While cleaning up my system i activated a program that installed a virus that is hijacking my proxy settings to 127.0.0.1 with a <loop> setting as a fail-over, I have edited the information in the registry and it keeps changing back. The only explorer I can use at the moment is Dragon, from comodo. Here is the OTL scan results:
OTL logfile created on: 8/30/2014 11:21:42 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dennis\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
20.00 Gb Total Physical Memory | 12.81 Gb Available Physical Memory | 64.03% Memory free
40.00 Gb Paging File | 30.37 Gb Available in Paging File | 75.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 142.48 Gb Free Space | 61.18% Space Free | Partition Type: NTFS
Drive D: | 279.48 Gb Total Space | 62.94 Gb Free Space | 22.52% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 45.77 Mb Free Space | 45.77% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 160.90 Gb Free Space | 34.55% Space Free | Partition Type: NTFS
Drive G: | 931.41 Gb Total Space | 357.15 Gb Free Space | 38.34% Space Free | Partition Type: NTFS
Drive H: | 3.00 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 6.65 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: VIPER | User Name: Dennis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Dennis\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Dennis\Desktop\JRT.exe (Thisisu)
PRC - C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
PRC - C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo)
PRC - C:\Program Files (x86)\Comodo\Dragon\virtual_mode_helper.exe ()
PRC - d:\Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - d:\Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - d:\Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
PRC - C:\Windows\SysWOW64\ASGT.exe ()
PRC - C:\Program Files\Plantronics\GameCom780\GameCom780.exe ()
PRC - C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Users\Dennis\AppData\Local\Temp\jrt\CHOICE.DAT ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Microsoft Office 15\root\office15\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Comodo\Dragon\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Comodo\Dragon\virtual_mode_helper.exe ()
MOD - C:\Program Files (x86)\Comodo\Dragon\libGLESv2.dll ()
MOD - C:\Program Files (x86)\Comodo\Dragon\libEGL.dll ()
MOD - C:\Program Files (x86)\Comodo\Dragon\chrome_elf.dll ()
MOD - C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
MOD - C:\Program Files (x86)\Yahoo!\Messenger\yui.dll ()
MOD - C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll ()
MOD - C:\Program Files\Plantronics\GameCom780\VMixPLGC.dll ()
MOD - C:\Program Files\Plantronics\GameCom780\GameCom780.exe ()
MOD - C:\Users\Dennis\AppData\Local\Temp\jrt\CHOICE.DAT ()
========== Services (SafeList) ==========
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (cmdvirth) -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (COMODO)
SRV:64bit: - (KinectManagement) -- C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (LavasoftAdAwareService11) -- D:\Anti-Malware\ADAWARE\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe ()
SRV - (HPSupportSolutionsFrameworkService) -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (c2cautoupdatesvc) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
SRV - (c2cpnrsvc) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (DragonUpdater) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
SRV - (MBAMService) -- d:\Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- d:\Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MakerBot Conveyor Service) -- G:\MakerBot\MakerWare\conveyor-svc.exe ( MakerBot)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Users\Dennis\AppData\Local\Temp\7zS57F4\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (IntuitUpdateServiceV4) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
SRV - (ASGT) -- C:\Windows\SysWOW64\ASGT.exe ()
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender)
DRV:64bit: - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender)
DRV:64bit: - (avchv) -- C:\Windows\SysNative\drivers\avchv.sys (BitDefender)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (Trufos) -- C:\Windows\SysNative\drivers\Trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (cmderd) -- C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (KinectCamera) -- C:\Windows\SysNative\drivers\kinectcamera.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (RtlWlanu) -- C:\Windows\SysNative\drivers\RTWlanU.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (CompFilter64) -- C:\Windows\SysNative\drivers\lvbflt64.sys (Logitech Inc.)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\LVUVC64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (PlantronicsGC) -- C:\Windows\SysNative\drivers\PLTGC.sys (C-Media Electronics Inc)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (PcaSp60) -- C:\Windows\SysNative\drivers\PcaSp60.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (gzflt) -- D:\Anti-Malware\ADAWARE\Antimalware Engine\3.0.0.56\gzflt.sys (BitDefender LLC)
DRV - (bdfwfpf) -- D:\Anti-Malware\ADAWARE\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys (BitDefender LLC)
DRV - (BdfNdisf) -- d:\Anti-Malware\ADAWARE\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys (BitDefender LLC)
DRV - (NTIOLib_1_0_4) -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys (MSI)
DRV - (PcaSp60) -- C:\Windows\SysWOW64\drivers\PcaSp60.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8800;https=127.0.0.1:8800
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8800;https=127.0.0.1:8800
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dennis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014/08/14 19:08:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014/08/14 19:08:01 | 000,000,000 | ---D | M]
[2014/06/01 09:45:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\Mozilla\Extensions
[2014/06/05 21:13:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\um3b5d9j.default\extensions
[2014/06/05 21:13:31 | 000,613,778 | ---- | M] () (No name found) -- C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\um3b5d9j.default\extensions\PrivDog@AdTrustMedia.com.xpi
[2014/07/31 19:17:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/01 09:45:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
http://mysearch.avg.com?cid={A8B515C1-491B-4BE2-A52A-CFC8C435D75B}&mid=83a6e400c7d547d1b822d1543418d242-a28c7f72b4a45306ae067ae25539a809c4569ced&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 06:25:11&v=17.3.1.204&pid=safeguard&sg=0&sap=hp
CHR - plugin: Error reading preferences file
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: Skype Click to Call = C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: Google Wallet = C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll (AdTrustMedia)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll (AdTrustMedia)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] D:\Anti-Malware\ADAWARE\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4:64bit: - HKLM..\Run: [GamecomSound] C:\Program Files\Plantronics\GameCom780\GameCom780.exe ()
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LiveUpdate 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll (AdTrustMedia)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll (AdTrustMedia)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E40A980F-75E6-4B4A-BCEC-DD29AEBAE5D4}: DhcpNameServer = 192.168.0.25
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/14 04:29:38 | 000,000,122 | ---- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/02/07 05:30:24 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/07/14 04:29:38 | 000,000,122 | R--- | M] () - H:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{6658116d-a834-11e3-9d2e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6658116d-a834-11e3-9d2e-806e6f6e6963}\Shell\AutoRun\command - "" = setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\LVCodec2.dll (Logitech Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/08/30 11:07:11 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Dennis\Desktop\HiJackThis.exe
[2014/08/30 11:07:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
[2014/08/30 10:31:10 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Dennis\Desktop\JRT.exe
[2014/08/30 10:18:00 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/08/30 10:04:42 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Lavasoft
[2014/08/30 09:53:11 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2014/08/30 09:49:33 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\LavasoftStatistics
[2014/08/30 09:49:31 | 002,084,072 | ---- | C] (Bitdefender) -- C:\Windows\SysNative\bdnc.dll
[2014/08/30 09:49:26 | 001,061,776 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\bdsmtpp.dll
[2014/08/30 09:49:26 | 000,209,984 | ---- | C] (BitDefender) -- C:\Windows\SysNative\BdFirewallSDK.dll
[2014/08/30 09:49:26 | 000,195,016 | ---- | C] (BitDefender) -- C:\Windows\SysNative\httproxy.dll
[2014/08/30 09:49:26 | 000,155,912 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\bdpop3p.dll
[2014/08/30 09:49:26 | 000,122,928 | ---- | C] (BitDefender) -- C:\Windows\SysNative\OEMbdpredir.dll
[2014/08/30 09:49:26 | 000,096,160 | ---- | C] (BitDefender) -- C:\Windows\SysNative\bdpredir.dll
[2014/08/30 09:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2014/08/30 09:43:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/08/30 09:43:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/08/30 08:18:48 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/30 08:18:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Malware
[2014/08/30 08:18:11 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/08/30 08:18:11 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/08/30 08:18:11 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/08/30 08:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/08/30 06:12:17 | 000,000,000 | ---D | C] -- C:\ProgramData\pastaleads
[2014/08/30 06:12:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pastaleads
[2014/08/30 05:56:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2014/08/30 05:55:03 | 000,000,000 | ---D | C] -- C:\Windows\HP_Photosmart_Pro_Plug-in_Help
[2014/08/30 05:54:27 | 000,131,072 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpz3l4v6.dll
[2014/08/30 05:54:27 | 000,056,320 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\HPBMINI.DLL
[2014/08/30 05:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/08/30 05:52:59 | 000,338,944 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2014/08/30 05:51:33 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\Hewlett-Packard
[2014/08/30 05:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2014/08/29 01:38:10 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2014/08/28 08:08:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/08/27 13:24:59 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/22 10:45:16 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\RetouchPilot
[2014/08/22 10:42:00 | 002,933,528 | ---- | C] (Two Pilots ) -- C:\Users\Dennis\Desktop\retouch_3.1.exe
[2014/08/22 10:33:33 | 000,000,000 | ---D | C] -- C:\Users\Dennis\.thumbnails
[2014/08/22 10:30:24 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\fontconfig
[2014/08/22 10:30:23 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\gegl-0.2
[2014/08/22 10:30:23 | 000,000,000 | ---D | C] -- C:\Users\Dennis\.gimp-2.8
[2014/08/22 10:28:33 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2014/08/21 22:33:09 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/21 22:33:09 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/21 22:33:09 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/08/21 22:33:06 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/21 22:33:06 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/21 22:33:06 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/21 22:33:06 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/21 22:33:06 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/08/21 22:33:06 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/08/21 22:33:04 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/21 22:33:04 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/21 22:33:04 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/08/21 22:33:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/08/21 12:30:50 | 000,727,592 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2014/08/21 12:30:50 | 000,601,360 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2014/08/21 12:30:50 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2014/08/20 05:55:06 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\HP
[2014/08/16 03:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2014/08/16 03:00:32 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2014/08/16 03:00:32 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2014/08/16 03:00:32 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2014/08/16 03:00:32 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2014/08/16 03:00:31 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2014/08/16 03:00:31 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2014/08/16 03:00:28 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/08/16 03:00:28 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/08/15 22:48:54 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/08/15 22:48:54 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/08/15 22:48:54 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/08/15 22:48:54 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/08/15 22:48:54 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/08/15 22:48:54 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/08/15 22:48:50 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/08/15 22:48:50 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/08/15 22:48:50 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/08/15 22:48:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/08/15 22:48:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/08/15 22:48:50 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/08/15 22:48:50 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/08/15 22:48:49 | 002,001,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/08/15 22:48:49 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/08/15 22:48:49 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/08/15 22:48:49 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/08/15 22:48:49 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/08/15 22:48:49 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/08/15 22:48:49 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/08/15 22:48:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/08/15 22:48:49 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/08/15 22:48:48 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/08/15 22:48:47 | 002,087,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/08/15 22:48:47 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/08/15 22:48:47 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/08/15 22:48:47 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/08/15 22:48:47 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/08/15 22:48:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/08/15 22:48:46 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/08/15 22:48:46 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/08/15 22:48:46 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/08/15 22:48:46 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/08/15 22:48:46 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/08/15 22:48:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/08/15 22:48:45 | 005,824,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/08/15 22:48:45 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/08/15 22:48:45 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/08/15 22:48:45 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/08/15 22:48:45 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/08/15 22:48:44 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/08/15 22:48:12 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/08/14 20:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISIS Scanner Drivers
[2014/08/14 20:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ISIS DRIVERS
[2014/08/14 20:32:45 | 000,491,792 | ---- | C] (Captiva Software Corp.) -- C:\Windows\SysWow64\qd1.dll
[2014/08/14 20:32:45 | 000,401,484 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcrtd.dll
[2014/08/14 20:32:45 | 000,231,552 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\pixdflt.dll
[2014/08/14 20:32:45 | 000,213,264 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\PIXDFLTN.DLL
[2014/08/14 20:32:45 | 000,074,000 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\PIXLOCN.DLL
[2014/08/14 20:32:45 | 000,053,520 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\PIXPERMN.DLL
[2014/08/14 20:32:45 | 000,032,768 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\pixsecur.dll
[2014/08/14 20:32:45 | 000,023,152 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\pixperm.dll
[2014/08/14 20:32:45 | 000,021,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\ctl3d.dll
[2014/08/14 20:32:45 | 000,016,064 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\pixloc.dll
[2014/08/14 20:32:44 | 000,163,840 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\pixn1520.dll
[2014/08/14 20:32:44 | 000,155,648 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\pixn1120.dll
[2014/08/14 20:32:44 | 000,143,360 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\pixn1020.dll
[2014/08/14 20:32:44 | 000,098,304 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\pixn1320.dll
[2014/08/14 20:32:44 | 000,044,032 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\pixn20.dll
[2014/08/14 20:32:44 | 000,032,768 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\SysWow64\pixth32.dll
[2014/08/14 20:32:44 | 000,004,032 | ---- | C] (Pixel Translations Incorporated) -- C:\Windows\System\pixth16.dll
[2014/08/14 20:32:43 | 000,200,704 | ---- | C] (EMC Corporation) -- C:\Windows\SysWow64\twpix32.dll
[2014/08/14 20:32:43 | 000,000,000 | ---D | C] -- C:\Windows\PIXTRAN
[2014/08/14 20:32:35 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2014/08/14 20:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2014/08/14 19:16:49 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\HP
[2014/08/14 19:08:47 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\HpUpdate
[2014/08/14 19:08:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[2014/08/14 19:08:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Coupons
[2014/08/14 19:07:49 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2014/08/14 19:07:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2014/08/14 19:07:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2014/08/14 19:06:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2014/08/14 19:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/08/14 19:06:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2014/08/14 19:06:10 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2014/08/14 19:04:29 | 001,405,952 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpost_p02a.dll
[2014/08/14 19:04:29 | 000,966,656 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hposwia_p02a.dll
[2014/08/14 19:04:29 | 000,510,464 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hposc_p02a.dll
[2014/08/14 18:58:55 | 000,000,000 | R--D | C] -- C:\Users\Dennis\Documents\Scanned Documents
[2014/08/14 18:58:54 | 000,000,000 | ---D | C] -- C:\Users\Dennis\Documents\Fax
[2014/08/14 18:37:57 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Comodo
[2014/08/13 20:15:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/08/13 20:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/08/13 20:15:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/08/10 13:30:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/08/10 13:30:37 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/08/10 13:30:32 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/08/10 13:30:32 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/08/10 13:30:32 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/08/10 13:30:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/08/03 17:58:09 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MeshLab
========== Files - Modified Within 30 Days ==========
[2014/08/30 11:26:55 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2014/08/30 11:16:00 | 000,191,456 | ---- | M] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2014/08/30 11:11:53 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/30 11:10:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/30 11:03:07 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/08/30 11:03:07 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/30 11:03:07 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/30 11:00:42 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Dennis\Desktop\HiJackThis.exe
[2014/08/30 10:58:18 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/30 10:57:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
[2014/08/30 10:57:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/30 10:56:58 | 3220,578,301 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/30 10:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/08/30 10:14:37 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Dennis\Desktop\JRT.exe
[2014/08/30 09:48:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/08/30 07:08:55 | 000,220,641 | ---- | M] () -- C:\Windows\hpoins35.dat
[2014/08/30 06:33:53 | 000,446,944 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/30 06:15:01 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2014/08/30 06:15:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2014/08/30 06:14:59 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2014/08/30 06:14:49 | 000,014,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/08/30 06:14:49 | 000,014,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/08/30 06:14:45 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2014/08/30 05:56:46 | 000,194,563 | ---- | M] () -- C:\Windows\hphins19.dat
[2014/08/28 08:10:54 | 000,699,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/08/28 08:10:54 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/08/26 09:25:03 | 000,114,299 | ---- | M] () -- C:\Users\Dennis\Documents\mr coffee.png
[2014/08/26 09:24:40 | 000,042,327 | ---- | M] () -- C:\Users\Dennis\Documents\coffee.jpg
[2014/08/22 21:07:00 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/22 11:12:47 | 000,040,146 | ---- | M] () -- C:\Users\Dennis\Documents\angie2.jpg
[2014/08/22 11:04:34 | 000,035,838 | ---- | M] () -- C:\Users\Dennis\Documents\angie.jpg
[2014/08/22 10:42:01 | 002,933,528 | ---- | M] (Two Pilots ) -- C:\Users\Dennis\Desktop\retouch_3.1.exe
[2014/08/22 10:33:34 | 000,000,844 | ---- | M] () -- C:\Users\Dennis\AppData\Local\recently-used.xbel
[2014/08/21 12:30:50 | 000,727,592 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2014/08/21 12:30:50 | 000,601,360 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2014/08/21 12:30:50 | 000,261,056 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2014/08/20 09:04:27 | 008,512,978 | ---- | M] () -- C:\Users\Dennis\Documents\JanetsBS0001.pdf
[2014/08/20 07:43:59 | 000,049,541 | ---- | M] () -- C:\Users\Dennis\Documents\andie.jpg
[2014/08/20 05:57:51 | 000,082,872 | ---- | M] () -- C:\Users\Dennis\Documents\angiebday.jpg
[2014/08/15 14:13:13 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/14 20:33:09 | 000,000,031 | ---- | M] () -- C:\Windows\setscan.ini
[2014/08/14 20:30:30 | 000,002,211 | ---- | M] () -- C:\Users\Public\Desktop\HP Copy (5590).lnk
[2014/08/14 20:30:30 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\HP Scanning (5590).lnk
[2014/08/14 19:13:36 | 000,002,323 | ---- | M] () -- C:\Users\Public\Desktop\Add a Device - Photosmart C309a series.lnk
[2014/08/14 19:08:26 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2014/08/14 19:07:46 | 000,001,315 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2014/08/14 19:07:40 | 000,001,161 | ---- | M] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2014/08/14 19:07:34 | 000,002,099 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2014/08/14 18:26:12 | 000,053,827 | ---- | M] () -- C:\Users\Dennis\Documents\SAMSCLUB.pdf
[2014/08/08 19:22:16 | 001,291,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014/08/08 19:22:16 | 001,126,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/08/08 19:22:05 | 001,715,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014/08/08 19:22:05 | 001,283,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
========== Files Created - No Company Name ==========
[2014/08/30 09:49:26 | 000,156,936 | ---- | C] () -- C:\Windows\SysNative\bdfwcore.dll
[2014/08/30 09:48:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/08/30 05:54:27 | 000,109,568 | ---- | C] () -- C:\Windows\SysNative\hpzpnp.dll
[2014/08/30 05:54:27 | 000,018,224 | ---- | C] () -- C:\Windows\SysNative\hpceac06.hpi
[2014/08/30 05:53:18 | 000,194,563 | ---- | C] () -- C:\Windows\hphins19.dat
[2014/08/30 05:53:18 | 000,000,405 | ---- | C] () -- C:\Windows\hphmdl19.dat
[2014/08/26 09:25:02 | 000,114,299 | ---- | C] () -- C:\Users\Dennis\Documents\mr coffee.png
[2014/08/26 09:24:40 | 000,042,327 | ---- | C] () -- C:\Users\Dennis\Documents\coffee.jpg
[2014/08/22 11:12:47 | 000,040,146 | ---- | C] () -- C:\Users\Dennis\Documents\angie2.jpg
[2014/08/22 11:04:34 | 000,035,838 | ---- | C] () -- C:\Users\Dennis\Documents\angie.jpg
[2014/08/22 10:33:34 | 000,000,844 | ---- | C] () -- C:\Users\Dennis\AppData\Local\recently-used.xbel
[2014/08/22 10:28:53 | 000,000,894 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2014/08/20 09:03:58 | 008,512,978 | ---- | C] () -- C:\Users\Dennis\Documents\JanetsBS0001.pdf
[2014/08/20 07:43:59 | 000,049,541 | ---- | C] () -- C:\Users\Dennis\Documents\andie.jpg
[2014/08/20 05:57:50 | 000,082,872 | ---- | C] () -- C:\Users\Dennis\Documents\angiebday.jpg
[2014/08/14 20:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\setscan.ini
[2014/08/14 20:30:30 | 000,002,211 | ---- | C] () -- C:\Users\Public\Desktop\HP Copy (5590).lnk
[2014/08/14 20:30:30 | 000,002,175 | ---- | C] () -- C:\Users\Public\Desktop\HP Scanning (5590).lnk
[2014/08/14 19:17:48 | 000,000,778 | ---- | C] () -- C:\Windows\hpomdl35.dat.temp
[2014/08/14 19:13:36 | 000,002,323 | ---- | C] () -- C:\Users\Public\Desktop\Add a Device - Photosmart C309a series.lnk
[2014/08/14 19:08:35 | 000,001,054 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2014/08/14 19:08:26 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2014/08/14 19:07:46 | 000,001,315 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2014/08/14 19:07:40 | 000,001,161 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2014/08/14 19:07:34 | 000,002,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2014/08/14 19:04:39 | 000,220,641 | ---- | C] () -- C:\Windows\hpoins35.dat
[2014/08/14 19:04:39 | 000,000,778 | ---- | C] () -- C:\Windows\hpomdl35.dat
[2014/08/14 18:26:12 | 000,053,827 | ---- | C] () -- C:\Users\Dennis\Documents\SAMSCLUB.pdf
[2014/04/27 09:50:20 | 000,000,402 | ---- | C] () -- C:\Windows\PLTGC.ini.cfl
[2014/04/27 09:50:18 | 000,000,534 | ---- | C] () -- C:\Windows\PLTGC.ini.imi
[2014/04/27 09:50:17 | 000,003,489 | ---- | C] () -- C:\Windows\PLTGC.ini.cfg
[2014/04/14 13:55:09 | 000,000,148 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2014/04/07 20:29:39 | 000,000,447 | ---- | C] () -- C:\Windows\PLTGC.ini
[2014/03/10 04:50:46 | 000,774,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/03/10 04:24:00 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2014/03/10 04:15:22 | 000,036,864 | ---- | C] () -- C:\Windows\runSW.exe
[2014/03/10 03:32:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012/09/21 14:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/09/21 14:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/09/21 14:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 21:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 21:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/03/10 18:00:37 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\.minecraft
[2014/05/24 03:24:44 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Electronic Arts
[2014/05/17 01:01:02 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Firestorm_x64
[2014/07/16 11:21:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\HK_CLIENT_NEWSYSM
[2014/04/05 18:39:53 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Leadertech
[2014/05/28 07:37:57 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\MakerBot
[2014/04/20 09:03:39 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\ManCTL
[2014/04/17 09:48:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Oracle
[2014/08/22 10:45:16 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\RetouchPilot
[2014/07/16 11:19:25 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\SYSM-Monitor
[2014/07/25 11:32:54 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Unity
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2009/07/13 21:30:02 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\PolicyDefinitions\en-US\Explorer.adml
[2009/07/13 21:30:02 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_7ef5713984067904\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2009/06/10 15:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx
[2009/06/10 15:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_71af9b5b0a86e6b7\Explorer.admx
< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 01:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 01:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 01:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 01:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >
[2009/07/13 21:26:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\en-US\explorer.exe.mui
[2009/07/13 21:26:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_61e778c48d52d19b\explorer.exe.mui
[2009/07/13 21:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2009/07/13 21:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_6c3c2316c1b39396\explorer.exe.mui
< MD5 for: IEXPLORE.BAT >
[2014/04/06 00:13:18 | 000,031,401 | ---- | M] () MD5=335DFF8F23E5EC02B5426362F0F8509B -- C:\Users\Dennis\AppData\Local\Temp\jrt\iexplore.bat
< MD5 for: IEXPLORE.EXE >
[2013/03/03 23:49:09 | 000,672,928 | ---- | M] (Microsoft Corporation) MD5=050A612C1CE0C7095CAD64EA32C570DB -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21484_none_1a42c5438bf82907\iexplore.exe
[2014/03/07 20:59:00 | 000,811,728 | ---- | M] (Microsoft Corporation) MD5=0667ED9F8E905E1F73DB60ACCEDCBCA7 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17041_none_858ffb5bf711c81f\iexplore.exe
[2014/03/29 14:15:59 | 000,804,560 | ---- | M] (Microsoft Corporation) MD5=0685765C0CBE095BA0C6C8790BAE21EF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_7b0d6f67c2d3f97a\iexplore.exe
[2014/03/11 03:28:55 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=10EB5C0E376727E21198B14E2F1637F7 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16540_none_1792a6b1b4db682c\iexplore.exe
[2014/06/20 15:14:31 | 000,810,160 | ---- | M] (Microsoft Corporation) MD5=24868C9D422EDB5B249C0C81B01A0C19 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17207_none_7b212759c2c57270\iexplore.exe
[2009/07/13 20:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_19ba3f8a72d988f3\iexplore.exe
[2014/07/31 18:41:41 | 000,810,176 | ---- | M] (Microsoft Corporation) MD5=31A7689F580F37B52F65B9653F8916D4 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17239_none_7b23faa7c2c2f1b7\iexplore.exe
[2014/03/11 03:28:45 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=390914F89AFA344319B9CF59306FF9A9 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16540_none_0d3dfc5f807aa631\iexplore.exe
[2014/03/01 17:02:17 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=3A3BEA53F039CE2E997A918E26E30B1D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16521_none_8557e945f73c23ff\iexplore.exe
[2014/06/02 01:03:18 | 000,810,200 | ---- | M] (Microsoft Corporation) MD5=4F2AA3E7BD7257E4937E071E3700819E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17126_none_7b2e0ea1c2bb6f8c\iexplore.exe
[2013/03/02 00:06:58 | 000,672,912 | ---- | M] (Microsoft Corporation) MD5=58D926F3B2113BF849162C9C26FE21DC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.17267_none_19d1c74872c7a039\iexplore.exe
[2014/06/01 23:43:13 | 000,812,248 | ---- | M] (Microsoft Corporation) MD5=60F88F6CA6303E8273AF7AAA9AAFECAC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17126_none_8582b8f3f71c3187\iexplore.exe
[2014/03/01 17:33:45 | 000,806,104 | ---- | M] (Microsoft Corporation) MD5=84BCBFB752B96543307E6602E669A95A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16521_none_7b033ef3c2db6204\iexplore.exe
[2010/11/20 08:28:25 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe
[2014/03/20 03:18:05 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=A4916CEE3278F39F606CCA2CAC35CF31 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16844_none_167142661e5038fb\iexplore.exe
[2013/03/02 00:50:08 | 000,696,480 | ---- | M] (Microsoft Corporation) MD5=AFB0FE34A9B7F1B7A70276B9C1A78114 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.17267_none_0f7d1cf63e66de3e\iexplore.exe
[2013/03/04 00:42:51 | 000,696,464 | ---- | M] (Microsoft Corporation) MD5=B1B17B56E0F9AE84A1F75E757217154E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21484_none_0fee1af15797670c\iexplore.exe
[2010/11/20 07:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
[2014/03/29 14:16:16 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_856219b9f734bb75\iexplore.exe
[2014/06/20 14:39:54 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=CD900EFB4F8946A2BB1950D9F45915C2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17207_none_8575d1abf726346b\iexplore.exe
[2014/07/31 18:16:35 | 000,812,224 | ---- | M] (Microsoft Corporation) MD5=CDF01A5C7927786A708EAEE91F14797B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17239_none_8578a4f9f723b3b2\iexplore.exe
[2014/03/07 21:34:14 | 000,809,680 | ---- | M] (Microsoft Corporation) MD5=EA8386CA87165460D39A1D29FF11080B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17041_none_7b3b5109c2b10624\iexplore.exe
[2009/07/13 20:43:43 | 000,696,600 | ---- | M] (Microsoft Corporation) MD5=F2B0D41E1D08D0B2006DF5AA2E74C81E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_0f6595383e78c6f8\iexplore.exe
[2014/03/20 03:18:19 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=F71D97B6B631D565AF7C6E0BDF9D49F4 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16844_none_20c5ecb852b0faf6\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2014/03/29 14:16:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2014/03/29 14:16:03 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2014/03/29 14:16:03 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_74ba04defa813a61\iexplore.exe.mui
[2014/03/29 14:16:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_7f0eaf312ee1fc5c\iexplore.exe.mui
[2014/03/11 03:28:45 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=17FAE936C452188D05852DE8D1082013 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_07013012b816cb66\iexplore.exe.mui
[2014/03/11 03:28:59 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_1155da64ec778d61\iexplore.exe.mui
[2014/03/20 03:18:08 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_103c8b6555e6a67e\iexplore.exe.mui
[2014/03/20 03:18:22 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_1a9135b78a476879\iexplore.exe.mui
[2009/07/13 21:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_en-us_09122aaf762607df\iexplore.exe.mui
[2009/07/13 21:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_0b433e7773148b79\iexplore.exe.mui
[2009/07/13 21:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_en-us_1366d501aa86c9da\iexplore.exe.mui
[2009/07/13 21:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_1597e8c9a7754d74\iexplore.exe.mui
< MD5 for: SERVICES >
[2009/06/10 16:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
< MD5 for: SERVICES.CFG >
[2014/05/08 08:48:48 | 000,560,495 | ---- | M] () MD5=12A7DDA9C7CA1AAA2C6F36BB1E24528B -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg
[2012/09/23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
< MD5 for: SERVICES.DAT >
[2014/04/05 23:32:27 | 000,004,173 | ---- | M] () MD5=ED018DB6916ACAB46011A330B4B116AA -- C:\Users\Dennis\AppData\Local\Temp\jrt\services.dat
< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 21:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2009/07/13 21:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui
< MD5 for: SERVICES.LNK >
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
< MD5 for: SERVICES.MSC >
[2009/07/13 21:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 21:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PTXML >
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
< MD5 for: WINLOGON.ADML >
[2009/07/13 21:25:22 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\PolicyDefinitions\en-US\WinLogon.adml
[2009/07/13 21:25:22 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_f0f9032ef6930070\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2009/06/10 16:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\PolicyDefinitions\WinLogon.admx
[2009/06/10 16:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_d7024e6992f3424d\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014/03/04 06:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 04:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014/03/04 04:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2009/10/28 02:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2010/11/20 08:00:25 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\SysNative\en-US\winlogon.exe.mui
[2010/11/20 08:00:25 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_291e96fa1ab5fc7b\winlogon.exe.mui
[2009/07/13 21:29:52 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=56D03B64B8C483C1D12A8E4577B3B332 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7600.16385_en-us_26ed83321dc778e1\winlogon.exe.mui
< MD5 for: WINLOGON.MFL >
[2009/07/13 21:27:22 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\SysNative\wbem\en-US\winlogon.mfl
[2009/07/13 21:27:22 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_84afd4fd38ffd276\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2009/07/13 15:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\SysNative\wbem\winlogon.mof
[2009/07/13 15:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_dc2dbb778f98e40f\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2009/07/14 04:29:38 | 000,000,122 | ---- | M] () -- C:\autorun.inf
[2014/03/11 17:36:15 | 000,000,426 | ---- | M] () -- C:\AVScanner.ini
[2010/11/20 07:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2009/07/14 04:29:38 | 000,667,712 | ---- | M] (Microsoft Corporation) -- C:\bootmgr.efi
[2014/03/10 05:13:19 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014/08/30 10:56:58 | 3220,578,301 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/30 10:57:01 | 4294,107,132 | -HS- | M] () -- C:\pagefile.sys
[2014/01/15 19:42:40 | 000,608,032 | ---- | M] (McAfee, Inc.) -- C:\SecurityScanner.dll
[2009/07/14 04:29:38 | 000,106,760 | ---- | M] (Microsoft Corporation) -- C:\setup.exe
[2014/03/10 04:53:12 | 000,000,032 | ---- | M] () -- C:\setup.log
< %systemroot%\Fonts\*.com >
[2009/07/14 00:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 00:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 00:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 00:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/10 15:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/07/13 23:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 8690-7539
Directory of C:\
07/14/2009 12:08 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/14/2009 12:08 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 12:08 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 12:08 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 12:08 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 12:08 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:08 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/14/2009 12:08 AM <SYMLINKD> All Users [C:\ProgramData]
07/14/2009 12:08 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/14/2009 12:08 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 12:08 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 12:08 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 12:08 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 12:08 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:08 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/14/2009 12:08 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009 12:08 AM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/14/2009 12:08 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/14/2009 12:08 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/14/2009 12:08 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 12:08 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 12:08 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 12:08 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 12:08 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 12:08 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 12:08 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/14/2009 12:08 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 12:08 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 12:08 AM <JUNCTION> My Music [C:\Users\Default\Music]
07/14/2009 12:08 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/14/2009 12:08 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Dennis
03/10/2014 02:47 AM <JUNCTION> Application Data [C:\Users\Dennis\AppData\Roaming]
03/10/2014 02:47 AM <JUNCTION> Cookies [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Cookies]
03/10/2014 02:47 AM <JUNCTION> Local Settings [C:\Users\Dennis\AppData\Local]
03/10/2014 02:47 AM <JUNCTION> My Documents [C:\Users\Dennis\Documents]
03/10/2014 02:47 AM <JUNCTION> NetHood [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/10/2014 02:47 AM <JUNCTION> PrintHood [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/10/2014 02:47 AM <JUNCTION> Recent [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Recent]
03/10/2014 02:47 AM <JUNCTION> SendTo [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\SendTo]
03/10/2014 02:47 AM <JUNCTION> Start Menu [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu]
03/10/2014 02:47 AM <JUNCTION> Templates [C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Dennis\AppData\Local
03/10/2014 02:47 AM <JUNCTION> Application Data [C:\Users\Dennis\AppData\Local]
03/10/2014 02:47 AM <JUNCTION> History [C:\Users\Dennis\AppData\Local\Microsoft\Windows\History]
03/10/2014 02:47 AM <JUNCTION> Temporary Internet Files [C:\Users\Dennis\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Dennis\Documents
03/10/2014 02:47 AM <JUNCTION> My Music [C:\Users\Dennis\Music]
03/10/2014 02:47 AM <JUNCTION> My Pictures [C:\Users\Dennis\Pictures]
03/10/2014 02:47 AM <JUNCTION> My Videos [C:\Users\Dennis\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 12:08 AM <JUNCTION> My Music [C:\Users\Public\Music]
07/14/2009 12:08 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:08 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
50 Dir(s) 152,875,524,096 bytes free
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2014/03/11 08:39:24 | 000,000,221 | -HS- | M] () -- C:\Users\Dennis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2014/08/30 11:00:42 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Dennis\Desktop\HiJackThis.exe
[2014/08/30 10:14:37 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Dennis\Desktop\JRT.exe
[2014/08/30 10:57:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
[2014/08/22 10:42:01 | 002,933,528 | ---- | M] (Two Pilots ) -- C:\Users\Dennis\Desktop\retouch_3.1.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >