in | name=vevo | 
"{7BAC6801-B06F-45F7-93CD-8C61CB2E0FBC}" = dir=out | name=@{microsoft.bingweather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{7C11F2CB-D3F2-4609-A7CC-F84E4F57B87C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{7CAAF810-C327-48F0-8E05-A7802645BD00}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{7EE848E5-B509-4DFA-B803-63429E6C4DF1}" = dir=out | name=facebook | 
"{84CB4F8D-6073-4D61-A5A4-87DE539D5183}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe | 
"{8606659B-163E-47D2-A185-1B5B20709DD6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{86FF99FA-CD62-48F2-8C06-927EED837256}" = dir=out | name=@{microsoft.bingfinance_3.0.2.234_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | 
"{8935BED5-0A4A-4284-BBB7-FB30BEFA88B7}" = dir=out | name=@{microsoft.zunevideo_2.2.886.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{8A11E246-AE0F-4596-B336-F4C1BA70059D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rust\rust.exe | 
"{8AB46392-62A7-4A90-BC80-BC78BDA7DFFD}" = dir=out | name=vevo | 
"{8FFD15BE-51A6-4224-9DE6-5B54C0B80353}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{92844DAE-56A4-4496-9458-4CCBEDA8E78E}" = dir=out | name=skype | 
"{93920E55-EF90-4A3E-9301-02F13CDA49A4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe | 
"{9493F336-6765-4468-87C8-6EBE03CB738F}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{9532F82E-31A1-49BF-A220-030210DACA82}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rust\rust.exe | 
"{993EFA42-47AC-46DE-8B3A-F981E96C7363}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 
"{9C901028-6689-4C48-ABD0-EB9393C17DBE}" = dir=out | name=skype | 
"{9DB3DA0E-D031-455E-9A9F-4EAD7928B836}" = protocol=17 | dir=in | app=c:\program files\app dynamic\airserver\airserver.exe | 
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{9ED33570-AEC3-4ED8-AE0A-6E749C69FCEE}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{9FF2F17E-533F-4722-9FD7-5059B788ED76}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\game dev tycoon\gamedevtycoon.exe | 
"{A0B98C51-7BEC-4B7F-8C5D-7A5CEB51BFB7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{A2C169C5-3167-4F67-8266-4C80F1F9DE27}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | 
"{A43E7DB9-EADB-4A87-A9F0-32E0889D560C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{A4A102F6-0D5A-4805-8980-F458B3260FB3}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{A76D59AE-A93C-4667-9638-24DA45F7F3A1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\universe sandbox\universe sandbox.exe | 
"{A8414290-CE6D-4ED8-9A1D-4A456A9ABFFC}" = dir=out | name=hulu plus | 
"{AB15F21C-619C-42A4-99F9-27D0A4D30700}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{AD0648EA-50A9-4782-A605-2EF4CFF32716}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{AE891476-2471-4334-920F-95D40C259A39}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\day of defeat source\hl2.exe | 
"{AED9AF18-67B2-4F6C-ABC8-D584E56F93D5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{B02ACA8F-F21C-4326-A0B2-EEFAE0ECD524}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe | 
"{B07C2A42-C679-4C69-AC2A-0DAA7E8FD2B7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\day of defeat source\hl2.exe | 
"{B0A8EC02-EBFE-4613-AB32-2E71E4E82229}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{B29E679D-0F51-4486-BAAB-AA9F58EE7131}" = dir=out | name=@{microsoft.bingsports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | 
"{B2AFDDC8-A174-41FE-9936-289F33B556C1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B47C3773-CE94-4E29-BE84-64AE39284FB7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount and blade warband - demo\mb_warband.exe | 
"{B4F12440-8580-43E3-9403-43494FE4C539}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{B52839B3-ED47-486F-8559-A7C790854948}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe | 
"{B5998A43-9F99-4575-86D0-2C50ED0F8ACA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{B73E4EA1-AD43-4925-A590-A3F03D30C146}" = dir=in | name=skype | 
"{B79512F6-4A2C-47A3-BA83-92FC0AC8DDE9}" = dir=out | name=@{61908richardwalters.calculator_3.0.0.0_neutral__486nvj664v5b0?ms-resource://61908richardwalters.calculator/resources/apptitle} | 
"{B8D7C6AD-8596-47A6-AACB-0B9790D7ACAD}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | 
"{B908CE04-2FC9-4F6C-8DC1-BE88D63A9EC8}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | 
"{B928298A-0268-4AE4-88AC-0616D422DB07}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | 
"{B977ADC8-B9CA-4BF7-8B2E-6AC72D3F91F4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe | 
"{B9F94145-6C5E-443C-9F36-E457932C5A99}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe | 
"{BC288E97-48F7-4544-A920-846C97C47825}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{BCD8C294-AF1D-49CD-ADAD-BEF39FBA4EE9}" = dir=out | name=netflix | 
"{BDEDC2A9-14C7-49C7-9EFC-8D7F25B116EE}" = dir=out | name=twitter | 
"{BE07275E-D5C0-49C3-9823-8FE1ABB9B9BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | 
"{BEA95BC2-8D9C-475D-965A-2A2AFF9F94C8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C04350E9-7F62-4624-AA70-1558FED304D1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C0AFF1E4-08D4-4665-A0F9-415AFE0C7552}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{C0C6A00F-EB91-4812-91F3-8D9D7C945381}" = dir=in | name=realplayer cloud | 
"{C35D94A5-68D5-4BBD-A89B-14A4EF6500FD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{C5345323-7C7D-4423-A12A-300D176118A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{C6993A13-2E2E-4A70-BCB7-FE418CF24474}" = dir=in | name=skype | 
"{C7B0CD30-47A2-426B-918B-23F9787F553E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe | 
"{CC3596B6-8A39-4EEC-A0F3-F37F3712E8D4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{CD1A083D-A734-4AB1-B776-CAE44B51D5B5}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{CD1F12E3-92DA-40FA-9525-76C1841941C0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CFAAA3CD-EB7C-43F1-A3E9-907F609E4A2B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{CFCB6009-4A56-45DC-9163-44C3CAD17436}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{D06A1D2C-D3DB-4307-A75F-EC5560279948}" = protocol=6 | dir=in | app=c:\program files\app dynamic\airserver\airserver.exe | 
"{D1456333-112C-40D3-A00A-1649D4447BA6}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{D1E82C9F-AF80-4811-A830-EB48A6BD0461}" = protocol=6 | dir=out | app=system | 
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | 
"{D7689141-59BF-471D-B072-9DFC77A5E828}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | 
"{D8464CE7-D9AE-43FC-BB00-FC4E173A6D94}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | 
"{DD189405-005D-465B-93A9-2A1C02664DC6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{DD486B5A-AA72-4AAA-B938-CB2F16851292}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{DD63ADA9-7917-4457-87CB-1D23E66DB5B6}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.236_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{DDA0BDFA-8E3A-46D2-BE6A-AC0BECF4A1B2}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | 
"{E0111425-4930-4C07-9248-6F1409A775B7}" = dir=out | name=@{microsoft.bingnews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | 
"{E1147935-6B06-444D-94C6-9F7BA99D16F3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{E2058C5E-FC5B-4C9D-9D25-67C3C23ED555}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{E2F98E66-16F6-4915-8302-E1A21014BF24}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\game dev tycoon\gamedevtycoon.exe | 
"{E5815B88-F865-4970-9D8F-94A5729C8462}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{E77BB6C3-EFAE-4DCB-B060-C4CCE49705F7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{E7DF3CE9-E2DF-4EAA-975D-9C081DC2D463}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{E7E73CA0-B023-4DE4-8583-DA1D61EA7663}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{E86AC6C5-B2AB-401E-A5C8-ABFB25DF349E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | 
"{EDE53B72-5B3F-4A60-B239-3120F9624D67}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe | 
"{EDFBE1EA-7413-48C5-9E3F-3F4275320207}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{EEADC23C-F0E4-4BBC-B49F-B0A8412D97A3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{EF7615F5-996F-427C-9078-090D648BA15C}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20321_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{F0C75FD3-AE1F-434F-94B8-8D0C8C71362D}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{F22874AA-C906-44BD-A231-45DAEA008802}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | 
"{F37CE467-04C1-4482-8AAC-C3DA51C8E536}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cities xl platinum\citiesxl_platinum.exe | 
"{F3D76CE3-BF16-4BAF-A1B9-500B3C3DD41D}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | 
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | 
"{F78DFBAE-4984-4343-9585-81C00DC0BD47}" = protocol=6 | dir=in | app=c:\users\elijah\appdata\local\google\google talk plugin\googletalkplugin.exe | 
"{F975625E-4F69-492F-B570-912DBA321F12}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\game dev tycoon\gamedevtycoon.exe | 
"{FB4FFBF2-6738-4087-9B18-901A52B724D3}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | 
"{FBC1CCBB-DA8F-48D9-83DF-0B8F8B11628D}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{FF7C7C37-7169-4D43-8012-896B91EDCF26}" = dir=out | name=skype | 
"TCP Query User{0BDF0F61-EB1B-49AD-BEAE-554C4F50187E}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{187C2D97-D0C8-412F-9BE3-C9DFD456C080}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"TCP Query User{1B290E71-6334-435C-A6B7-89C3413C72F0}C:\users\elijah\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\elijah\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{296EE14F-864C-44B8-AB05-54449955BB3E}C:\users\elijah\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\elijah\appdata\roaming\utorrent\utorrent.exe | 
"TCP Query User{484B6DD7-99C0-4963-8079-9286459E9729}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | 
"TCP Query User{7BBC58FD-0E24-4A8A-908B-C87EDDD5F424}C:\program files (x86)\goat simulator\binaries\win32\goatgame-win32-shipping.exe" = protocol=6 | dir=in | app=c:\program files (x86)\goat simulator\binaries\win32\goatgame-win32-shipping.exe | 
"TCP Query User{B033ED79-AB6F-4B96-ABCB-92DD2D719D20}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"TCP Query User{C0CD757A-16BB-447A-9B6A-46CAB50184F0}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\aces.exe | 
"TCP Query User{E63710CF-59CF-4237-A561-BF5B32A577F4}C:\users\elijah\desktop\other files\shairport4w.exe" = protocol=6 | dir=in | app=c:\users\elijah\desktop\other files\shairport4w.exe | 
"UDP Query User{1A66142E-98A9-4FBF-A9FF-F4C61900BCDF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"UDP Query User{292C8680-FA81-43F9-A4D4-5219C50F6959}C:\users\elijah\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\elijah\appdata\roaming\utorrent\utorrent.exe | 
"UDP Query User{342D1823-1952-4F18-A06C-7A5760923A19}C:\program files (x86)\goat simulator\binaries\win32\goatgame-win32-shipping.exe" = protocol=17 | dir=in | app=c:\program files (x86)\goat simulator\binaries\win32\goatgame-win32-shipping.exe | 
"UDP Query User{5843C418-C944-466E-99DE-FE0A3C4AFF65}C:\users\elijah\desktop\other files\shairport4w.exe" = protocol=17 | dir=in | app=c:\users\elijah\desktop\other files\shairport4w.exe | 
"UDP Query User{6741166D-267D-4BBB-B8BC-81CE8F1774D9}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"UDP Query User{720DBF0B-2058-4FD5-9720-6AFBAA049C57}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{8BBA5775-1F8E-4C60-B363-DAF6494D1C79}C:\users\elijah\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\elijah\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{B4EF3171-0BAE-4E71-8DC6-74BED5B50FDF}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\aces.exe | 
"UDP Query User{D629E58B-08B4-4C9E-A237-451520CDEFD0}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07B1B937-E06F-40A6-8D43-21B0F6C5BB4A}" = Reflector
"{1CF5754A-545B-4360-BFDE-2847BC728DFC}" = iTunes
"{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE}" = Windows App Certification Kit Native Components
"{1D74EFC0-14AD-4E6C-9E04-B76B055D2373}" = AirServer (64-bit)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3F5F509B-E226-417C-8CD1-CAAE756C328A}" = paint.net 4.0 Pre-Release
"{5247E16E-BCF8-95AB-1653-B3F8FBF8B3F1}" = Windows Software Development Kit DirectX x64 Remote
"{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}" = Oracle VM VirtualBox 4.3.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{77F3D72C-465F-BD51-890E-CC3914B1365F}" = Application Verifier x64 External Package
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{96F4525A-470D-F15C-796E-58D9988C3E5F}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AA9AA7B4-08A9-4959-B930-B40C9F5C7B75}" = AVG 2014
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 335.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"DiskAid_is1" = DiskAid 6.6.5.0
"NVIDIA Drivers" = NVIDIA Drivers
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"Unlocker" = Unlocker 1.9.2
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00088AC6-BE9B-3CBD-710C-59A19EEF743E}" = Windows Debugging WDK Integration
"{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{173A2B7F-535A-4403-A454-B41531EF0D7F}" = Remote Desktop Connection Manager
"{19A5926D-66E1-46FC-854D-163AA10A52D3}" = Microsoft .NET Framework 4.5.1 SDK
"{1F5C7BAE-1E1A-7C93-1B90-84CE308AFC1C}" = Windows Software Development Kit EULA
"{217CEB43-6D22-3E1F-A311-DC0D7BFEE0A2}" = Google Talk Plugin
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1" = PhoneClean 3.3.0
"{2fc72c67-2837-46c2-b20a-9acb0d3cb2b2}" = Windows Software Development Kit for Windows 8.1
"{34B86C7D-4103-201B-3A13-03934DB11543}" = Windows Software Development Kit Redistributables
"{37464E70-B0B9-9DFF-649A-CBE169BAD657}" = Windows Software Development Kit for Windows Store Apps
"{3dc7f3f2-a866-494c-8291-b9681331cd07}" = Windows Driver Kit for Windows 8.1
"{418BAAD1-754D-48B4-B078-46EF4F25AF42}" = Google Drive
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4C02AFA8-074D-44FE-B0E1-A73D4AA65390}" = BlueStacks Notification Center
"{4E62123C-4C0D-4123-A8A2-C0103B92D7EA}" = Should I Remove It
"{56AD3004-0B49-967F-F682-B05650B61A78}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{64F3FB9A-9250-B2D6-00B4-50BE0358AEE8}" = WPT Redistributables
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76FE8B7C-F485-32E3-1C48-24D7C5C80431}" = Windows Driver Kit ARM Additions MSBuild Content Dev12
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{8240E54B-793A-4BAE-9BEA-F2AE29F26B63}" = Microsoft Windows Build 9600 Retail Debugging Symbols for WOA
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8E375811-FAF8-5184-A42E-BD603311612D}" = Windows Driver Kit
"{9274C832-3D8A-A294-FDE8-8B9272357098}" = SDK Debuggers
"{984022F2-9BCA-A41D-6A38-1AE658F01415}" = Windows Software Development Kit
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C54B435-BFA9-1C06-669F-594F850F3CD1}" = SDK ARM Additions
"{A1CB8286-CFB3-A985-D799-721A0F2A27F3}" = Windows Software Development Kit DirectX x86 Remote
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA3E20AB-4B22-7EEC-026C-96A0ADBEFE0D}" = SDK ARM Additions EULA
"{AEE20A82-CE63-2F30-9DAD-088B1F5CB425}" = Windows Driver Kit MSBuild Content Dev12
"{B74E65FD-CC47-41C5-4B89-791A3F61942D}" = Kits Configuration Installer
"{BDBF8594-262B-B8C6-77BA-0FE6F81D134B}" = SDK Debuggers ARM
"{BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB}" = WPTx64
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{CA224520-8EB9-DD51-768E-5E14AECEB19B}" = SDK ARM Redistributables
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CF3A1CA6-5E5E-B4BD-6CF1-363056816CA2}" = MSI Development Tools
"{D1D37853-0004-3E36-A7AA-74F4EEA35F64}" = Microsoft .NET Framework 4.5.1 Multi-Targeting Pack
"{D35D0DC1-AEED-BE3C-C187-F2C42582EE49}" = Windows Driver Kit ARM Additions Dev12
"{D9DAD0FF-495A-472B-9F10-BAE430A26682}" = Apple Application Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F395FD4F-40E5-7B56-2BCB-B3CF52B3B52C}" = Windows App Certification Kit x64
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Audacity_is1" = Audacity 2.0.5
"BlueStacks App Player" = BlueStacks App Player
"Cloud System Booster" = Cloud System Booster
"Euro Truck Simulator 2_is1" = Euro Truck Simulator 2 version 1.9.22s + 3 DLC
"Google Chrome" = Google Chrome
"iFunBox 2014_is1" = iFunBox 2014 (v3.1.562.425), iFunbox DevTeam
"IObitUninstall" = IObit Uninstaller
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Notepad++" = Notepad++
"Origin" = Origin
"Razer Game Booster_is1" = Razer Game Booster
"Razer Surround" = Razer Surround
"ResourceHacker_is1" = Resource Hacker Version 3.6.0
"Smart Defrag 3_is1" = Smart Defrag 3
"SpeedFan" = SpeedFan (remove only)
"Steam" = Steam
"Steam App 208090" = Loadout
"Steam App 211820" = Starbound
"Steam App 231140" = Cities XL Platinum
"Steam App 236390" = War Thunder
"Steam App 251570" = 7 Days to Die
"Steam App 252490" = Rust
"Steam App 4000" = Garry's Mod
"Steam App 440" = Team Fortress 2
"Steam App 48710" = Mount and Blade Warband - Demo
"Steam App 730" = Counter-Strike: Global Offensive
"TeamViewer 9" = TeamViewer 9
"UltraUXThemePatcher" = UltraUXThemePatcher
"Visual Subst" = Visual Subst
"VLC media player" = VLC media player 2.1.3
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1" = ChromecastApp
"978ebae4705a27c4" = Rdio
"Should I Remove It 1.0.4" = Should I Remove It
"Spotify" = Spotify
"StartIsBack" = StartIsBack+
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 5/20/2014 7:33:32 PM | Computer Name = DELL-PC | Source = Application Error | ID = 1000
Description = Faulting application name: taskhost.exe, version: 6.3.9600.17031, 
time stamp: 0x53087135  Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055,
 time stamp: 0x532954fb  Exception code: 0xe06d7363  Fault offset: 0x0000000000005bf8
Faulting
 process id: 0xcc  Faulting application start time: 0x01cf7483d3de8b72  Faulting application
 path: C:\WINDOWS\system32\taskhost.exe  Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll
Report
 Id: 26f74ee5-e077-11e3-8303-0024e80aab2b  Faulting package full name:   Faulting package-relative
 application ID: 
 
Error - 5/20/2014 8:09:36 PM | Computer Name = DELL-PC | Source = Application Error | ID = 1000
Description = Faulting application name: taskhost.exe, version: 6.3.9600.17031, 
time stamp: 0x53087135  Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055,
 time stamp: 0x532954fb  Exception code: 0xe06d7363  Fault offset: 0x0000000000005bf8
Faulting
 process id: 0xf14  Faulting application start time: 0x01cf7488f2a62802  Faulting application
 path: C:\WINDOWS\system32\taskhost.exe  Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll
Report
 Id: 30d93083-e07c-11e3-8303-0024e80aab2b  Faulting package full name:   Faulting package-relative
 application ID: 
 
Error - 5/21/2014 3:45:19 PM | Computer Name = DELL-PC | Source = BstHdAndroidSvc | ID = 0
Description = Service cannot be started. System.ApplicationException: Cannot start
 service.  Service did not stop gracefully the last time it was run.     at BlueStacks.hyperDroid.Service.Service.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 5/21/2014 3:47:35 PM | Computer Name = DELL-PC | Source = Software Protection Platform Service | ID = 8198
Description = License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line
 arguments:  RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error - 5/21/2014 3:48:27 PM | Computer Name = DELL-PC | Source = Software Protection Platform Service | ID = 8198
Description = License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line
 arguments:  RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error - 5/21/2014 3:49:33 PM | Computer Name = DELL-PC | Source = Application Error | ID = 1000
Description = Faulting application name: taskhost.exe, version: 6.3.9600.17031, 
time stamp: 0x53087135  Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055,
 time stamp: 0x532954fb  Exception code: 0xe06d7363  Fault offset: 0x0000000000005bf8
Faulting
 process id: 0xb90  Faulting application start time: 0x01cf752d9967d0b7  Faulting application
 path: C:\WINDOWS\system32\taskhost.exe  Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll
Report
 Id: 0734a8d5-e121-11e3-8304-0024e80aab2b  Faulting package full name:   Faulting package-relative
 application ID: 
 
Error - 5/21/2014 4:00:18 PM | Computer Name = DELL-PC | Source = Application Error | ID = 1000
Description = Faulting application name: taskhost.exe, version: 6.3.9600.17031, 
time stamp: 0x53087135  Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055,
 time stamp: 0x532954fb  Exception code: 0xe06d7363  Fault offset: 0x0000000000005bf8
Faulting
 process id: 0xba8  Faulting application start time: 0x01cf752f44f1bc54  Faulting application
 path: C:\WINDOWS\system32\taskhost.exe  Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll
Report
 Id: 87eab167-e122-11e3-8304-0024e80aab2b  Faulting package full name:   Faulting package-relative
 application ID: 
 
Error - 5/21/2014 4:17:44 PM | Computer Name = DELL-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.69.0 stopped interacting with Windows
 and was closed. To see if more information about the problem is available, check
 the problem history in the Action Center control panel.    Process ID: 1288    Start Time:
 01cf75315c418b8c    Termination Time: 4294967295    Application Path: C:\Users\Elijah\Desktop\OTL.exe
 
Report
 Id: f6b8939c-e124-11e3-8304-0024e80aab2b    Faulting package full name:     Faulting package-relative
 application ID:   
 
[ OAlerts Events ]
Error - 12/13/2013 11:46:17 PM | Computer Name = Deborah-PC | Source = Microsoft Office 15 Alerts | ID = 300
Description = New App for Office This app comes from the Office Store. It will have
 access to the contents of this document if you choose Start. P1: Apps for Office
P2:
 15.0.4420.1017 P3: 0x80042FAC P4:  
 
Error - 12/13/2013 11:47:15 PM | Computer Name = Deborah-PC | Source = Microsoft Office 15 Alerts | ID = 300
Description = New App for Office This app comes from the Office Store. It will have
 access to the contents of this document if you choose Start. P1: Apps for Office
P2:
 15.0.4420.1017 P3: 0x80042FAC P4:  
 
Error - 2/27/2014 7:35:57 PM | Computer Name = DELL-PC | Source = Microsoft Office 15 Alerts | ID = 300
Description = New App for Office This app comes from the Office Store. If you trust
 it, it will have access to the contents of any documents where this app is included.
 See more. P1: Apps for Office P2: 15.0.4569.1504 P3: 0x80042FAC P4:  
 
[ System Events ]
Error - 5/21/2014 3:45:16 PM | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7001
Description = The MBAMService service depends on the MBAMProtector service which
 failed to start because of the following error:   %%193
 
Error - 5/21/2014 3:45:19 PM | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
 error:   %%1064
 
Error - 5/21/2014 3:46:15 PM | Computer Name = DELL-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 5/21/2014 3:46:16 PM | Computer Name = DELL-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 5/21/2014 3:46:16 PM | Computer Name = DELL-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 5/21/2014 3:46:16 PM | Computer Name = DELL-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 5/21/2014 3:46:16 PM | Computer Name = DELL-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 5/21/2014 3:46:55 PM | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7034
Description = The LiveUpdate service terminated unexpectedly.  It has done this 
1 time(s).
 
Error - 5/21/2014 3:47:07 PM | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
 Client Service service to connect.
 
Error - 5/21/2014 3:47:07 PM | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
 error:   %%1053
 
 
< End of report >
 


#5 Jo*

Jo*

  • Malware Response Team
  • 3,429 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:57 PM

Posted 21 May 2014 - 03:50 PM

Hello ThatElijahGuy,

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#6 ThatElijahGuy

ThatElijahGuy
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:57 PM

Posted 21 May 2014 - 05:45 PM

Dear Jo,
 
For the Malware-Bytes Anti-Rookit nothing was found.
 
--
 
# AdwCleaner v3.210 - Report created 21/05/2014 at 18:42:22
# Updated 19/05/2014 by Xplode
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : Elijah - DELL-PC
# Running from : C:\Users\Elijah\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17037
 
 
-\\ Google Chrome v34.0.1847.137
 
[ File : C:\Users\Mod Edit\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R2].txt - [1347 octets] - [17/03/2014 09:09:10]
AdwCleaner[R3].txt - [1379 octets] - [02/05/2014 20:41:01]
AdwCleaner[R4].txt - [1171 octets] - [04/05/2014 22:05:17]
AdwCleaner[R5].txt - [884 octets] - [21/05/2014 18:42:22]
AdwCleaner[S2].txt - [1371 octets] - [02/05/2014 20:46:00]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [1003 octets] ##########
 
--
Popups are still going in all browsers. (As you see above, I have used AdwCleaner in past times not directed by anybody exception of research when I had no problem).

Edited by boopme, 23 May 2014 - 09:21 PM.
Removed at OP request


#7 Jo*

Jo*

  • Malware Response Team
  • 3,429 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:57 PM

Posted 22 May 2014 - 03:20 AM

Hello ThatElijahGuy,


Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Run OTL again.
  • Double click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#8 ThatElijahGuy

ThatElijahGuy
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:57 PM

Posted 22 May 2014 - 04:20 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Pro x64
Ran by Elijah on Thu 05/22/2014 at 16:54:39.97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 05/22/2014 at 16:58:55.87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

OTL logfile created on: 5/22/2014 4:59:49 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Elijah\Desktop
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 2.10 Gb Available Physical Memory | 55.99% Memory free
5.37 Gb Paging File | 3.37 Gb Available in Paging File | 62.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.48 Gb Total Space | 345.08 Gb Free Space | 59.34% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 14.50 Gb Free Space | 99.02% Space Free | Partition Type: NTFS
 
Computer Name: DELL-PC | User Name: Elijah | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Elijah\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Elijah\AppData\Local\StartIsBack\StartScreen.exe (www.startisback.com)
PRC - C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
PRC - C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe (Anvisoft)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (BstHdUpdaterSvc) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (RzKLService) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
SRV - (AnviCsbSvc) -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe (Anvisoft)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (Te.Service) -- C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation)
SRV - (fussvc) -- C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MWAC) -- C:\WINDOWS\SysNative\drivers\ [2014/05/22 16:51:29 | 000,000,000 | ---D | M]
DRV:64bit: - (MBAMProtector) -- C:\WINDOWS\SysNative\drivers\ [2014/05/22 16:51:29 | 000,000,000 | ---D | M]
DRV:64bit: - (MQAC) -- C:\Windows\SysNative\drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (RZMAELSTROMVADService) -- C:\Windows\SysNative\drivers\RzMaelstromVAD.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys (IObit)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- C:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatformMp) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (VBAudioVACMME) -- C:\Windows\SysNative\drivers\vbaudio_cable64_win7.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL63AL.SYS (Broadcom Corporation)
DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (tapoas) -- C:\Windows\SysNative\drivers\tapoas.sys (The OpenVPN Project)
DRV:64bit: - (NW1900) -- C:\Windows\SysNative\drivers\NW1900.sys (NextWindow Limited)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (UnlockerDriver5) -- C:\Program Files\Unlocker\UnlockerDriver5.sys ()
DRV:64bit: - (FXOSDDRV) -- C:\Windows\SysNative\drivers\FxOSDdrv64.sys (Foxconn Group)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Almico Software)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
IE - HKCU\..\SearchScopes,DefaultScope = {F490F778-177A-41DE-B606-0BCC7F752FCF}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{8EE5F13B-07D4-4C1A-858A-BEE4C8A6E6D7}: "URL" = https://duckduckgo.com/?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Elijah\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Elijah\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Elijah\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Elijah\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Elijah\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\anvisoft.com/AdblockPlugin: C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll File not found
 
 
[2014/04/25 13:23:58 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Widevine Content Decryption Module (Disabled) = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll
CHR - plugin: Mixesoft Click&Clean Plug-In (Enabled) = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\plugin/npccch32.dll
CHR - plugin: Bitdefender QuickScan (Disabled) = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\plugin/npqscan.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2013 (Disabled) = C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Disabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java Deployment Toolkit 7.0.550.14 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U55 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Disabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Disabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Elijah\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Elijah\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
CHR - plugin: Google Talk Plugin (Disabled) = C:\Users\Elijah\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Renderer (Disabled) = C:\Users\Elijah\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
CHR - Extension: Magic Actions for YouTubeâ„¢ = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\6.7.7_0\
CHR - Extension: Google Drive = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Cast = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\14.421.1.1_0\
CHR - Extension: Mancala = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjlhjhpnhabnfepdfemepiilbjbkecpe\1.0.5_0\
CHR - Extension: Spotify - Music for every moment = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh\0.2.3_0\
CHR - Extension: Google Search = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Netflix = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh\1.0.0.2_0\
CHR - Extension: Google News = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc\3.0_0\
CHR - Extension: MaskMe = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.40.353_0\
CHR - Extension: No name found = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi\1.213.1_0\
CHR - Extension: Click&Clean = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\
CHR - Extension: AdBlock = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.34_0\
CHR - Extension: Deathamns = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab\0.9.8.9_0\
CHR - Extension: OneDrive = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk\1.0.4_0\
CHR - Extension: Google Wallet = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: WeVideo - Video Editor and Maker = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb\3.3.3_0\
CHR - Extension: Picasa = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Click&Clean App = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.5_0\
CHR - Extension: Gmail = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: No name found = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pofoighmmpljaikjiidkkfhldjndfdbk\3.6.7_0\
 
O1 HOSTS File: ([2014/05/18 20:47:03 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [InstallerLauncher] "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe" File not found
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Elijah\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 184.107.180.178 50.30.37.164 207.255.0.43
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FD22285-FE1C-44BF-9A4C-EE6DACBB4103}: DhcpNameServer = 184.107.180.178 50.30.37.164 207.255.0.43
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABBD440E-4FEE-4C1E-BF6F-1386E476613C}: DhcpNameServer = 184.107.180.178 50.30.37.164 207.255.0.43
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[7513/04/28 11:11:21 | 000,000,000 | ---D | C] -- C:\WIN NETWORK FILE
[2014/05/22 16:54:06 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Elijah\Desktop\JRT.exe
[2014/05/22 16:51:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2014/05/22 16:51:25 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2014/05/21 18:09:47 | 000,000,000 | ---D | C] -- C:\Users\Elijah\Desktop\mbar
[2014/05/21 15:58:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Elijah\Desktop\OTL.exe
[2014/05/21 15:50:54 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Mozilla
[2014/05/18 21:17:56 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UltraUXThemePatcher
[2014/05/18 21:17:55 | 002,862,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll.backup
[2014/05/18 21:17:55 | 002,862,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll
[2014/05/18 21:17:55 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxinit.dll.backup
[2014/05/18 21:17:55 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxinit.dll
[2014/05/18 21:17:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UltraUXThemePatcher
[2014/05/18 21:17:54 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll.backup
[2014/05/18 21:17:54 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2014/05/18 21:14:17 | 000,000,000 | ---D | C] -- C:\Users\Elijah\Desktop\imac  64 bit version
[2014/05/18 21:03:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/18 20:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/05/18 20:32:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/05/18 20:32:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/05/18 20:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/05/17 11:55:50 | 000,693,240 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/05/17 11:55:50 | 000,105,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/16 22:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/16 18:58:52 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Anvisoft
[2014/05/16 18:48:01 | 000,052,752 | ---- | C] (Anvisoft) -- C:\WINDOWS\SysNative\drivers\asd2fsm.sys
[2014/05/16 18:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2014/05/16 18:44:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2014/05/16 18:44:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2014/05/15 03:59:36 | 000,047,632 | ---- | C] (Anvisoft) -- C:\WINDOWS\SysNative\drivers\asdids.sys
[2014/05/14 09:28:20 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wusa.exe
[2014/05/14 09:28:20 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wusa.exe
[2014/05/14 09:28:18 | 000,257,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/05/14 09:28:17 | 000,123,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/05/14 09:28:16 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/05/14 09:27:46 | 013,288,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/05/14 09:27:46 | 000,921,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/05/14 09:27:45 | 011,792,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/05/14 09:27:45 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/05/14 09:27:45 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/05/14 09:27:44 | 001,705,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/05/14 09:27:44 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2014/05/14 09:27:44 | 000,827,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/05/14 09:27:44 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/05/14 09:27:44 | 000,555,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2014/05/14 09:27:44 | 000,419,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2014/05/14 09:27:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/05/14 09:27:44 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/05/14 09:27:43 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2014/05/14 09:27:43 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/05/14 09:27:43 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/14 09:27:43 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2014/05/14 09:27:43 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/14 09:27:43 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/05/14 09:27:43 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/05/14 09:27:43 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/05/14 09:27:42 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/05/14 09:27:42 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/05/14 09:27:42 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSReset.exe
[2014/05/14 09:27:42 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/05/14 09:27:42 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014/05/14 09:26:48 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/05/14 09:26:46 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/14 09:26:27 | 000,086,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mrt_map.dll
[2014/05/14 09:26:27 | 000,080,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mrt_map.dll
[2014/05/14 09:26:27 | 000,028,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mrt100.dll
[2014/05/14 09:26:27 | 000,026,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mrt100.dll
[2014/05/12 00:03:36 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
[2014/05/09 21:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\Hyper-V
[2014/05/09 21:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\msmq
[2014/05/09 21:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\BestPractices
[2014/05/09 21:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\BestPractices
[2014/05/09 21:28:08 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hyper-V Management Tools
[2014/05/09 21:28:03 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa.tlb
[2014/05/09 21:28:03 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa30.tlb
[2014/05/09 21:28:03 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa20.tlb
[2014/05/09 21:28:03 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa10.tlb
[2014/05/09 21:28:02 | 000,606,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqsnap.dll
[2014/05/09 21:28:02 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisRtl.dll
[2014/05/09 21:28:02 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ahadmin.dll
[2014/05/09 21:28:02 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\admwprox.dll
[2014/05/09 21:28:02 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisreset.exe
[2014/05/09 21:28:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wamregps.dll
[2014/05/09 21:28:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqcertui.dll
[2014/05/09 21:28:01 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisrstap.dll
[2014/05/09 21:27:59 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mqac.sys
[2014/05/09 21:27:59 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisRtl.dll
[2014/05/09 21:27:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\admwprox.dll
[2014/05/09 21:27:58 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqrt.dll
[2014/05/09 21:27:58 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ahadmin.dll
[2014/05/09 21:27:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisreset.exe
[2014/05/09 21:27:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wamregps.dll
[2014/05/09 21:27:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisrstap.dll
[2014/05/09 21:27:57 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmconnect.exe
[2014/05/09 21:27:57 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa.dll
[2014/05/09 21:27:57 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsec.dll
[2014/05/09 21:27:57 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqad.dll
[2014/05/09 21:27:57 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqcmiplugin.dll
[2014/05/09 21:27:57 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqmigplugin.dll
[2014/05/09 21:27:56 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqutil.dll
[2014/05/09 21:27:56 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqlogmgr.dll
[2014/05/09 21:27:53 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemoteFileBrowse.dll
[2014/05/09 21:27:53 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa.tlb
[2014/05/09 21:27:53 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa30.tlb
[2014/05/09 21:27:53 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa20.tlb
[2014/05/09 21:27:53 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa10.tlb
[2014/05/09 21:27:52 | 000,788,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsnap.dll
[2014/05/09 21:27:51 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqcertui.dll
[2014/05/09 21:27:50 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa.dll
[2014/05/09 21:27:49 | 001,408,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqqm.dll
[2014/05/09 21:27:49 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqrt.dll
[2014/05/09 21:27:48 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqsec.dll
[2014/05/09 21:27:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqad.dll
[2014/05/09 21:27:48 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqmigplugin.dll
[2014/05/09 21:27:48 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqcmiplugin.dll
[2014/05/09 21:27:47 | 000,563,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqutil.dll
[2014/05/09 21:27:44 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqbkup.exe
[2014/05/09 21:27:44 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsvc.exe
[2014/05/06 22:16:39 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/06 22:16:16 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/05/06 18:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/05/06 18:39:48 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/05/06 18:39:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/05/06 18:29:06 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Opera Software
[2014/05/06 18:29:05 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Opera Software
[2014/05/06 18:28:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2014/05/05 20:23:14 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2014/05/05 20:23:10 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2014/05/05 20:23:10 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2014/05/05 20:23:10 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/05/05 20:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/05/05 19:35:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014/05/05 17:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirServer (64-bit)
[2014/05/05 17:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\App Dynamic
[2014/05/05 17:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Reflector
[2014/05/05 17:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Reflection
[2014/05/05 17:33:06 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Reflector
[2014/05/05 17:31:29 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reflector
[2014/05/05 17:31:28 | 000,000,000 | ---D | C] -- C:\Program Files\Reflector
[2014/05/05 16:43:49 | 000,773,632 | ---- | C] (Robert Simpson, et al.) -- C:\Users\Elijah\AppData\Roaming\System.Data.SQLite.dll
[2014/05/04 22:00:58 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/05/04 22:00:48 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/05/04 22:00:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/05/04 20:01:00 | 000,000,000 | ---D | C] -- C:\Users\Elijah\.VirtualBox
[2014/05/03 23:40:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2014/05/03 14:07:59 | 000,000,000 | ---D | C] -- C:\Users\Elijah\Documents\7 Days To Die
[2014/05/03 09:05:09 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\WINDOWS\SysNative\bdsandboxuiskin32.dll
[2014/05/03 08:46:53 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2014/05/03 08:46:46 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\capicom.dll
[2014/05/03 08:46:46 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\WINDOWS\SysWow64\bdsandboxuiskin32.dll
[2014/05/03 08:33:48 | 000,084,848 | ---- | C] (BitDefender SRL) -- C:\WINDOWS\SysNative\BDSandBoxUISkin.dll
[2014/05/03 08:33:48 | 000,034,384 | ---- | C] (BitDefender SRL) -- C:\WINDOWS\SysNative\BDSandBoxUH.dll
[2014/05/03 08:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2014/05/03 08:33:29 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\QuickScan
[2014/05/03 08:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2014/05/03 08:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
[2014/05/03 08:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/05/03 07:27:19 | 000,000,000 | ---D | C] -- C:\Users\Elijah\Documents\My Cheat Tables
[2014/05/02 21:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2014/05/02 21:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2014/05/02 21:09:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2014/05/02 21:08:32 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Bluestacks
[2014/05/02 20:41:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/05/02 20:40:32 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/05/02 20:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Elijah\AppData\Local\EmieUserList
[2014/05/02 20:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Elijah\AppData\Local\EmieSiteList
[2014/05/01 15:59:13 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/05/01 15:59:11 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/04/28 21:31:50 | 016,875,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/04/28 21:31:48 | 001,291,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014/04/28 21:31:47 | 001,112,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/04/28 21:31:47 | 000,376,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2014/04/28 21:31:45 | 012,732,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/04/28 21:31:42 | 008,653,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/04/28 21:31:42 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/04/28 21:31:41 | 000,157,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wof.sys
[2014/04/28 21:31:40 | 007,425,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/04/28 21:31:37 | 006,641,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/04/28 21:31:36 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/04/28 21:31:36 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/04/28 21:31:33 | 005,770,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/04/28 21:31:33 | 002,900,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014/04/28 21:31:32 | 004,268,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/04/28 21:31:31 | 002,270,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014/04/28 21:31:30 | 002,641,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/04/28 21:31:30 | 002,373,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2014/04/28 21:31:29 | 002,141,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014/04/28 21:31:29 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/04/28 21:31:29 | 002,088,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2014/04/28 21:31:29 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/04/28 21:31:28 | 002,317,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/04/28 21:31:28 | 001,542,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2014/04/28 21:31:27 | 001,411,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/04/28 21:31:27 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWfdProvider.dll
[2014/04/28 21:31:26 | 001,779,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014/04/28 21:31:26 | 001,764,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014/04/28 21:31:26 | 001,129,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/04/28 21:31:26 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/04/28 21:31:25 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2014/04/28 21:31:25 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/04/28 21:31:24 | 001,023,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/04/28 21:31:24 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2014/04/28 21:31:24 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/04/28 21:31:24 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2014/04/28 21:31:23 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2014/04/28 21:31:22 | 001,466,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/04/28 21:31:22 | 001,339,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014/04/28 21:31:22 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidprov.dll
[2014/04/28 21:31:21 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2014/04/28 21:31:21 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/04/28 21:31:21 | 000,492,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014/04/28 21:31:20 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/04/28 21:31:20 | 000,467,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014/04/28 21:31:20 | 000,388,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014/04/28 21:31:20 | 000,356,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014/04/28 21:31:19 | 000,364,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/04/28 21:31:19 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidprov.dll
[2014/04/28 21:31:18 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2014/04/28 21:31:18 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2014/04/28 21:31:18 | 000,379,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/04/28 21:31:17 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2014/04/28 21:31:16 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2014/04/28 21:31:16 | 000,305,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/04/28 21:31:15 | 000,924,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/04/28 21:31:15 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2014/04/28 21:31:15 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014/04/28 21:31:14 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2014/04/28 21:31:13 | 000,872,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/04/28 21:31:13 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/04/28 21:31:13 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/04/28 21:31:13 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll
[2014/04/28 21:31:13 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2014/04/28 21:31:12 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/04/28 21:31:12 | 000,488,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2014/04/28 21:31:12 | 000,463,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014/04/28 21:31:12 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2014/04/28 21:31:12 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014/04/28 21:31:12 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/04/28 21:31:11 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll
[2014/04/28 21:31:11 | 000,390,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2014/04/28 21:31:11 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2014/04/28 21:31:11 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/04/28 21:31:11 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll
[2014/04/28 21:31:10 | 000,467,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/04/28 21:31:10 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2014/04/28 21:31:10 | 000,244,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014/04/28 21:31:09 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/04/28 21:31:09 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/04/28 21:31:09 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AdmTmpl.dll
[2014/04/28 21:31:09 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pdh.dll
[2014/04/28 21:31:09 | 000,113,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\userenv.dll
[2014/04/28 21:31:09 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2014/04/28 21:31:08 | 000,360,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2014/04/28 21:31:08 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2014/04/28 21:31:08 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReInfo.dll
[2014/04/28 21:31:08 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2014/04/28 21:31:08 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2014/04/28 21:31:07 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlangpui.dll
[2014/04/28 21:31:07 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2014/04/28 21:31:07 | 000,355,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2014/04/28 21:31:07 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2014/04/28 21:31:06 | 001,015,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aclui.dll
[2014/04/28 21:31:06 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll
[2014/04/28 21:31:06 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2014/04/28 21:31:05 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/04/28 21:31:05 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spp.dll
[2014/04/28 21:31:05 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2014/04/28 21:31:04 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll
[2014/04/28 21:31:04 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pdh.dll
[2014/04/28 21:31:04 | 000,136,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2014/04/28 21:31:04 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2014/04/28 21:31:04 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\w32tm.exe
[2014/04/28 21:31:03 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014/04/28 21:31:03 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014/04/28 21:31:03 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014/04/28 21:31:02 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlangpui.dll
[2014/04/28 21:31:02 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2014/04/28 21:31:02 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2014/04/28 21:31:02 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvcfg.exe
[2014/04/28 21:31:02 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/04/28 21:31:01 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aclui.dll
[2014/04/28 21:31:01 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2014/04/28 21:31:01 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2014/04/28 21:31:01 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMapi.dll
[2014/04/28 21:31:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\w32tm.exe
[2014/04/28 21:31:01 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/04/28 21:31:00 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/04/28 21:31:00 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2014/04/28 21:31:00 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationApi.dll
[2014/04/28 21:31:00 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2014/04/28 21:31:00 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014/04/28 21:30:59 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/04/28 21:30:59 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AdmTmpl.dll
[2014/04/28 21:30:59 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReInfo.dll
[2014/04/28 21:30:59 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerDeviceEncryption.exe
[2014/04/28 21:30:58 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvewiz.dll
[2014/04/28 21:30:58 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2014/04/28 21:30:58 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014/04/28 21:30:58 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2014/04/28 21:30:58 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevPropMgr.dll
[2014/04/28 21:30:57 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2014/04/28 21:30:57 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationApi.dll
[2014/04/28 21:30:57 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxproxy.dll
[2014/04/28 21:30:57 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SetNetworkLocation.dll
[2014/04/28 21:30:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxproxy.dll
[2014/04/28 21:30:56 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2014/04/28 21:30:55 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2014/04/28 21:30:55 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfg.exe
[2014/04/28 21:30:55 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfgLib.dll
[2014/04/28 21:30:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\l2gpstore.dll
[2014/04/28 21:30:55 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\l2gpstore.dll
[2014/04/28 21:30:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanhlp.dll
[2014/04/28 21:30:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2014/04/28 21:30:54 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014/04/28 21:28:37 | 002,678,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/04/28 09:22:20 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Rogue Amoeba
[2014/04/27 08:23:28 | 000,000,000 | ---D | C] -- C:\Users\Elijah\.shsh
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/22 16:59:00 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/22 16:54:03 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Elijah\Desktop\JRT.exe
[2014/05/22 16:50:42 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3108133871-108172081-1357250756-1001UA.job
[2014/05/22 16:50:04 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3108133871-108172081-1357250756-1001Core.job
[2014/05/22 16:33:53 | 000,002,213 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/22 16:33:50 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/22 16:31:58 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/05/21 21:20:44 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\Uninstaller_SkipUac_Administrator.job
[2014/05/21 18:23:11 | 000,025,583 | ---- | M] () -- C:\Users\Elijah\Desktop\food-network-logo.png
[2014/05/21 18:10:24 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/21 18:09:51 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/05/21 15:58:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Elijah\Desktop\OTL.exe
[2014/05/21 15:58:00 | 000,854,367 | ---- | M] () -- C:\Users\Elijah\Desktop\SecurityCheck.exe
[2014/05/21 15:44:57 | 3220,582,400 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/21 15:44:57 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/05/19 21:32:25 | 006,199,182 | ---- | M] () -- C:\Users\Elijah\Desktop\tumblr_n3cd3sBkpS1qi81ts.mp4
[2014/05/19 17:57:20 | 000,675,988 | ---- | M] () -- C:\Users\Elijah\Desktop\Minecraft.exe
[2014/05/18 21:17:55 | 002,862,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll
[2014/05/18 21:17:55 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxinit.dll
[2014/05/18 21:17:54 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2014/05/18 20:47:03 | 000,000,741 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2014/05/18 20:33:08 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/16 18:44:21 | 000,001,320 | ---- | M] () -- C:\Users\Public\Desktop\Cloud System Booster.lnk
[2014/05/15 03:59:38 | 000,052,752 | ---- | M] (Anvisoft) -- C:\WINDOWS\SysNative\drivers\asd2fsm.sys
[2014/05/15 03:59:36 | 000,047,632 | ---- | M] (Anvisoft) -- C:\WINDOWS\SysNative\drivers\asdids.sys
[2014/05/14 08:01:14 | 000,000,036 | ---- | M] () -- C:\Users\Elijah\AppData\Local\housecall.guid.cache
[2014/05/13 18:52:29 | 000,259,272 | ---- | M] () -- C:\ProgramData\1400021306.bdinstall.bin
[2014/05/11 11:56:39 | 000,579,984 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/05/09 22:08:58 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
[2014/05/09 21:47:57 | 000,002,272 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk
[2014/05/09 21:29:57 | 001,037,398 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/05/09 21:29:57 | 000,860,032 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/05/09 21:29:57 | 000,180,258 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/05/09 21:29:52 | 001,015,600 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/05/09 21:28:03 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa.tlb
[2014/05/09 21:28:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa30.tlb
[2014/05/09 21:28:03 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa20.tlb
[2014/05/09 21:28:03 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa10.tlb
[2014/05/09 21:28:02 | 000,606,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqsnap.dll
[2014/05/09 21:28:02 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisRtl.dll
[2014/05/09 21:28:02 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ahadmin.dll
[2014/05/09 21:28:02 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\admwprox.dll
[2014/05/09 21:28:02 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisreset.exe
[2014/05/09 21:28:02 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wamregps.dll
[2014/05/09 21:28:02 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqcertui.dll
[2014/05/09 21:28:01 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisrstap.dll
[2014/05/09 21:27:59 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mqac.sys
[2014/05/09 21:27:59 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisRtl.dll
[2014/05/09 21:27:59 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\admwprox.dll
[2014/05/09 21:27:58 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqrt.dll
[2014/05/09 21:27:58 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ahadmin.dll
[2014/05/09 21:27:58 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisreset.exe
[2014/05/09 21:27:58 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wamregps.dll
[2014/05/09 21:27:58 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisrstap.dll
[2014/05/09 21:27:57 | 000,533,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmconnect.exe
[2014/05/09 21:27:57 | 000,253,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa.dll
[2014/05/09 21:27:57 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsec.dll
[2014/05/09 21:27:57 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqad.dll
[2014/05/09 21:27:57 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqcmiplugin.dll
[2014/05/09 21:27:57 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqmigplugin.dll
[2014/05/09 21:27:57 | 000,009,096 | ---- | M] () -- C:\WINDOWS\SysWow64\msmqtrc.mof
[2014/05/09 21:27:56 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqutil.dll
[2014/05/09 21:27:56 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqlogmgr.dll
[2014/05/09 21:27:55 | 000,144,967 | ---- | M] () -- C:\WINDOWS\SysNative\virtmgmt.msc
[2014/05/09 21:27:53 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemoteFileBrowse.dll
[2014/05/09 21:27:53 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa.tlb
[2014/05/09 21:27:53 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa30.tlb
[2014/05/09 21:27:53 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa20.tlb
[2014/05/09 21:27:53 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa10.tlb
[2014/05/09 21:27:52 | 000,788,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsnap.dll
[2014/05/09 21:27:51 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqcertui.dll
[2014/05/09 21:27:50 | 000,302,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa.dll
[2014/05/09 21:27:50 | 000,009,096 | ---- | M] () -- C:\WINDOWS\SysNative\msmqtrc.mof
[2014/05/09 21:27:49 | 001,408,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqqm.dll
[2014/05/09 21:27:49 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqrt.dll
[2014/05/09 21:27:48 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqsec.dll
[2014/05/09 21:27:48 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqad.dll
[2014/05/09 21:27:48 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqmigplugin.dll
[2014/05/09 21:27:48 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqcmiplugin.dll
[2014/05/09 21:27:47 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqutil.dll
[2014/05/09 21:27:44 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqbkup.exe
[2014/05/09 21:27:44 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsvc.exe
[2014/05/09 20:29:15 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk
[2014/05/09 20:28:43 | 000,447,752 | ---- | M] (On2.com) -- C:\WINDOWS\SysWow64\vp6vfw.dll
[2014/05/06 18:39:50 | 000,000,996 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/05 23:00:47 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/05/05 22:10:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/05 20:23:01 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/05/05 20:23:00 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2014/05/05 20:23:00 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2014/05/05 20:23:00 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2014/05/05 16:58:53 | 000,001,200 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2014/05/05 16:43:49 | 000,773,632 | ---- | M] (Robert Simpson, et al.) -- C:\Users\Elijah\AppData\Roaming\System.Data.SQLite.dll
[2014/05/04 22:18:49 | 000,001,128 | ---- | M] () -- C:\WINDOWS\SysNative\.crusader
[2014/05/04 12:54:47 | 000,000,385 | ---- | M] () -- C:\WINDOWS\SysNative\user_gensett.xml
[2014/05/03 17:42:15 | 000,007,605 | ---- | M] () -- C:\Users\Elijah\AppData\Local\Resmon.ResmonCfg
[2014/05/03 09:47:32 | 000,040,801 | ---- | M] () -- C:\ProgramData\1399124847.bdinstall.bin
[2014/05/03 09:05:09 | 000,074,512 | ---- | M] (BitDefender SRL) -- C:\WINDOWS\SysNative\bdsandboxuiskin32.dll
[2014/05/03 08:48:39 | 000,561,043 | ---- | M] () -- C:\ProgramData\1399120867.bdinstall.bin
[2014/05/03 08:47:02 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/05/03 08:36:17 | 000,114,935 | ---- | M] () -- C:\ProgramData\1399120409.3740.bin
[2014/05/03 08:36:17 | 000,033,466 | ---- | M] () -- C:\ProgramData\1399120409.6280.bin
[2014/05/03 08:36:17 | 000,011,684 | ---- | M] () -- C:\ProgramData\1399120409.5064.bin
[2014/05/03 08:36:17 | 000,004,264 | ---- | M] () -- C:\ProgramData\1399120409.1120.bin
[2014/05/03 08:36:17 | 000,000,991 | ---- | M] () -- C:\ProgramData\1399120409.6964.bin
[2014/05/03 08:36:16 | 000,010,767 | ---- | M] () -- C:\ProgramData\1399120409.7124.bin
[2014/05/03 08:36:16 | 000,001,090 | ---- | M] () -- C:\ProgramData\1399120409.5848.bin
[2014/05/03 08:33:57 | 000,003,735 | ---- | M] () -- C:\ProgramData\1399120409.3568.bin
[2014/05/03 08:33:53 | 000,017,887 | ---- | M] () -- C:\ProgramData\1399120409.5712.bin
[2014/05/03 08:33:53 | 000,010,649 | ---- | M] () -- C:\ProgramData\1399120409.3028.bin
[2014/05/03 08:33:53 | 000,001,090 | ---- | M] () -- C:\ProgramData\1399120409.6376.bin
[2014/05/01 16:30:26 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/05/01 16:30:26 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/01 15:59:13 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/05/01 15:59:11 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/04/27 08:58:32 | 000,000,950 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts.umbrella
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/05/21 18:23:03 | 000,025,583 | ---- | C] () -- C:\Users\Elijah\Desktop\food-network-logo.png
[2014/05/21 15:58:06 | 000,854,367 | ---- | C] () -- C:\Users\Elijah\Desktop\SecurityCheck.exe
[2014/05/19 21:32:12 | 006,199,182 | ---- | C] () -- C:\Users\Elijah\Desktop\tumblr_n3cd3sBkpS1qi81ts.mp4
[2014/05/19 18:23:07 | 000,675,988 | ---- | C] () -- C:\Users\Elijah\Desktop\Minecraft.exe
[2014/05/18 20:33:08 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/17 11:16:20 | 000,000,001 | -HS- | C] () -- C:\BOOTNXT
[2014/05/17 11:16:19 | 000,403,946 | RHS- | C] () -- C:\bootmgr
[2014/05/16 18:44:21 | 000,001,320 | ---- | C] () -- C:\Users\Public\Desktop\Cloud System Booster.lnk
[2014/05/14 08:01:14 | 000,000,036 | ---- | C] () -- C:\Users\Elijah\AppData\Local\housecall.guid.cache
[2014/05/13 18:52:29 | 000,259,272 | ---- | C] () -- C:\ProgramData\1400021306.bdinstall.bin
[2014/05/13 13:41:03 | 000,001,130 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014/05/09 22:08:58 | 000,002,344 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
[2014/05/09 21:47:57 | 000,002,272 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk
[2014/05/09 21:27:57 | 000,009,096 | ---- | C] () -- C:\WINDOWS\SysWow64\msmqtrc.mof
[2014/05/09 21:27:55 | 000,144,967 | ---- | C] () -- C:\WINDOWS\SysNative\virtmgmt.msc
[2014/05/09 21:27:50 | 000,009,096 | ---- | C] () -- C:\WINDOWS\SysNative\msmqtrc.mof
[2014/05/09 20:29:15 | 000,002,340 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk
[2014/05/06 18:39:50 | 000,000,996 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/04 22:18:49 | 000,001,128 | ---- | C] () -- C:\WINDOWS\SysNative\.crusader
[2014/05/04 12:54:47 | 000,000,385 | ---- | C] () -- C:\WINDOWS\SysNative\user_gensett.xml
[2014/05/03 09:47:32 | 000,040,801 | ---- | C] () -- C:\ProgramData\1399124847.bdinstall.bin
[2014/05/03 08:48:39 | 000,561,043 | ---- | C] () -- C:\ProgramData\1399120867.bdinstall.bin
[2014/05/03 08:47:02 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/05/03 08:36:10 | 000,011,684 | ---- | C] () -- C:\ProgramData\1399120409.5064.bin
[2014/05/03 08:33:47 | 000,017,887 | ---- | C] () -- C:\ProgramData\1399120409.5712.bin
[2014/05/03 08:33:47 | 000,010,649 | ---- | C] () -- C:\ProgramData\1399120409.3028.bin
[2014/05/03 08:33:47 | 000,004,264 | ---- | C] () -- C:\ProgramData\1399120409.1120.bin
[2014/05/03 08:33:47 | 000,001,090 | ---- | C] () -- C:\ProgramData\1399120409.6376.bin
[2014/05/03 08:33:47 | 000,001,090 | ---- | C] () -- C:\ProgramData\1399120409.5848.bin
[2014/05/03 08:33:47 | 000,000,991 | ---- | C] () -- C:\ProgramData\1399120409.6964.bin
[2014/05/03 08:33:40 | 000,003,735 | ---- | C] () -- C:\ProgramData\1399120409.3568.bin
[2014/05/03 08:33:35 | 000,033,466 | ---- | C] () -- C:\ProgramData\1399120409.6280.bin
[2014/05/03 08:33:35 | 000,010,767 | ---- | C] () -- C:\ProgramData\1399120409.7124.bin
[2014/05/03 08:33:29 | 000,114,935 | ---- | C] () -- C:\ProgramData\1399120409.3740.bin
[2014/04/28 21:30:54 | 000,387,210 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/04/12 10:59:35 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/21 16:38:20 | 000,000,085 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014/03/18 18:47:25 | 000,000,128 | ---- | C] () -- C:\Users\Elijah\.java.policy
[2014/03/08 20:56:05 | 001,015,600 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/02/17 14:49:16 | 000,000,218 | ---- | C] () -- C:\Users\Elijah\AppData\Local\recently-used.xbel
[2014/02/14 17:50:30 | 000,000,000 | -HS- | C] () -- C:\Users\Elijah\AppData\Local\LumaEmu
[2014/02/14 00:34:43 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/25 22:23:26 | 000,012,484 | ---- | C] () -- C:\Users\Elijah\1524665_626217224109935_1040360520_n.jpg
[2013/12/13 23:25:49 | 000,029,115 | ---- | C] () -- C:\Users\Elijah\AppData\Roaming\Comma Separated Values.ADR
[2013/12/10 18:33:54 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/11/20 10:59:15 | 000,151,902 | ---- | C] () -- C:\ProgramData\1367021324.bdinstall.bin
[2013/11/20 10:59:15 | 000,074,278 | ---- | C] () -- C:\ProgramData\1367103931.bdinstall.bin
[2013/11/20 10:59:15 | 000,022,805 | ---- | C] () -- C:\ProgramData\1367103928.bdinstall.bin
[2013/11/20 10:59:15 | 000,003,628 | ---- | C] () -- C:\ProgramData\1368224736.bdinstall.bin
[2013/11/20 10:59:15 | 000,003,628 | ---- | C] () -- C:\ProgramData\1368224734.bdinstall.bin
[2013/11/20 10:59:15 | 000,003,628 | ---- | C] () -- C:\ProgramData\1368224720.bdinstall.bin
[2013/11/20 10:59:15 | 000,003,627 | ---- | C] () -- C:\ProgramData\1367164837.bdinstall.bin
[2013/11/20 10:59:15 | 000,000,209 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/10/19 09:14:11 | 000,001,147 | ---- | C] () -- C:\Users\Elijah\Steam.lnk
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/07/01 01:32:40 | 000,008,192 | ---- | C] () -- C:\Users\Elijah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/29 21:26:10 | 000,007,605 | ---- | C] () -- C:\Users\Elijah\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2013/11/22 01:12:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/27 05:12:37 | 021,225,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/27 03:48:28 | 018,679,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 237 bytes -> C:\Users\Elijah\SkyDrive (2):ms-properties
@Alternate Data Stream - 183 bytes -> C:\Users\Elijah\SkyDrive (3).old:ms-properties
@Alternate Data Stream - 162 bytes -> C:\Users\Elijah\SkyDrive:ms-properties
 
< End of report >
 


#9 Jo*

Jo*

  • Malware Response Team
  • 3,429 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:57 PM

Posted 23 May 2014 - 04:39 AM

Hello ThatElijahGuy,

Run OTL.exe
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :OTL
    CHR - Extension: MaskMe = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.40.353_0\
    
    :Reg
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] 
    "BootExecute"="autocheck autochk *"
    
    :Files
    C:\WINDOWS\tasks\Uninstaller_SkipUac_Administrator.job
    
    :Commands
    [purity]
    [emptytemp]
    


    NOTICE: This script was written specifically for this user, for use on that particular machine.
    Running this on another machine may cause damage to your operating system
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post Fix OTL log.

---


Restart your pc!
How the computer is running now?
 

***


Run OTL again.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#10 ThatElijahGuy

ThatElijahGuy
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:57 PM

Posted 23 May 2014 - 09:14 PM

After restarting the computer, explorer.exe did not start until the OTL text log opened, and afterward the computer had moved slowly in opening programs (example of this is Chrome)

 

After running the fix, and browsing my way to the Forums; two popups had appeared. (note, I am also getting this on my mobile browsers on my iPad (Safari and Chrome which is exactly Reduxmedia each time with redirects) 

 

 

Here's the OTL Log after I ran the Fix.

All processes killed
========== OTL ==========
C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.40.353_0\_locales\en folder moved successfully.
C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.40.353_0\_locales folder moved successfully.
C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.40.353_0\pages\panels folder moved successfully.
C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.40.353_0\pages\images\manage folder moved successfully.
C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.40.353_0\pages\images folder moved successfully.
C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.40.353_0\pages\fonts folder moved successfully.
C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.40.353_0\pages folder moved successfully.
C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.40.353_0\images folder moved successfully.
C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.40.353_0 folder moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\\"BootExecute"|"autocheck autochk *" /E : value set successfully!
========== FILES ==========
C:\WINDOWS\tasks\Uninstaller_SkipUac_Administrator.job moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: .NET v4.5
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: .NET v4.5 Classic
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: Deborah
->Temp folder emptied: 3519 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Google Chrome cache emptied: 856432 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Elijah
->Temp folder emptied: 37214 bytes
->Temporary Internet Files folder emptied: 3496963 bytes
->Java cache emptied: 26882 bytes
->Google Chrome cache emptied: 404151257 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 1157 bytes
 
User: Public
 
User: Testing Account
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 128 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 66194756 bytes
RecycleBin emptied: 5401056257 bytes
 
Total Files Cleaned = 5,604.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 05232014_215529
 
Files\Folders moved on Reboot...
C:\Users\Elijah\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\WINDOWS\temp\CR_AD0E6.tmp\setup.exe moved successfully.
File\Folder C:\WINDOWS\temp\35.0.1916.114_34.0.1847.137_chrome_updater.exe5fed9ff not found!
C:\WINDOWS\temp\chrome_installer.log moved successfully.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...
 
--
 

OTL logfile created on: 5/23/2014 10:04:21 PM - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Elijah\Desktop
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 2.36 Gb Available Physical Memory | 63.01% Memory free
5.37 Gb Paging File | 3.62 Gb Available in Paging File | 67.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.48 Gb Total Space | 351.78 Gb Free Space | 60.50% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 14.50 Gb Free Space | 99.02% Space Free | Partition Type: NTFS
 
Computer Name: DELL-PC | User Name: Elijah | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Elijah\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Elijah\AppData\Local\StartIsBack\StartScreen.exe (www.startisback.com)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
PRC - C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe (Anvisoft)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (BstHdUpdaterSvc) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (RzKLService) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
SRV - (AnviCsbSvc) -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe (Anvisoft)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (Te.Service) -- C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation)
SRV - (fussvc) -- C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MWAC) -- C:\WINDOWS\SysNative\drivers\ [2014/05/22 16:51:29 | 000,000,000 | ---D | M]
DRV:64bit: - (MBAMProtector) -- C:\WINDOWS\SysNative\drivers\ [2014/05/22 16:51:29 | 000,000,000 | ---D | M]
DRV:64bit: - (MQAC) -- C:\Windows\SysNative\drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (RZMAELSTROMVADService) -- C:\Windows\SysNative\drivers\RzMaelstromVAD.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys (IObit)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- C:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatformMp) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (VBAudioVACMME) -- C:\Windows\SysNative\drivers\vbaudio_cable64_win7.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL63AL.SYS (Broadcom Corporation)
DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (tapoas) -- C:\Windows\SysNative\drivers\tapoas.sys (The OpenVPN Project)
DRV:64bit: - (NW1900) -- C:\Windows\SysNative\drivers\NW1900.sys (NextWindow Limited)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (UnlockerDriver5) -- C:\Program Files\Unlocker\UnlockerDriver5.sys ()
DRV:64bit: - (FXOSDDRV) -- C:\Windows\SysNative\drivers\FxOSDdrv64.sys (Foxconn Group)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Almico Software)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
IE - HKCU\..\SearchScopes,DefaultScope = {F490F778-177A-41DE-B606-0BCC7F752FCF}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{8EE5F13B-07D4-4C1A-858A-BEE4C8A6E6D7}: "URL" = https://duckduckgo.com/?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Elijah\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Elijah\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Elijah\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Elijah\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Elijah\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\anvisoft.com/AdblockPlugin: C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll File not found
 
 
[2014/04/25 13:23:58 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Widevine Content Decryption Module (Disabled) = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
CHR - plugin: Mixesoft Click&Clean Plug-In (Enabled) = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\plugin/npccch32.dll
CHR - plugin: Bitdefender QuickScan (Disabled) = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\plugin/npqscan.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2013 (Disabled) = C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Disabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java Deployment Toolkit 7.0.550.14 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U55 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Disabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Disabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Elijah\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Elijah\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
CHR - plugin: Google Talk Plugin (Disabled) = C:\Users\Elijah\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Renderer (Disabled) = C:\Users\Elijah\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
CHR - Extension: Magic Actions for YouTubeâ„¢ = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\6.7.7_0\
CHR - Extension: Google Drive = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Cast = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\14.421.1.1_0\
CHR - Extension: Mancala = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjlhjhpnhabnfepdfemepiilbjbkecpe\1.0.5_0\
CHR - Extension: Spotify - Music for every moment = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh\0.2.3_0\
CHR - Extension: Google Search = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Netflix = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh\1.0.0.2_0\
CHR - Extension: Google News = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc\3.0_0\
CHR - Extension: No name found = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi\1.213.1_0\
CHR - Extension: Click&Clean = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\
CHR - Extension: AdBlock = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.34_0\
CHR - Extension: Deathamns = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab\0.9.8.9_0\
CHR - Extension: OneDrive = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk\1.0.4_0\
CHR - Extension: Google Wallet = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: WeVideo - Video Editor and Maker = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb\3.3.3_0\
CHR - Extension: Picasa = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Click&Clean App = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.5_0\
CHR - Extension: Gmail = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: No name found = C:\Users\Elijah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pofoighmmpljaikjiidkkfhldjndfdbk\3.6.7_0\
 
O1 HOSTS File: ([2014/05/18 20:47:03 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [InstallerLauncher] "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe" File not found
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Elijah\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 184.107.180.178 50.30.37.164 207.255.0.43
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FD22285-FE1C-44BF-9A4C-EE6DACBB4103}: DhcpNameServer = 184.107.180.178 50.30.37.164 207.255.0.43
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABBD440E-4FEE-4C1E-BF6F-1386E476613C}: DhcpNameServer = 184.107.180.178 50.30.37.164 207.255.0.43
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[7513/04/28 11:11:21 | 000,000,000 | ---D | C] -- C:\WIN NETWORK FILE
[2014/05/22 16:54:06 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Elijah\Desktop\JRT.exe
[2014/05/22 16:51:25 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2014/05/21 18:09:47 | 000,000,000 | ---D | C] -- C:\Users\Elijah\Desktop\mbar
[2014/05/21 15:58:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Elijah\Desktop\OTL.exe
[2014/05/21 15:50:54 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Mozilla
[2014/05/18 21:17:56 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UltraUXThemePatcher
[2014/05/18 21:17:55 | 002,862,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll.backup
[2014/05/18 21:17:55 | 002,862,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll
[2014/05/18 21:17:55 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxinit.dll.backup
[2014/05/18 21:17:55 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxinit.dll
[2014/05/18 21:17:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UltraUXThemePatcher
[2014/05/18 21:17:54 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll.backup
[2014/05/18 21:17:54 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2014/05/18 21:14:17 | 000,000,000 | ---D | C] -- C:\Users\Elijah\Desktop\imac  64 bit version
[2014/05/18 21:03:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/18 20:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/05/18 20:32:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/05/18 20:32:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/05/18 20:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/05/17 11:55:50 | 000,693,240 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/05/17 11:55:50 | 000,105,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/16 22:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/16 18:58:52 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Anvisoft
[2014/05/16 18:48:01 | 000,052,752 | ---- | C] (Anvisoft) -- C:\WINDOWS\SysNative\drivers\asd2fsm.sys
[2014/05/16 18:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2014/05/16 18:44:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2014/05/16 18:44:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2014/05/15 03:59:36 | 000,047,632 | ---- | C] (Anvisoft) -- C:\WINDOWS\SysNative\drivers\asdids.sys
[2014/05/14 09:28:20 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wusa.exe
[2014/05/14 09:28:20 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wusa.exe
[2014/05/14 09:28:18 | 000,257,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/05/14 09:28:17 | 000,123,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/05/14 09:28:16 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/05/14 09:27:46 | 013,288,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/05/14 09:27:46 | 000,921,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/05/14 09:27:45 | 011,792,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/05/14 09:27:45 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/05/14 09:27:45 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/05/14 09:27:44 | 001,705,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/05/14 09:27:44 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2014/05/14 09:27:44 | 000,827,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/05/14 09:27:44 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/05/14 09:27:44 | 000,555,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2014/05/14 09:27:44 | 000,419,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2014/05/14 09:27:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/05/14 09:27:44 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/05/14 09:27:43 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2014/05/14 09:27:43 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/05/14 09:27:43 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/14 09:27:43 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2014/05/14 09:27:43 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/14 09:27:43 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/05/14 09:27:43 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/05/14 09:27:43 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/05/14 09:27:42 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/05/14 09:27:42 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/05/14 09:27:42 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSReset.exe
[2014/05/14 09:27:42 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/05/14 09:27:42 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014/05/14 09:26:48 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/05/14 09:26:46 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/14 09:26:27 | 000,086,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mrt_map.dll
[2014/05/14 09:26:27 | 000,080,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mrt_map.dll
[2014/05/14 09:26:27 | 000,028,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mrt100.dll
[2014/05/14 09:26:27 | 000,026,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mrt100.dll
[2014/05/12 00:03:36 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
[2014/05/09 21:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\Hyper-V
[2014/05/09 21:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\msmq
[2014/05/09 21:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\BestPractices
[2014/05/09 21:28:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\BestPractices
[2014/05/09 21:28:08 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hyper-V Management Tools
[2014/05/09 21:28:03 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa.tlb
[2014/05/09 21:28:03 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa30.tlb
[2014/05/09 21:28:03 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa20.tlb
[2014/05/09 21:28:03 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa10.tlb
[2014/05/09 21:28:02 | 000,606,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqsnap.dll
[2014/05/09 21:28:02 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisRtl.dll
[2014/05/09 21:28:02 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ahadmin.dll
[2014/05/09 21:28:02 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\admwprox.dll
[2014/05/09 21:28:02 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisreset.exe
[2014/05/09 21:28:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wamregps.dll
[2014/05/09 21:28:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqcertui.dll
[2014/05/09 21:28:01 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisrstap.dll
[2014/05/09 21:27:59 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mqac.sys
[2014/05/09 21:27:59 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisRtl.dll
[2014/05/09 21:27:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\admwprox.dll
[2014/05/09 21:27:58 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqrt.dll
[2014/05/09 21:27:58 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ahadmin.dll
[2014/05/09 21:27:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisreset.exe
[2014/05/09 21:27:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wamregps.dll
[2014/05/09 21:27:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisrstap.dll
[2014/05/09 21:27:57 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmconnect.exe
[2014/05/09 21:27:57 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa.dll
[2014/05/09 21:27:57 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsec.dll
[2014/05/09 21:27:57 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqad.dll
[2014/05/09 21:27:57 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqcmiplugin.dll
[2014/05/09 21:27:57 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqmigplugin.dll
[2014/05/09 21:27:56 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqutil.dll
[2014/05/09 21:27:56 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqlogmgr.dll
[2014/05/09 21:27:53 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemoteFileBrowse.dll
[2014/05/09 21:27:53 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa.tlb
[2014/05/09 21:27:53 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa30.tlb
[2014/05/09 21:27:53 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa20.tlb
[2014/05/09 21:27:53 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa10.tlb
[2014/05/09 21:27:52 | 000,788,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsnap.dll
[2014/05/09 21:27:51 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqcertui.dll
[2014/05/09 21:27:50 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa.dll
[2014/05/09 21:27:49 | 001,408,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqqm.dll
[2014/05/09 21:27:49 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqrt.dll
[2014/05/09 21:27:48 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqsec.dll
[2014/05/09 21:27:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqad.dll
[2014/05/09 21:27:48 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqmigplugin.dll
[2014/05/09 21:27:48 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqcmiplugin.dll
[2014/05/09 21:27:47 | 000,563,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqutil.dll
[2014/05/09 21:27:44 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqbkup.exe
[2014/05/09 21:27:44 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsvc.exe
[2014/05/06 22:16:39 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/06 22:16:16 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/05/06 18:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/05/06 18:39:48 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/05/06 18:39:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/05/06 18:29:06 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Opera Software
[2014/05/06 18:29:05 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Opera Software
[2014/05/06 18:28:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2014/05/05 20:23:14 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2014/05/05 20:23:10 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2014/05/05 20:23:10 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2014/05/05 20:23:10 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/05/05 20:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/05/05 19:35:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014/05/05 17:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirServer (64-bit)
[2014/05/05 17:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\App Dynamic
[2014/05/05 17:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Reflector
[2014/05/05 17:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Reflection
[2014/05/05 17:33:06 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Reflector
[2014/05/05 17:31:29 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reflector
[2014/05/05 17:31:28 | 000,000,000 | ---D | C] -- C:\Program Files\Reflector
[2014/05/05 16:43:49 | 000,773,632 | ---- | C] (Robert Simpson, et al.) -- C:\Users\Elijah\AppData\Roaming\System.Data.SQLite.dll
[2014/05/04 22:00:58 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/05/04 22:00:48 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/05/04 22:00:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/05/04 20:01:00 | 000,000,000 | ---D | C] -- C:\Users\Elijah\.VirtualBox
[2014/05/03 23:40:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2014/05/03 14:07:59 | 000,000,000 | ---D | C] -- C:\Users\Elijah\Documents\7 Days To Die
[2014/05/03 09:05:09 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\WINDOWS\SysNative\bdsandboxuiskin32.dll
[2014/05/03 08:46:53 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2014/05/03 08:46:46 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\capicom.dll
[2014/05/03 08:46:46 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\WINDOWS\SysWow64\bdsandboxuiskin32.dll
[2014/05/03 08:33:48 | 000,084,848 | ---- | C] (BitDefender SRL) -- C:\WINDOWS\SysNative\BDSandBoxUISkin.dll
[2014/05/03 08:33:48 | 000,034,384 | ---- | C] (BitDefender SRL) -- C:\WINDOWS\SysNative\BDSandBoxUH.dll
[2014/05/03 08:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2014/05/03 08:33:29 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Roaming\QuickScan
[2014/05/03 08:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2014/05/03 08:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
[2014/05/03 08:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/05/03 07:27:19 | 000,000,000 | ---D | C] -- C:\Users\Elijah\Documents\My Cheat Tables
[2014/05/02 21:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2014/05/02 21:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2014/05/02 21:09:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2014/05/02 21:08:32 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Bluestacks
[2014/05/02 20:41:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/05/02 20:40:32 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/05/02 20:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Elijah\AppData\Local\EmieUserList
[2014/05/02 20:37:45 | 000,000,000 | -HSD | C] -- C:\Users\Elijah\AppData\Local\EmieSiteList
[2014/05/01 15:59:13 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/05/01 15:59:11 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/04/28 21:31:50 | 016,875,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/04/28 21:31:48 | 001,291,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014/04/28 21:31:47 | 001,112,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/04/28 21:31:47 | 000,376,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2014/04/28 21:31:45 | 012,732,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/04/28 21:31:42 | 008,653,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/04/28 21:31:42 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/04/28 21:31:41 | 000,157,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wof.sys
[2014/04/28 21:31:40 | 007,425,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/04/28 21:31:37 | 006,641,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/04/28 21:31:36 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/04/28 21:31:36 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/04/28 21:31:33 | 005,770,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/04/28 21:31:33 | 002,900,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014/04/28 21:31:32 | 004,268,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/04/28 21:31:31 | 002,270,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014/04/28 21:31:30 | 002,641,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/04/28 21:31:30 | 002,373,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2014/04/28 21:31:29 | 002,141,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014/04/28 21:31:29 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/04/28 21:31:29 | 002,088,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2014/04/28 21:31:29 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/04/28 21:31:28 | 002,317,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/04/28 21:31:28 | 001,542,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2014/04/28 21:31:27 | 001,411,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/04/28 21:31:27 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWfdProvider.dll
[2014/04/28 21:31:26 | 001,779,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014/04/28 21:31:26 | 001,764,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014/04/28 21:31:26 | 001,129,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/04/28 21:31:26 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/04/28 21:31:25 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2014/04/28 21:31:25 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/04/28 21:31:24 | 001,023,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/04/28 21:31:24 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2014/04/28 21:31:24 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/04/28 21:31:24 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2014/04/28 21:31:23 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2014/04/28 21:31:22 | 001,466,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/04/28 21:31:22 | 001,339,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014/04/28 21:31:22 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidprov.dll
[2014/04/28 21:31:21 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2014/04/28 21:31:21 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/04/28 21:31:21 | 000,492,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014/04/28 21:31:20 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/04/28 21:31:20 | 000,467,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014/04/28 21:31:20 | 000,388,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014/04/28 21:31:20 | 000,356,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014/04/28 21:31:19 | 000,364,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/04/28 21:31:19 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidprov.dll
[2014/04/28 21:31:18 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2014/04/28 21:31:18 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2014/04/28 21:31:18 | 000,379,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/04/28 21:31:17 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2014/04/28 21:31:16 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2014/04/28 21:31:16 | 000,305,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/04/28 21:31:15 | 000,924,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/04/28 21:31:15 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2014/04/28 21:31:15 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014/04/28 21:31:14 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2014/04/28 21:31:13 | 000,872,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/04/28 21:31:13 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/04/28 21:31:13 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/04/28 21:31:13 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll
[2014/04/28 21:31:13 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2014/04/28 21:31:12 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/04/28 21:31:12 | 000,488,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2014/04/28 21:31:12 | 000,463,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014/04/28 21:31:12 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2014/04/28 21:31:12 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014/04/28 21:31:12 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/04/28 21:31:11 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll
[2014/04/28 21:31:11 | 000,390,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2014/04/28 21:31:11 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2014/04/28 21:31:11 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/04/28 21:31:11 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll
[2014/04/28 21:31:10 | 000,467,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/04/28 21:31:10 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2014/04/28 21:31:10 | 000,244,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014/04/28 21:31:09 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/04/28 21:31:09 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/04/28 21:31:09 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AdmTmpl.dll
[2014/04/28 21:31:09 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pdh.dll
[2014/04/28 21:31:09 | 000,113,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\userenv.dll
[2014/04/28 21:31:09 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2014/04/28 21:31:08 | 000,360,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2014/04/28 21:31:08 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2014/04/28 21:31:08 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReInfo.dll
[2014/04/28 21:31:08 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2014/04/28 21:31:08 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2014/04/28 21:31:07 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlangpui.dll
[2014/04/28 21:31:07 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2014/04/28 21:31:07 | 000,355,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2014/04/28 21:31:07 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2014/04/28 21:31:06 | 001,015,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aclui.dll
[2014/04/28 21:31:06 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll
[2014/04/28 21:31:06 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2014/04/28 21:31:05 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/04/28 21:31:05 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spp.dll
[2014/04/28 21:31:05 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2014/04/28 21:31:04 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll
[2014/04/28 21:31:04 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pdh.dll
[2014/04/28 21:31:04 | 000,136,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2014/04/28 21:31:04 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2014/04/28 21:31:04 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\w32tm.exe
[2014/04/28 21:31:03 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014/04/28 21:31:03 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014/04/28 21:31:03 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014/04/28 21:31:02 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlangpui.dll
[2014/04/28 21:31:02 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2014/04/28 21:31:02 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2014/04/28 21:31:02 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvcfg.exe
[2014/04/28 21:31:02 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/04/28 21:31:01 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aclui.dll
[2014/04/28 21:31:01 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2014/04/28 21:31:01 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2014/04/28 21:31:01 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMapi.dll
[2014/04/28 21:31:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\w32tm.exe
[2014/04/28 21:31:01 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/04/28 21:31:00 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/04/28 21:31:00 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2014/04/28 21:31:00 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationApi.dll
[2014/04/28 21:31:00 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2014/04/28 21:31:00 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014/04/28 21:30:59 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/04/28 21:30:59 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AdmTmpl.dll
[2014/04/28 21:30:59 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReInfo.dll
[2014/04/28 21:30:59 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerDeviceEncryption.exe
[2014/04/28 21:30:58 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvewiz.dll
[2014/04/28 21:30:58 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2014/04/28 21:30:58 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014/04/28 21:30:58 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2014/04/28 21:30:58 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevPropMgr.dll
[2014/04/28 21:30:57 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2014/04/28 21:30:57 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationApi.dll
[2014/04/28 21:30:57 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxproxy.dll
[2014/04/28 21:30:57 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SetNetworkLocation.dll
[2014/04/28 21:30:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxproxy.dll
[2014/04/28 21:30:56 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2014/04/28 21:30:55 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2014/04/28 21:30:55 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfg.exe
[2014/04/28 21:30:55 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfgLib.dll
[2014/04/28 21:30:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\l2gpstore.dll
[2014/04/28 21:30:55 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\l2gpstore.dll
[2014/04/28 21:30:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanhlp.dll
[2014/04/28 21:30:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2014/04/28 21:30:54 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014/04/28 21:28:37 | 002,678,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/04/28 09:22:20 | 000,000,000 | ---D | C] -- C:\Users\Elijah\AppData\Local\Rogue Amoeba
[2014/04/27 08:23:28 | 000,000,000 | ---D | C] -- C:\Users\Elijah\.shsh
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/23 22:01:58 | 000,002,213 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/23 22:00:42 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/05/23 21:59:12 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/23 21:59:04 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/23 21:58:35 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/05/23 21:58:33 | 3220,582,400 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/23 21:50:58 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3108133871-108172081-1357250756-1001UA.job
[2014/05/22 19:41:42 | 000,002,309 | ---- | M] () -- C:\Users\Elijah\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/22 16:54:03 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Elijah\Desktop\JRT.exe
[2014/05/22 16:50:04 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3108133871-108172081-1357250756-1001Core.job
[2014/05/21 18:23:11 | 000,025,583 | ---- | M] () -- C:\Users\Elijah\Desktop\food-network-logo.png
[2014/05/21 18:10:24 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/21 18:09:51 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/05/21 15:58:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Elijah\Desktop\OTL.exe
[2014/05/21 15:58:00 | 000,854,367 | ---- | M] () -- C:\Users\Elijah\Desktop\SecurityCheck.exe
[2014/05/19 21:32:25 | 006,199,182 | ---- | M] () -- C:\Users\Elijah\Desktop\tumblr_n3cd3sBkpS1qi81ts.mp4
[2014/05/19 17:57:20 | 000,675,988 | ---- | M] () -- C:\Users\Elijah\Desktop\Minecraft.exe
[2014/05/18 21:17:55 | 002,862,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll
[2014/05/18 21:17:55 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxinit.dll
[2014/05/18 21:17:54 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2014/05/18 20:47:03 | 000,000,741 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2014/05/18 20:33:08 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/16 18:44:21 | 000,001,320 | ---- | M] () -- C:\Users\Public\Desktop\Cloud System Booster.lnk
[2014/05/15 03:59:38 | 000,052,752 | ---- | M] (Anvisoft) -- C:\WINDOWS\SysNative\drivers\asd2fsm.sys
[2014/05/15 03:59:36 | 000,047,632 | ---- | M] (Anvisoft) -- C:\WINDOWS\SysNative\drivers\asdids.sys
[2014/05/14 08:01:14 | 000,000,036 | ---- | M] () -- C:\Users\Elijah\AppData\Local\housecall.guid.cache
[2014/05/13 18:52:29 | 000,259,272 | ---- | M] () -- C:\ProgramData\1400021306.bdinstall.bin
[2014/05/11 11:56:39 | 000,579,984 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/05/09 22:08:58 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
[2014/05/09 21:47:57 | 000,002,272 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk
[2014/05/09 21:29:57 | 001,037,398 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/05/09 21:29:57 | 000,860,032 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/05/09 21:29:57 | 000,180,258 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/05/09 21:29:52 | 001,015,600 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/05/09 21:28:03 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa.tlb
[2014/05/09 21:28:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa30.tlb
[2014/05/09 21:28:03 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa20.tlb
[2014/05/09 21:28:03 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa10.tlb
[2014/05/09 21:28:02 | 000,606,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqsnap.dll
[2014/05/09 21:28:02 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisRtl.dll
[2014/05/09 21:28:02 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ahadmin.dll
[2014/05/09 21:28:02 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\admwprox.dll
[2014/05/09 21:28:02 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisreset.exe
[2014/05/09 21:28:02 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wamregps.dll
[2014/05/09 21:28:02 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqcertui.dll
[2014/05/09 21:28:01 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisrstap.dll
[2014/05/09 21:27:59 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mqac.sys
[2014/05/09 21:27:59 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisRtl.dll
[2014/05/09 21:27:59 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\admwprox.dll
[2014/05/09 21:27:58 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqrt.dll
[2014/05/09 21:27:58 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ahadmin.dll
[2014/05/09 21:27:58 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisreset.exe
[2014/05/09 21:27:58 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wamregps.dll
[2014/05/09 21:27:58 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iisrstap.dll
[2014/05/09 21:27:57 | 000,533,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmconnect.exe
[2014/05/09 21:27:57 | 000,253,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqoa.dll
[2014/05/09 21:27:57 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsec.dll
[2014/05/09 21:27:57 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqad.dll
[2014/05/09 21:27:57 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqcmiplugin.dll
[2014/05/09 21:27:57 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqmigplugin.dll
[2014/05/09 21:27:57 | 000,009,096 | ---- | M] () -- C:\WINDOWS\SysWow64\msmqtrc.mof
[2014/05/09 21:27:56 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqutil.dll
[2014/05/09 21:27:56 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqlogmgr.dll
[2014/05/09 21:27:55 | 000,144,967 | ---- | M] () -- C:\WINDOWS\SysNative\virtmgmt.msc
[2014/05/09 21:27:53 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemoteFileBrowse.dll
[2014/05/09 21:27:53 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa.tlb
[2014/05/09 21:27:53 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa30.tlb
[2014/05/09 21:27:53 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa20.tlb
[2014/05/09 21:27:53 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa10.tlb
[2014/05/09 21:27:52 | 000,788,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsnap.dll
[2014/05/09 21:27:51 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqcertui.dll
[2014/05/09 21:27:50 | 000,302,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqoa.dll
[2014/05/09 21:27:50 | 000,009,096 | ---- | M] () -- C:\WINDOWS\SysNative\msmqtrc.mof
[2014/05/09 21:27:49 | 001,408,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqqm.dll
[2014/05/09 21:27:49 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqrt.dll
[2014/05/09 21:27:48 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqsec.dll
[2014/05/09 21:27:48 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqad.dll
[2014/05/09 21:27:48 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqmigplugin.dll
[2014/05/09 21:27:48 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqcmiplugin.dll
[2014/05/09 21:27:47 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mqutil.dll
[2014/05/09 21:27:44 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqbkup.exe
[2014/05/09 21:27:44 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mqsvc.exe
[2014/05/09 20:29:15 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk
[2014/05/09 20:28:43 | 000,447,752 | ---- | M] (On2.com) -- C:\WINDOWS\SysWow64\vp6vfw.dll
[2014/05/06 18:39:50 | 000,000,996 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/05 23:00:47 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/05/05 22:10:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/05 20:23:01 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/05/05 20:23:00 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2014/05/05 20:23:00 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2014/05/05 20:23:00 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2014/05/05 16:58:53 | 000,001,200 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2014/05/05 16:43:49 | 000,773,632 | ---- | M] (Robert Simpson, et al.) -- C:\Users\Elijah\AppData\Roaming\System.Data.SQLite.dll
[2014/05/04 22:18:49 | 000,001,128 | ---- | M] () -- C:\WINDOWS\SysNative\.crusader
[2014/05/04 12:54:47 | 000,000,385 | ---- | M] () -- C:\WINDOWS\SysNative\user_gensett.xml
[2014/05/03 17:42:15 | 000,007,605 | ---- | M] () -- C:\Users\Elijah\AppData\Local\Resmon.ResmonCfg
[2014/05/03 09:47:32 | 000,040,801 | ---- | M] () -- C:\ProgramData\1399124847.bdinstall.bin
[2014/05/03 09:05:09 | 000,074,512 | ---- | M] (BitDefender SRL) -- C:\WINDOWS\SysNative\bdsandboxuiskin32.dll
[2014/05/03 08:48:39 | 000,561,043 | ---- | M] () -- C:\ProgramData\1399120867.bdinstall.bin
[2014/05/03 08:47:02 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/05/03 08:36:17 | 000,114,935 | ---- | M] () -- C:\ProgramData\1399120409.3740.bin
[2014/05/03 08:36:17 | 000,033,466 | ---- | M] () -- C:\ProgramData\1399120409.6280.bin
[2014/05/03 08:36:17 | 000,011,684 | ---- | M] () -- C:\ProgramData\1399120409.5064.bin
[2014/05/03 08:36:17 | 000,004,264 | ---- | M] () -- C:\ProgramData\1399120409.1120.bin
[2014/05/03 08:36:17 | 000,000,991 | ---- | M] () -- C:\ProgramData\1399120409.6964.bin
[2014/05/03 08:36:16 | 000,010,767 | ---- | M] () -- C:\ProgramData\1399120409.7124.bin
[2014/05/03 08:36:16 | 000,001,090 | ---- | M] () -- C:\ProgramData\1399120409.5848.bin
[2014/05/03 08:33:57 | 000,003,735 | ---- | M] () -- C:\ProgramData\1399120409.3568.bin
[2014/05/03 08:33:53 | 000,017,887 | ---- | M] () -- C:\ProgramData\1399120409.5712.bin
[2014/05/03 08:33:53 | 000,010,649 | ---- | M] () -- C:\ProgramData\1399120409.3028.bin
[2014/05/03 08:33:53 | 000,001,090 | ---- | M] () -- C:\ProgramData\1399120409.6376.bin
[2014/05/01 16:30:26 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/05/01 16:30:26 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/01 15:59:13 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/05/01 15:59:11 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/04/27 08:58:32 | 000,000,950 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts.umbrella
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/05/21 18:23:03 | 000,025,583 | ---- | C] () -- C:\Users\Elijah\Desktop\food-network-logo.png
[2014/05/21 15:58:06 | 000,854,367 | ---- | C] () -- C:\Users\Elijah\Desktop\SecurityCheck.exe
[2014/05/19 21:32:12 | 006,199,182 | ---- | C] () -- C:\Users\Elijah\Desktop\tumblr_n3cd3sBkpS1qi81ts.mp4
[2014/05/19 18:23:07 | 000,675,988 | ---- | C] () -- C:\Users\Elijah\Desktop\Minecraft.exe
[2014/05/18 20:33:08 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/05/17 11:16:20 | 000,000,001 | -HS- | C] () -- C:\BOOTNXT
[2014/05/17 11:16:19 | 000,403,946 | RHS- | C] () -- C:\bootmgr
[2014/05/16 18:44:21 | 000,001,320 | ---- | C] () -- C:\Users\Public\Desktop\Cloud System Booster.lnk
[2014/05/14 08:01:14 | 000,000,036 | ---- | C] () -- C:\Users\Elijah\AppData\Local\housecall.guid.cache
[2014/05/13 18:52:29 | 000,259,272 | ---- | C] () -- C:\ProgramData\1400021306.bdinstall.bin
[2014/05/13 13:41:03 | 000,001,130 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014/05/09 22:08:58 | 000,002,344 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
[2014/05/09 21:47:57 | 000,002,272 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk
[2014/05/09 21:27:57 | 000,009,096 | ---- | C] () -- C:\WINDOWS\SysWow64\msmqtrc.mof
[2014/05/09 21:27:55 | 000,144,967 | ---- | C] () -- C:\WINDOWS\SysNative\virtmgmt.msc
[2014/05/09 21:27:50 | 000,009,096 | ---- | C] () -- C:\WINDOWS\SysNative\msmqtrc.mof
[2014/05/09 20:29:15 | 000,002,340 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk
[2014/05/06 18:39:50 | 000,000,996 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/04 22:18:49 | 000,001,128 | ---- | C] () -- C:\WINDOWS\SysNative\.crusader
[2014/05/04 12:54:47 | 000,000,385 | ---- | C] () -- C:\WINDOWS\SysNative\user_gensett.xml
[2014/05/03 09:47:32 | 000,040,801 | ---- | C] () -- C:\ProgramData\1399124847.bdinstall.bin
[2014/05/03 08:48:39 | 000,561,043 | ---- | C] () -- C:\ProgramData\1399120867.bdinstall.bin
[2014/05/03 08:47:02 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/05/03 08:36:10 | 000,011,684 | ---- | C] () -- C:\ProgramData\1399120409.5064.bin
[2014/05/03 08:33:47 | 000,017,887 | ---- | C] () -- C:\ProgramData\1399120409.5712.bin
[2014/05/03 08:33:47 | 000,010,649 | ---- | C] () -- C:\ProgramData\1399120409.3028.bin
[2014/05/03 08:33:47 | 000,004,264 | ---- | C] () -- C:\ProgramData\1399120409.1120.bin
[2014/05/03 08:33:47 | 000,001,090 | ---- | C] () -- C:\ProgramData\1399120409.6376.bin
[2014/05/03 08:33:47 | 000,001,090 | ---- | C] () -- C:\ProgramData\1399120409.5848.bin
[2014/05/03 08:33:47 | 000,000,991 | ---- | C] () -- C:\ProgramData\1399120409.6964.bin
[2014/05/03 08:33:40 | 000,003,735 | ---- | C] () -- C:\ProgramData\1399120409.3568.bin
[2014/05/03 08:33:35 | 000,033,466 | ---- | C] () -- C:\ProgramData\1399120409.6280.bin
[2014/05/03 08:33:35 | 000,010,767 | ---- | C] () -- C:\ProgramData\1399120409.7124.bin
[2014/05/03 08:33:29 | 000,114,935 | ---- | C] () -- C:\ProgramData\1399120409.3740.bin
[2014/04/28 21:30:54 | 000,387,210 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/04/12 10:59:35 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/21 16:38:20 | 000,000,085 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014/03/18 18:47:25 | 000,000,128 | ---- | C] () -- C:\Users\Elijah\.java.policy
[2014/03/08 20:56:05 | 001,015,600 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/02/17 14:49:16 | 000,000,218 | ---- | C] () -- C:\Users\Elijah\AppData\Local\recently-used.xbel
[2014/02/14 17:50:30 | 000,000,000 | -HS- | C] () -- C:\Users\Elijah\AppData\Local\LumaEmu
[2014/02/14 00:34:43 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/25 22:23:26 | 000,012,484 | ---- | C] () -- C:\Users\Elijah\1524665_626217224109935_1040360520_n.jpg
[2013/12/13 23:25:49 | 000,029,115 | ---- | C] () -- C:\Users\Elijah\AppData\Roaming\Comma Separated Values.ADR
[2013/12/10 18:33:54 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/11/20 10:59:15 | 000,151,902 | ---- | C] () -- C:\ProgramData\1367021324.bdinstall.bin
[2013/11/20 10:59:15 | 000,074,278 | ---- | C] () -- C:\ProgramData\1367103931.bdinstall.bin
[2013/11/20 10:59:15 | 000,022,805 | ---- | C] () -- C:\ProgramData\1367103928.bdinstall.bin
[2013/11/20 10:59:15 | 000,003,628 | ---- | C] () -- C:\ProgramData\1368224736.bdinstall.bin
[2013/11/20 10:59:15 | 000,003,628 | ---- | C] () -- C:\ProgramData\1368224734.bdinstall.bin
[2013/11/20 10:59:15 | 000,003,628 | ---- | C] () -- C:\ProgramData\1368224720.bdinstall.bin
[2013/11/20 10:59:15 | 000,003,627 | ---- | C] () -- C:\ProgramData\1367164837.bdinstall.bin
[2013/11/20 10:59:15 | 000,000,209 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/10/19 09:14:11 | 000,001,147 | ---- | C] () -- C:\Users\Elijah\Steam.lnk
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/07/01 01:32:40 | 000,008,192 | ---- | C] () -- C:\Users\Elijah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/29 21:26:10 | 000,007,605 | ---- | C] () -- C:\Users\Elijah\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2013/11/22 01:12:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/27 05:12:37 | 021,225,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/27 03:48:28 | 018,679,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 237 bytes -> C:\Users\Elijah\SkyDrive (2):ms-properties
@Alternate Data Stream - 183 bytes -> C:\Users\Elijah\SkyDrive (3).old:ms-properties
@Alternate Data Stream - 162 bytes -> C:\Users\Elijah\SkyDrive:ms-properties
 
< End of report >
 

Edited by ThatElijahGuy, 23 May 2014 - 10:51 PM.


#11 Jo*

Jo*

  • Malware Response Team
  • 3,429 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:57 PM

Posted 24 May 2014 - 02:47 AM



Hi ,

turn off all computers, iphones, ...
then unplug the power cable from the router,
then unplug the power cable from the (Cable) modem

....let it OFF for about 5 minutes.

Then with the computers still off,
plug back in the Cable modem power cable.

...when all the lights come on:
then plug in the router,

when all the lights come back on:
then start all computers:

Now check if your problem still exists.
Post results here!

***


How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#12 ThatElijahGuy

ThatElijahGuy
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:57 PM

Posted 24 May 2014 - 01:43 PM

Popups seem to have disappeared for the 10 minutes after I have done this.

Mobile is clear, the only area that has popups at the moment is the "Steam" program.  [which opens an empty window about:blank]

 

May I ask what would have caused this?


Edited by ThatElijahGuy, 24 May 2014 - 01:43 PM.


#13 Jo*

Jo*

  • Malware Response Team
  • 3,429 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:57 PM

Posted 24 May 2014 - 02:24 PM

Hello ThatElijahGuy,

the router stores data like name servers and more.
Name servers are used when you want to connect your pc to web sites or other servers.
This means that advertisements or browser redirects may come from a pc or from a router.

1. Java
1.1 Uninstall old Java versions (if present):
  • Please go to Start > Control Panel > Programs and Features .
  • Locate all Java Updates
  • Uninstall them all.
1.2 Install latest Java 7 update. Click this link and click on the Free JAVA Download.

1.3 Find here instructions how to clear the java cache.
Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)
Under Temporary Internet Files, click the Delete Files button.
There are options in the window to clear the cache - Leave ALL Checked
  • Applications and Applets
  • Trace and log files
Click OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. Click OK to leave the Java Control Panel.
 

---


Malwarebytes' Anti-Malware
If this program is already installed: Skip the installation and run only the scan!
Download and install: Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

---


ESET Online Scanner

Connect any existing external hard drives and / or other removable media.

Note:
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



If this program is already installed: Skip the installation and run only the scan!
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as MyEsetScan. Alternatively, look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
  • Push the Back button.
  • Select Uninstall application on close check box and push esetFinish.png

---


How the computer is running now?



---


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#14 ThatElijahGuy

ThatElijahGuy
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:57 PM

Posted 24 May 2014 - 05:22 PM

(Before performing these tests, mobile had a adcash redirect in Safari)

 
Also, the bug that has infected my system has made Malwarebytes 1. Not start up when I start my PC 2. Real-Time protection cannot be checked, or enabled in any way.
 
--
MalwareBytes log
Malwarebytes Anti-Malware (PRO) 1.75.0.1300 (NOTE: I have 2.0 installed with this version)
www.malwarebytes.org
 
Database version: v2014.05.24.06
 
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.17107
Elijah :: DELL-PC [administrator]
 
Protection: Disabled
 
5/24/2014 4:09:21 PM
mbam-log-2014-05-24 (16-09-21).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 423851
Time elapsed: 8 minute(s), 41 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\ProgramData\InstallMate\{CFC39B38-6AE5-45E8-A703-22C71420B9CE}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
 
(end)
 
--
 
wYvUWNV.png
 
After running BOTH programs, reduxmedia popups are now back. Not as frequent, but while editing this post I had gotten one.

Edited by ThatElijahGuy, 24 May 2014 - 10:02 PM.


#15 Jo*

Jo*

  • Malware Response Team
  • 3,429 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:57 PM

Posted 25 May 2014 - 07:55 AM

Hello ThatElijahGuy,

Uninstall ad.reduxmedia:
Please go to Start > Control Panel > Add Remove Programs (XP)
Or Start > Control Panel > Programs and Features ( Vista | Windows 7/8 ).

Locate the following programs:
- ad.reduxmedia
- reduxmedia

Uninstall them if present there!

Check all your browser (IE, FireFox, Chrome) for reduxmedia addons / plugins and disable / uninstall them!


Run OTL.exe
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :OTL
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
    
    :Files
    ipconfig /flushdns /c 
    
    :Commands
    [emptyjava]
    [EMPTYFLASH]
    [resethosts]
    [purity]
    [emptytemp]
    [Reboot]
    
    NOTICE: This script was written specifically for this user, for use on that particular machine.
    Running this on another machine may cause damage to your operating system
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post Fix OTL log.

***

Run OTL again.
Double click on the OTL icon to run it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***


Edited by Jo*, 25 May 2014 - 08:11 AM.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users