Cannot remove SCORPION SAVER/ADPEAK

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
I do not understand why the full report is not posting, since I'm copying everything down to "end of report".

Here's a new one:

OTL logfile created on: 11/30/2013 1:48:24 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Folders\Downloads\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 60.23% Memory free
8.00 Gb Paging File | 6.27 Gb Available in Paging File | 78.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372.51 Gb Total Space | 319.75 Gb Free Space | 85.84% Space Free | Partition Type: NTFS
Drive I: | 1.87 Gb Total Space | 1.37 Gb Free Space | 73.44% Space Free | Partition Type: NTFS
Drive J: | 298.09 Gb Total Space | 119.38 Gb Free Space | 40.05% Space Free | Partition Type: NTFS
Drive K: | 465.76 Gb Total Space | 277.05 Gb Free Space | 59.48% Space Free | Partition Type: NTFS

Computer Name: WIN7 | User Name: Folders | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Folders\Downloads\Programs\OTL_2.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
PRC - C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe (Plex, Inc.)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Python Software Foundation)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)
PRC - C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
PRC - C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe (Hauppauge Computer Works)
PRC - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32com.shell.shell.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_elementtree.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32api.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_socket.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_multiprocessing.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32ts.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._gdi_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._misc_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\windows._cacheinvalidation.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pythoncom27.dll ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\PyWinTypes27.dll ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_ctypes.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._html2.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32profile.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32crypt.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._core_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_ssl.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32security.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32pdh.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._windows_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_hashlib.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._wizard.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32file.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32inet.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32process.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._controls_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\unicodedata.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pyexpat.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32event.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\select.pyd ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\tag.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\swscale-0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avutil-50.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avcodec-52.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avformat-52.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (GenieTimelineService) -- C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe (Genie9)
SRV:64bit: - (SpyHunter 4 Service) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
SRV:64bit: - (AdpeakProxy) -- C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NZ) -- C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe (Symantec Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AdvancedSystemCareService7) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)
SRV - (HauppaugeTVServer) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
SRV - (IMFservice) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SRV - (Hauppauge WinTV Extender) -- C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe (Hauppauge Computer Works, Inc)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (ccSet_NZ) -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys ()
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (EsgScanner) -- C:\Windows\SysNative\drivers\EsgScanner.sys ()
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (hcw18bda) -- C:\Windows\SysNative\drivers\hcw18bda.sys (Hauppauge Computer Works, Inc)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (FETNDIS) -- C:\Windows\SysNative\drivers\fet6x64.sys (VIA Technologies, Inc. )
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (UrlFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys (IObit.com)
DRV - (RegFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys (IObit.com)
DRV - (FileMonitor) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys (IObit)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.64
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\EXTENSIONS\\mozilla_cc@internetdownloadmanager.com: C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5 [2013/11/25 23:33:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5 [2013/11/25 23:33:11 | 000,000,000 | ---D | M]

[2013/11/11 20:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Folders\AppData\Roaming\Mozilla\Extensions
[2013/11/28 18:09:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\extensions
[2013/11/21 20:32:24 | 000,007,911 | ---- | M] () -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\searchplugins\Google.xml
[2013/11/12 18:51:42 | 000,000,905 | ---- | M] () -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\searchplugins\yahoo_ff.xml
[2013/11/25 23:30:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/25 23:33:11 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\FOLDERS\APPDATA\ROAMING\IDM\IDMMZCC5

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:eek:mniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Google Drive = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: avast! Online Security = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_1\
CHR - Extension: IDM Integration Module = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.7_1\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Google Wallet = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\8d25ed94-bb32-4930-87d7-4c74dc4f01ce.exe (AVAST Software)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Qwest Personal Digital Vault] "C:\Program Files (x86)\CenturyLink Personal Digital Vault\QwestPersonalDigitalVault.exe" /m File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [GoogleChromeAutoLaunch_4D58BC9D6CE41938B37776A7615543AA] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [GoogleDriveSync] c:\program files (x86)\google\drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9174F4D4-A1F3-4903-AEC4-365046D8E2F9}: DhcpNameServer = 192.168.0.1 205.171.2.25
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/11/23 15:11:00 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/30 13:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs
[2013/11/30 13:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/11/28 16:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/11/28 14:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\ScorpionSaver Services
[2013/11/28 12:11:21 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\IDM2
[2013/11/28 11:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Genie9
[2013/11/28 11:34:39 | 000,000,000 | ---D | C] -- C:\0f4b1c2beb7b6dabc8ddb5daad65d67a
[2013/11/28 10:18:12 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\autorun
[2013/11/27 20:18:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter
[2013/11/27 20:10:07 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Systweak
[2013/11/27 20:10:06 | 000,019,392 | ---- | C] (Dll-Files.com) -- C:\Windows\SysNative\roboot64.exe
[2013/11/27 16:08:43 | 000,000,000 | ---D | C] -- C:\b1e34f6098ca96049f4c
[2013/11/27 16:06:54 | 000,000,000 | ---D | C] -- C:\4d3d87bbdec4022af663ac6a6c75
[2013/11/27 16:04:12 | 000,000,000 | ---D | C] -- C:\f287f11a16765c212c1b6c
[2013/11/27 16:01:31 | 000,000,000 | ---D | C] -- C:\e407f43d348aefaebea4b46177
[2013/11/27 16:00:45 | 000,000,000 | ---D | C] -- C:\5733db8184d72843ca1e49ed71b62fc1
[2013/11/27 15:59:42 | 000,000,000 | ---D | C] -- C:\31b674d54c6afb206866
[2013/11/27 13:29:55 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2013/11/27 13:29:53 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013/11/26 20:55:06 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013/11/26 20:55:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/11/26 20:53:44 | 000,000,000 | ---D | C] -- C:\7b324cffb58ae272b47de342
[2013/11/26 18:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/11/26 16:37:17 | 000,047,064 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013/11/26 13:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinTV
[2013/11/26 13:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Hauppauge
[2013/11/26 13:48:29 | 000,000,000 | ---D | C] -- C:\Hauppauge
[2013/11/26 13:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/11/25 23:28:31 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/25 22:58:22 | 000,000,000 | ---D | C] -- C:\Windows\tasks\TaskDisabled
[2013/11/23 15:10:09 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/11/23 15:09:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/11/22 16:51:16 | 000,038,672 | ---- | C] (PCTV Systems S.à r.l.) -- C:\Windows\SysWow64\pcleUtil.dll
[2013/11/22 16:51:00 | 000,831,554 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwtvwnd.dll
[2013/11/22 16:51:00 | 000,323,640 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwpnp32.dll
[2013/11/22 16:51:00 | 000,118,840 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwi2c32.dll
[2013/11/22 16:51:00 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwutl32.dll
[2013/11/22 16:48:57 | 000,912,896 | ---- | C] (Hauppauge Computer Works, Inc) -- C:\Windows\SysNative\drivers\hcw18bda.sys
[2013/11/22 16:48:57 | 000,139,264 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysNative\hcw18prop.ax
[2013/11/22 16:48:57 | 000,117,248 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\hcw18CCv.ax
[2013/11/22 12:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/11/22 10:51:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/11/22 10:39:45 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/21 20:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2013/11/21 20:22:10 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Adobe
[2013/11/21 19:29:38 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\eCyber
[2013/11/21 14:10:52 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Real
[2013/11/21 14:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/11/20 18:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genie9
[2013/11/20 18:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Genie9
[2013/11/20 17:58:48 | 000,000,000 | R--D | C] -- C:\Users\Folders\Desktop\Backup
[2013/11/20 17:58:47 | 000,000,000 | R--D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
[2013/11/20 17:58:47 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2013/11/20 17:57:45 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Genie9
[2013/11/19 19:02:59 | 000,000,000 | R--D | C] -- C:\Users\Folders\Google Drive
[2013/11/19 14:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer
[2013/11/19 14:36:59 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer
[2013/11/19 14:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftMaker Viewer
[2013/11/18 19:25:06 | 000,032,600 | ---- | C] (IObit) -- C:\Windows\SysNative\SmartDefragBootTime.exe
[2013/11/17 17:02:28 | 000,000,000 | ---D | C] -- C:\Users\Folders\Rail Temp
[2013/11/17 14:51:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/11/17 14:51:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2013/11/17 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\DOGS
[2013/11/17 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\Documents
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\DISPUTES
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\Booknizer
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\APARTMENTS
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\AA QWEST
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\WAB
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\VERIZON
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\TAXES
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\RES REF
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\PROP TAX
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\PASSWORDS
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\OLD EMAILS
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\OLD APT
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\LICENSES
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\EMAILS
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\EMAIL ADDRESSES
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\SoftMaker
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\LICENSES PASSWORDS
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\BEND APT
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\AppData
[2013/11/16 15:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Media Preview
[2013/11/16 15:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Media Preview
[2013/11/16 15:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BabelSoft
[2013/11/16 13:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Research
[2013/11/16 13:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
[2013/11/16 12:59:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Foxit Software
[2013/11/16 12:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2013/11/15 21:01:58 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\PhotoScape
[2013/11/15 21:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2013/11/15 21:01:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2013/11/15 18:29:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\CrashDumps
[2013/11/15 13:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013/11/15 13:24:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2013/11/15 13:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2013/11/15 13:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/15 09:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Zone
[2013/11/14 21:35:49 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Qwest
[2013/11/14 19:13:43 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\ccSetx64.sys
[2013/11/14 19:13:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D
[2013/11/14 15:05:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/11/14 13:23:04 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/11/14 13:22:51 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/11/13 18:49:24 | 000,439,296 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysNative\AdpeakProxy64.dll
[2013/11/13 18:49:21 | 000,338,944 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysWow64\AdpeakProxy.dll
[2013/11/13 18:11:18 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\vlc
[2013/11/13 18:10:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/11/13 18:09:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013/11/13 18:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/11/13 17:34:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/11/13 17:26:08 | 001,005,928 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\libeay32.dll
[2013/11/13 17:26:08 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll
[2013/11/13 17:26:08 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll
[2013/11/13 17:26:07 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll
[2013/11/13 17:20:37 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\AVS4YOU
[2013/11/13 17:20:21 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013/11/13 17:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013/11/13 17:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2013/11/13 17:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2013/11/13 17:18:22 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2013/11/13 17:18:21 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2013/11/13 17:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\IDM
[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\DMCache
[2013/11/13 17:08:34 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/11/13 17:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/11/13 17:08:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2013/11/13 16:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2013/11/13 16:18:30 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\OpenOffice
[2013/11/13 16:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CenturyLink Personal Digital Vault™
[2013/11/13 16:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CenturyLink Personal Digital Vault
[2013/11/13 14:37:06 | 000,000,000 | ---D | C] -- C:\Users\Folders\Norton Zone
[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NZx64
[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Zone
[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/11/13 14:35:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013/11/13 14:35:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013/11/13 14:33:36 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013/11/13 14:24:03 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Plex
[2013/11/13 14:23:53 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013/11/13 14:23:52 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013/11/13 14:23:02 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plex Media Center
[2013/11/13 13:40:46 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Apple Computer
[2013/11/13 13:40:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Plex Media Server
[2013/11/13 13:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
[2013/11/13 13:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plex
[2013/11/13 13:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/11/13 12:40:20 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/11/13 11:43:16 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013/11/13 11:39:57 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/13 11:39:57 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/13 11:39:53 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/13 11:39:53 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/13 11:39:53 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/13 11:39:53 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/13 11:39:53 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/13 11:39:53 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/13 11:39:53 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/13 11:39:53 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/13 11:39:53 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/13 11:39:53 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/13 11:39:53 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/13 11:39:53 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/13 11:39:53 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/13 11:39:53 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/13 11:39:53 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/13 11:39:53 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/13 11:39:53 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/13 11:39:53 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/13 11:39:53 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/13 11:39:53 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/13 11:39:53 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/13 11:39:53 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/13 11:39:53 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/13 11:39:53 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/13 11:39:53 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/13 11:39:53 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/13 11:39:53 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/13 11:39:53 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/13 11:39:53 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/13 11:39:53 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/13 11:39:53 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/13 11:39:53 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/13 11:39:53 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/13 11:39:53 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/13 11:39:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/13 11:39:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/13 11:39:53 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/13 11:39:53 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/13 11:39:53 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/13 11:39:53 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/13 11:39:53 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/13 11:39:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/13 11:39:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/13 11:39:53 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/13 11:39:53 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/13 11:39:53 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/13 11:39:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/13 11:39:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/13 11:39:53 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/13 11:39:53 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/13 11:39:53 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/13 11:39:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/13 11:39:53 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/13 11:39:53 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/13 11:39:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/13 11:39:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/13 11:39:53 | 000,069,120 | ---- | C] (Microsoft Corporation)
 

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
and once more:(I'll cut it in to two halves instead of "select all")

OTL logfile created on: 11/30/2013 1:48:24 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Folders\Downloads\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 60.23% Memory free
8.00 Gb Paging File | 6.27 Gb Available in Paging File | 78.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372.51 Gb Total Space | 319.75 Gb Free Space | 85.84% Space Free | Partition Type: NTFS
Drive I: | 1.87 Gb Total Space | 1.37 Gb Free Space | 73.44% Space Free | Partition Type: NTFS
Drive J: | 298.09 Gb Total Space | 119.38 Gb Free Space | 40.05% Space Free | Partition Type: NTFS
Drive K: | 465.76 Gb Total Space | 277.05 Gb Free Space | 59.48% Space Free | Partition Type: NTFS

Computer Name: WIN7 | User Name: Folders | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Folders\Downloads\Programs\OTL_2.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
PRC - C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe (Plex, Inc.)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Python Software Foundation)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)
PRC - C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
PRC - C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe (Hauppauge Computer Works)
PRC - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32com.shell.shell.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_elementtree.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32api.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_socket.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_multiprocessing.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32ts.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._gdi_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._misc_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\windows._cacheinvalidation.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pythoncom27.dll ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\PyWinTypes27.dll ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_ctypes.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._html2.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32profile.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32crypt.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._core_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_ssl.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32security.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32pdh.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._windows_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_hashlib.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._wizard.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32file.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32inet.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32process.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._controls_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\unicodedata.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pyexpat.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32event.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\select.pyd ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\tag.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\swscale-0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avutil-50.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avcodec-52.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avformat-52.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (GenieTimelineService) -- C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe (Genie9)
SRV:64bit: - (SpyHunter 4 Service) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
SRV:64bit: - (AdpeakProxy) -- C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NZ) -- C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe (Symantec Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AdvancedSystemCareService7) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)
SRV - (HauppaugeTVServer) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
SRV - (IMFservice) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SRV - (Hauppauge WinTV Extender) -- C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe (Hauppauge Computer Works, Inc)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (ccSet_NZ) -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys ()
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (EsgScanner) -- C:\Windows\SysNative\drivers\EsgScanner.sys ()
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (hcw18bda) -- C:\Windows\SysNative\drivers\hcw18bda.sys (Hauppauge Computer Works, Inc)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (FETNDIS) -- C:\Windows\SysNative\drivers\fet6x64.sys (VIA Technologies, Inc. )
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (UrlFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys (IObit.com)
DRV - (RegFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys (IObit.com)
DRV - (FileMonitor) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys (IObit)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.64
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\EXTENSIONS\\mozilla_cc@internetdownloadmanager.com: C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5 [2013/11/25 23:33:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5 [2013/11/25 23:33:11 | 000,000,000 | ---D | M]

[2013/11/11 20:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Folders\AppData\Roaming\Mozilla\Extensions
[2013/11/28 18:09:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\extensions
[2013/11/21 20:32:24 | 000,007,911 | ---- | M] () -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\searchplugins\Google.xml
[2013/11/12 18:51:42 | 000,000,905 | ---- | M] () -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\searchplugins\yahoo_ff.xml
[2013/11/25 23:30:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/25 23:33:11 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\FOLDERS\APPDATA\ROAMING\IDM\IDMMZCC5

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:eek:mniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Google Drive = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: avast! Online Security = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_1\
CHR - Extension: IDM Integration Module = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.7_1\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Google Wallet = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\8d25ed94-bb32-4930-87d7-4c74dc4f01ce.exe (AVAST Software)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Qwest Personal Digital Vault] "C:\Program Files (x86)\CenturyLink Personal Digital Vault\QwestPersonalDigitalVault.exe" /m File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [GoogleChromeAutoLaunch_4D58BC9D6CE41938B37776A7615543AA] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [GoogleDriveSync] c:\program files (x86)\google\drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9174F4D4-A1F3-4903-AEC4-365046D8E2F9}: DhcpNameServer = 192.168.0.1 205.171.2.25
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/11/23 15:11:00 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/30 13:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs
[2013/11/30 13:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/11/28 16:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/11/28 14:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\ScorpionSaver Services
[2013/11/28 12:11:21 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\IDM2
[2013/11/28 11:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Genie9
[2013/11/28 11:34:39 | 000,000,000 | ---D | C] -- C:\0f4b1c2beb7b6dabc8ddb5daad65d67a
[2013/11/28 10:18:12 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\autorun
[2013/11/27 20:18:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter
[2013/11/27 20:10:07 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Systweak
[2013/11/27 20:10:06 | 000,019,392 | ---- | C] (Dll-Files.com) -- C:\Windows\SysNative\roboot64.exe
[2013/11/27 16:08:43 | 000,000,000 | ---D | C] -- C:\b1e34f6098ca96049f4c
[2013/11/27 16:06:54 | 000,000,000 | ---D | C] -- C:\4d3d87bbdec4022af663ac6a6c75
[2013/11/27 16:04:12 | 000,000,000 | ---D | C] -- C:\f287f11a16765c212c1b6c
[2013/11/27 16:01:31 | 000,000,000 | ---D | C] -- C:\e407f43d348aefaebea4b46177
[2013/11/27 16:00:45 | 000,000,000 | ---D | C] -- C:\5733db8184d72843ca1e49ed71b62fc1
[2013/11/27 15:59:42 | 000,000,000 | ---D | C] -- C:\31b674d54c6afb206866
[2013/11/27 13:29:55 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2013/11/27 13:29:53 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013/11/26 20:55:06 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013/11/26 20:55:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/11/26 20:53:44 | 000,000,000 | ---D | C] -- C:\7b324cffb58ae272b47de342
[2013/11/26 18:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/11/26 16:37:17 | 000,047,064 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013/11/26 13:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinTV
[2013/11/26 13:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Hauppauge
[2013/11/26 13:48:29 | 000,000,000 | ---D | C] -- C:\Hauppauge
[2013/11/26 13:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/11/25 23:28:31 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/25 22:58:22 | 000,000,000 | ---D | C] -- C:\Windows\tasks\TaskDisabled
[2013/11/23 15:10:09 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/11/23 15:09:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/11/22 16:51:16 | 000,038,672 | ---- | C] (PCTV Systems S.à r.l.) -- C:\Windows\SysWow64\pcleUtil.dll
[2013/11/22 16:51:00 | 000,831,554 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwtvwnd.dll
[2013/11/22 16:51:00 | 000,323,640 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwpnp32.dll
[2013/11/22 16:51:00 | 000,118,840 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwi2c32.dll
[2013/11/22 16:51:00 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwutl32.dll
[2013/11/22 16:48:57 | 000,912,896 | ---- | C] (Hauppauge Computer Works, Inc) -- C:\Windows\SysNative\drivers\hcw18bda.sys
[2013/11/22 16:48:57 | 000,139,264 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysNative\hcw18prop.ax
[2013/11/22 16:48:57 | 000,117,248 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\hcw18CCv.ax
[2013/11/22 12:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/11/22 10:51:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/11/22 10:39:45 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/21 20:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2013/11/21 20:22:10 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Adobe
[2013/11/21 19:29:38 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\eCyber
[2013/11/21 14:10:52 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Real
[2013/11/21 14:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/11/20 18:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genie9
[2013/11/20 18:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Genie9
[2013/11/20 17:58:48 | 000,000,000 | R--D | C] -- C:\Users\Folders\Desktop\Backup
[2013/11/20 17:58:47 | 000,000,000 | R--D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
[2013/11/20 17:58:47 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2013/11/20 17:57:45 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Genie9
[2013/11/19 19:02:59 | 000,000,000 | R--D | C] -- C:\Users\Folders\Google Drive
[2013/11/19 14:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer
[2013/11/19 14:36:59 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer
[2013/11/19 14:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftMaker Viewer
[2013/11/18 19:25:06 | 000,032,600 | ---- | C] (IObit) -- C:\Windows\SysNative\SmartDefragBootTime.exe
[2013/11/17 17:02:28 | 000,000,000 | ---D | C] -- C:\Users\Folders\Rail Temp
[2013/11/17 14:51:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/11/17 14:51:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2013/11/17 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\DOGS
[2013/11/17 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\Documents
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\DISPUTES
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\Booknizer
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\APARTMENTS
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\AA QWEST
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\WAB
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\VERIZON
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\TAXES
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\RES REF
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\PROP TAX
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\PASSWORDS
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\OLD EMAILS
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\OLD APT
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\LICENSES
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\EMAILS
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\EMAIL ADDRESSES
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\SoftMaker
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\LICENSES PASSWORDS
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\BEND APT
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\AppData
[2013/11/16 15:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Media Preview
[2013/11/16 15:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Media Preview
[2013/11/16 15:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BabelSoft
[2013/11/16 13:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Research
[2013/11/16 13:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
[2013/11/16 12:59:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Foxit Software
[2013/11/16 12:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2013/11/15 21:01:58 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\PhotoScape
[2013/11/15 21:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2013/11/15 21:01:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2013/11/15 18:29:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\CrashDumps
[2013/11/15 13:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013/11/15 13:24:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2013/11/15 13:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2013/11/15 13:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/15 09:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Zone
[2013/11/14 21:35:49 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Qwest
[2013/11/14 19:13:43 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\ccSetx64.sys
[2013/11/14 19:13:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D
[2013/11/14 15:05:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/11/14 13:23:04 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/11/14 13:22:51 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/11/13 18:49:24 | 000,439,296 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysNative\AdpeakProxy64.dll
[2013/11/13 18:49:21 | 000,338,944 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysWow64\AdpeakProxy.dll
[2013/11/13 18:11:18 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\vlc
[2013/11/13 18:10:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/11/13 18:09:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013/11/13 18:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/11/13 17:34:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/11/13 17:26:08 | 001,005,928 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\libeay32.dll
[2013/11/13 17:26:08 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll
[2013/11/13 17:26:08 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll
[2013/11/13 17:26:07 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll
[2013/11/13 17:20:37 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\AVS4YOU
[2013/11/13 17:20:21 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013/11/13 17:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013/11/13 17:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2013/11/13 17:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2013/11/13 17:18:22 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2013/11/13 17:18:21 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2013/11/13 17:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\IDM
[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\DMCache
[2013/11/13 17:08:34 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/11/13 17:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/11/13 17:08:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2013/11/13 16:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2013/11/13 16:18:30 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\OpenOffice
[2013/11/13 16:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CenturyLink Personal Digital Vault™
[2013/11/13 16:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CenturyLink Personal Digital Vault
[2013/11/13 14:37:06 | 000,000,000 | ---D | C] -- C:\Users\Folders\Norton Zone
[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NZx64
[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Zone
[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/11/13 14:35:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013/11/13 14:35:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013/11/13 14:33:36 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013/11/13 14:24:03 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Plex
[2013/11/13 14:23:53 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013/11/13 14:23:52 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013/11/13 14:23:02 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plex Media Center
[2013/11/13 13:40:46 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Apple Computer
[2013/11/13 13:40:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Plex Media Server
[2013/11/13 13:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
[2013/11/13 13:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plex
[2013/11/13 13:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/11/13 12:40:20 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/11/13 11:43:16 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013/11/13 11:39:57 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/13 11:39:57 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/13 11:39:53 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/13 11:39:53 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/13 11:39:53 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/13 11:39:53 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/13 11:39:53 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/13 11:39:53 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/13 11:39:53 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/13 11:39:53 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/13 11:39:53 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/13 11:39:53 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/13 11:39:53 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/13 11:39:53 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/13 11:39:53 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/13 11:39:53 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/13 11:39:53 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/13 11:39:53 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/13 11:39:53 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/13 11:39:53 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/13 11:39:53 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/13 11:39:53 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/13 11:39:53 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/13 11:39:53 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/13 11:39:53 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/13 11:39:53 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/13 11:39:53 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/13 11:39:53 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/13 11:39:53 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/13 11:39:53 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/13 11:39:53 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/13 11:39:53 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/13 11:39:53 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/13 11:39:53 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/13 11:39:53 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/13 11:39:53 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/13 11:39:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/13 11:39:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/13 11:39:53 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/13 11:39:53 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/13 11:39:53 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/13 11:39:53 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/13 11:39:53 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/13 11:39:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/13 11:39:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/13 11:39:53 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/13 11:39:53 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/13 11:39:53 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/13 11:39:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/13 11:39:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/13 11:39:53 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/13 11:39:53 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/13 11:39:53 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/13 11:39:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/13 11:39:53 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/13 11:39:53 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/13 11:39:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/13 11:39:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/13 11:39:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/11/13 11:39:53 | 000
 

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
I'm being overwhelmed with adds...every day more and more!

I think our dialogue is getting too long for my computer to transmit. Can we start a new one and continue where we left off?

I have no idea why the entire otl log is not reaching you.
 

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
I'm being overwhelmed with adds...every day more and more!

I think our dialogue is getting too long for my computer to transmit. Can we start a new one and continue where we left off?

I have no idea why the entire otl log is not reaching you.
 

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
I guess I don't understand. What do you mean by "PM"? I thought I sent it again on 12/01.

I'll try again with this replay, but won't it just cut-off the bottom of the scan results like it has done twice before?

OTL logfile created on: 11/30/2013 1:48:24 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Folders\Downloads\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 60.23% Memory free
8.00 Gb Paging File | 6.27 Gb Available in Paging File | 78.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372.51 Gb Total Space | 319.75 Gb Free Space | 85.84% Space Free | Partition Type: NTFS
Drive I: | 1.87 Gb Total Space | 1.37 Gb Free Space | 73.44% Space Free | Partition Type: NTFS
Drive J: | 298.09 Gb Total Space | 119.38 Gb Free Space | 40.05% Space Free | Partition Type: NTFS
Drive K: | 465.76 Gb Total Space | 277.05 Gb Free Space | 59.48% Space Free | Partition Type: NTFS

Computer Name: WIN7 | User Name: Folders | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Folders\Downloads\Programs\OTL_2.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
PRC - C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe (Plex, Inc.)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Python Software Foundation)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)
PRC - C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
PRC - C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe (Hauppauge Computer Works)
PRC - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32com.shell.shell.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_elementtree.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32api.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_socket.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_multiprocessing.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32ts.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._gdi_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._misc_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\windows._cacheinvalidation.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pythoncom27.dll ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\PyWinTypes27.dll ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_ctypes.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._html2.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32profile.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32crypt.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._core_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_ssl.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32security.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32pdh.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._windows_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_hashlib.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._wizard.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32file.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32inet.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32process.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._controls_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\unicodedata.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pyexpat.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32event.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\select.pyd ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\tag.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\swscale-0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avutil-50.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avcodec-52.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avformat-52.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (GenieTimelineService) -- C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe (Genie9)
SRV:64bit: - (SpyHunter 4 Service) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
SRV:64bit: - (AdpeakProxy) -- C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NZ) -- C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe (Symantec Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AdvancedSystemCareService7) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)
SRV - (HauppaugeTVServer) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
SRV - (IMFservice) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SRV - (Hauppauge WinTV Extender) -- C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe (Hauppauge Computer Works, Inc)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (ccSet_NZ) -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys ()
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (EsgScanner) -- C:\Windows\SysNative\drivers\EsgScanner.sys ()
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (hcw18bda) -- C:\Windows\SysNative\drivers\hcw18bda.sys (Hauppauge Computer Works, Inc)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (FETNDIS) -- C:\Windows\SysNative\drivers\fet6x64.sys (VIA Technologies, Inc. )
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (UrlFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys (IObit.com)
DRV - (RegFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys (IObit.com)
DRV - (FileMonitor) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys (IObit)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.64
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\EXTENSIONS\\mozilla_cc@internetdownloadmanager.com: C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5 [2013/11/25 23:33:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5 [2013/11/25 23:33:11 | 000,000,000 | ---D | M]

[2013/11/11 20:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Folders\AppData\Roaming\Mozilla\Extensions
[2013/11/28 18:09:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\extensions
[2013/11/21 20:32:24 | 000,007,911 | ---- | M] () -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\searchplugins\Google.xml
[2013/11/12 18:51:42 | 000,000,905 | ---- | M] () -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\searchplugins\yahoo_ff.xml
[2013/11/25 23:30:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/25 23:33:11 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\FOLDERS\APPDATA\ROAMING\IDM\IDMMZCC5

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:eek:mniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Google Drive = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: avast! Online Security = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_1\
CHR - Extension: IDM Integration Module = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.7_1\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Google Wallet = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\8d25ed94-bb32-4930-87d7-4c74dc4f01ce.exe (AVAST Software)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Qwest Personal Digital Vault] "C:\Program Files (x86)\CenturyLink Personal Digital Vault\QwestPersonalDigitalVault.exe" /m File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [GoogleChromeAutoLaunch_4D58BC9D6CE41938B37776A7615543AA] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [GoogleDriveSync] c:\program files (x86)\google\drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9174F4D4-A1F3-4903-AEC4-365046D8E2F9}: DhcpNameServer = 192.168.0.1 205.171.2.25
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/11/23 15:11:00 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/30 13:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs
[2013/11/30 13:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/11/28 16:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/11/28 14:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\ScorpionSaver Services
[2013/11/28 12:11:21 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\IDM2
[2013/11/28 11:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Genie9
[2013/11/28 11:34:39 | 000,000,000 | ---D | C] -- C:\0f4b1c2beb7b6dabc8ddb5daad65d67a
[2013/11/28 10:18:12 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\autorun
[2013/11/27 20:18:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter
[2013/11/27 20:10:07 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Systweak
[2013/11/27 20:10:06 | 000,019,392 | ---- | C] (Dll-Files.com) -- C:\Windows\SysNative\roboot64.exe
[2013/11/27 16:08:43 | 000,000,000 | ---D | C] -- C:\b1e34f6098ca96049f4c
[2013/11/27 16:06:54 | 000,000,000 | ---D | C] -- C:\4d3d87bbdec4022af663ac6a6c75
[2013/11/27 16:04:12 | 000,000,000 | ---D | C] -- C:\f287f11a16765c212c1b6c
[2013/11/27 16:01:31 | 000,000,000 | ---D | C] -- C:\e407f43d348aefaebea4b46177
[2013/11/27 16:00:45 | 000,000,000 | ---D | C] -- C:\5733db8184d72843ca1e49ed71b62fc1
[2013/11/27 15:59:42 | 000,000,000 | ---D | C] -- C:\31b674d54c6afb206866
[2013/11/27 13:29:55 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2013/11/27 13:29:53 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013/11/26 20:55:06 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013/11/26 20:55:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/11/26 20:53:44 | 000,000,000 | ---D | C] -- C:\7b324cffb58ae272b47de342
[2013/11/26 18:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/11/26 16:37:17 | 000,047,064 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013/11/26 13:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinTV
[2013/11/26 13:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Hauppauge
[2013/11/26 13:48:29 | 000,000,000 | ---D | C] -- C:\Hauppauge
[2013/11/26 13:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/11/25 23:28:31 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/25 22:58:22 | 000,000,000 | ---D | C] -- C:\Windows\tasks\TaskDisabled
[2013/11/23 15:10:09 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/11/23 15:09:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/11/22 16:51:16 | 000,038,672 | ---- | C] (PCTV Systems S.à r.l.) -- C:\Windows\SysWow64\pcleUtil.dll
[2013/11/22 16:51:00 | 000,831,554 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwtvwnd.dll
[2013/11/22 16:51:00 | 000,323,640 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwpnp32.dll
[2013/11/22 16:51:00 | 000,118,840 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwi2c32.dll
[2013/11/22 16:51:00 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwutl32.dll
[2013/11/22 16:48:57 | 000,912,896 | ---- | C] (Hauppauge Computer Works, Inc) -- C:\Windows\SysNative\drivers\hcw18bda.sys
[2013/11/22 16:48:57 | 000,139,264 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysNative\hcw18prop.ax
[2013/11/22 16:48:57 | 000,117,248 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\hcw18CCv.ax
[2013/11/22 12:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/11/22 10:51:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/11/22 10:39:45 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/21 20:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2013/11/21 20:22:10 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Adobe
[2013/11/21 19:29:38 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\eCyber
[2013/11/21 14:10:52 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Real
[2013/11/21 14:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/11/20 18:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genie9
[2013/11/20 18:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Genie9
[2013/11/20 17:58:48 | 000,000,000 | R--D | C] -- C:\Users\Folders\Desktop\Backup
[2013/11/20 17:58:47 | 000,000,000 | R--D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
[2013/11/20 17:58:47 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2013/11/20 17:57:45 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Genie9
[2013/11/19 19:02:59 | 000,000,000 | R--D | C] -- C:\Users\Folders\Google Drive
[2013/11/19 14:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer
[2013/11/19 14:36:59 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer
[2013/11/19 14:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftMaker Viewer
[2013/11/18 19:25:06 | 000,032,600 | ---- | C] (IObit) -- C:\Windows\SysNative\SmartDefragBootTime.exe
[2013/11/17 17:02:28 | 000,000,000 | ---D | C] -- C:\Users\Folders\Rail Temp
[2013/11/17 14:51:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/11/17 14:51:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2013/11/17 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\DOGS
[2013/11/17 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\Documents
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\DISPUTES
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\Booknizer
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\APARTMENTS
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\AA QWEST
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\WAB
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\VERIZON
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\TAXES
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\RES REF
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\PROP TAX
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\PASSWORDS
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\OLD EMAILS
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\OLD APT
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\LICENSES
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\EMAILS
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\EMAIL ADDRESSES
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\SoftMaker
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\LICENSES PASSWORDS
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\BEND APT
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\AppData
[2013/11/16 15:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Media Preview
[2013/11/16 15:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Media Preview
[2013/11/16 15:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BabelSoft
[2013/11/16 13:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Research
[2013/11/16 13:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
[2013/11/16 12:59:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Foxit Software
[2013/11/16 12:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2013/11/15 21:01:58 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\PhotoScape
[2013/11/15 21:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2013/11/15 21:01:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2013/11/15 18:29:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\CrashDumps
[2013/11/15 13:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013/11/15 13:24:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2013/11/15 13:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2013/11/15 13:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/15 09:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Zone
[2013/11/14 21:35:49 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Qwest
[2013/11/14 19:13:43 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\ccSetx64.sys
[2013/11/14 19:13:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D
[2013/11/14 15:05:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/11/14 13:23:04 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/11/14 13:22:51 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/11/13 18:49:24 | 000,439,296 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysNative\AdpeakProxy64.dll
[2013/11/13 18:49:21 | 000,338,944 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysWow64\AdpeakProxy.dll
[2013/11/13 18:11:18 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\vlc
[2013/11/13 18:10:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/11/13 18:09:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013/11/13 18:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/11/13 17:34:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/11/13 17:26:08 | 001,005,928 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\libeay32.dll
[2013/11/13 17:26:08 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll
[2013/11/13 17:26:08 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll
[2013/11/13 17:26:07 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll
[2013/11/13 17:20:37 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\AVS4YOU
[2013/11/13 17:20:21 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013/11/13 17:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013/11/13 17:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2013/11/13 17:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2013/11/13 17:18:22 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2013/11/13 17:18:21 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2013/11/13 17:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\IDM
[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\DMCache
[2013/11/13 17:08:34 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/11/13 17:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/11/13 17:08:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2013/11/13 16:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2013/11/13 16:18:30 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\OpenOffice
[2013/11/13 16:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CenturyLink Personal Digital Vault™
[2013/11/13 16:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CenturyLink Personal Digital Vault
[2013/11/13 14:37:06 | 000,000,000 | ---D | C] -- C:\Users\Folders\Norton Zone
[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NZx64
[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Zone
[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/11/13 14:35:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013/11/13 14:35:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013/11/13 14:33:36 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013/11/13 14:24:03 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Plex
[2013/11/13 14:23:53 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013/11/13 14:23:52 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013/11/13 14:23:02 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plex Media Center
[2013/11/13 13:40:46 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Apple Computer
[2013/11/13 13:40:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Plex Media Server
[2013/11/13 13:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
[2013/11/13 13:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plex
[2013/11/13 13:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/11/13 12:40:20 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/11/13 11:43:16 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013/11/13 11:39:57 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/13 11:39:57 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/13 11:39:53 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/13 11:39:53 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/13 11:39:53 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/13 11:39:53 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/13 11:39:53 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/13 11:39:53 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/13 11:39:53 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/13 11:39:53 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/13 11:39:53 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/13 11:39:53 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/13 11:39:53 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/13 11:39:53 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/13 11:39:53 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/13 11:39:53 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/13 11:39:53 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/13 11:39:53 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/13 11:39:53 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/13 11:39:53 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/13 11:39:53 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/13 11:39:53 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/13 11:39:53 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/13 11:39:53 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/13 11:39:53 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/13 11:39:53 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/13 11:39:53 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/13 11:39:53 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/13 11:39:53 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/13 11:39:53 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/13 11:39:53 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/13 11:39:53 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/13 11:39:53 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/13 11:39:53 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/13 11:39:53 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/13 11:39:53 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/13 11:39:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/13 11:39:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/13 11:39:53 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/13 11:39:53 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/13 11:39:53 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/13 11:39:53 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/13 11:39:53 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/13 11:39:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/13 11:39:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/13 11:39:53 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/13 11:39:53 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/13 11:39:53 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/13 11:39:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/13 11:39:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/13 11:39:53 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/13 11:39:53 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/13 11:39:53 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/13 11:39:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/13 11:39:53 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/13 11:39:53 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/13 11:39:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/13 11:39:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\
 

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
here is another attempt at the second half of the scan results......

(I'm beginning to think my ISP Centurylink is cutting back on the amount I can send you)

/12 14:55:49 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samcli.dll
[2013/11/12 14:55:49 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2013/11/12 14:55:48 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSHVHOST.DLL
[2013/11/12 14:55:48 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QUTIL.DLL
[2013/11/12 14:55:47 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2013/11/12 14:55:47 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
[2013/11/12 14:55:47 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2013/11/12 14:55:46 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll
[2013/11/12 14:55:46 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fde.dll
[2013/11/12 14:55:46 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcl.exe
[2013/11/12 14:55:45 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2013/11/12 14:55:45 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2013/11/12 14:55:45 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netdiagfx.dll
[2013/11/12 14:55:44 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2013/11/12 14:55:44 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TabletPC.cpl
[2013/11/12 14:55:44 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2013/11/12 14:55:43 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2013/11/12 14:55:42 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msconfig.exe
[2013/11/12 14:55:42 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
[2013/11/12 14:55:42 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
[2013/11/12 14:55:41 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgcpl.dll
[2013/11/12 14:55:41 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2013/11/12 14:55:41 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsmproxy.dll
[2013/11/12 14:55:40 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2013/11/12 14:55:40 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2013/11/12 14:55:40 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdeploy.dll
[2013/11/12 14:55:39 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2013/11/12 14:55:39 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2013/11/12 14:55:37 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2013/11/12 14:55:37 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DXPTaskRingtone.dll
[2013/11/12 14:55:37 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2013/11/12 14:55:37 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscmmc.dll
[2013/11/12 14:55:35 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
[2013/11/12 14:55:35 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2013/11/12 14:55:35 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sharemediacpl.dll
[2013/11/12 14:55:35 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2013/11/12 14:55:35 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoncli.dll
[2013/11/12 14:55:35 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RpcRtRemote.dll
[2013/11/12 14:55:34 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2013/11/12 14:55:34 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nci.dll
[2013/11/12 14:55:33 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsCpl.dll
[2013/11/12 14:55:33 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
[2013/11/12 14:55:33 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2013/11/12 14:55:33 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2013/11/12 14:55:33 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netjoin.dll
[2013/11/12 14:55:33 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2013/11/12 14:55:32 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Narrator.exe
[2013/11/12 14:55:31 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
[2013/11/12 14:55:31 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2013/11/12 14:55:31 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnikeapi.dll
[2013/11/12 14:55:30 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppcomapi.dll
[2013/11/12 14:55:30 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2013/11/12 14:55:30 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\proquota.exe
[2013/11/12 14:55:29 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
[2013/11/12 14:55:29 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
[2013/11/12 14:55:29 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2013/11/12 14:55:29 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2013/11/12 14:55:29 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2013/11/12 14:55:29 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
[2013/11/12 14:55:29 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2013/11/12 14:55:28 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2013/11/12 14:55:28 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshipsec.dll
[2013/11/12 14:55:28 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
[2013/11/12 14:55:28 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2013/11/12 14:55:28 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2013/11/12 14:55:28 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2013/11/12 14:55:28 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2013/11/12 14:55:28 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2013/11/12 14:55:27 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe
[2013/11/12 14:55:27 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2013/11/12 14:55:27 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2013/11/12 14:55:27 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
[2013/11/12 14:55:27 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2013/11/12 14:55:27 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2013/11/12 14:55:27 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2013/11/12 14:55:27 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
[2013/11/12 14:55:27 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
[2013/11/12 14:55:27 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdsrv.dll
[2013/11/12 14:55:27 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prntvpt.dll
[2013/11/12 14:55:26 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
[2013/11/12 14:55:26 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2013/11/12 14:55:26 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys
[2013/11/12 14:55:26 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2013/11/12 14:55:26 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2013/11/12 14:55:25 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2013/11/12 14:55:25 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
[2013/11/12 14:55:25 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
[2013/11/12 14:55:25 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprddm.dll
[2013/11/12 14:55:25 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QAGENT.DLL
[2013/11/12 14:55:25 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netid.dll
[2013/11/12 14:55:24 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\batmeter.dll
[2013/11/12 14:55:23 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2013/11/12 14:55:23 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2013/11/12 14:55:23 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2013/11/12 14:55:23 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpsrcwp.dll
[2013/11/12 14:55:22 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2013/11/12 14:55:22 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2013/11/12 14:55:22 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nci.dll
[2013/11/12 14:55:21 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
[2013/11/12 14:55:21 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DiagCpl.dll
[2013/11/12 14:55:21 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vault.dll
[2013/11/12 14:55:20 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bootres.dll
[2013/11/12 14:55:20 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2013/11/12 14:55:20 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2013/11/12 14:55:20 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\Robocopy.exe
[2013/11/12 14:55:20 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSTPager.ax
[2013/11/12 14:55:20 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2013/11/12 14:55:19 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2013/11/12 14:55:19 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MCEWMDRMNDBootstrap.dll
[2013/11/12 14:55:19 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
[2013/11/12 14:55:18 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DxpTaskSync.dll
[2013/11/12 14:55:17 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2013/11/12 14:55:17 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2013/11/12 14:55:17 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskmgr.exe
[2013/11/12 14:55:17 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2013/11/12 14:55:17 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2013/11/12 14:55:17 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
[2013/11/12 14:55:16 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnfldr.dll
[2013/11/12 14:55:16 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\termmgr.dll
[2013/11/12 14:55:16 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiobj.dll
[2013/11/12 14:55:16 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2013/11/12 14:55:16 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskmgr.exe
[2013/11/12 14:55:16 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2013/11/12 14:55:16 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2013/11/12 14:55:16 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\userinit.exe
[2013/11/12 14:55:15 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2013/11/12 14:55:15 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2013/11/12 14:55:15 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2013/11/12 14:55:15 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\proquota.exe
[2013/11/12 14:55:14 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2013/11/12 14:55:14 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2013/11/12 14:55:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2013/11/12 14:55:14 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logoncli.dll
[2013/11/12 14:55:14 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2013/11/12 14:55:13 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
[2013/11/12 14:55:13 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FirewallControlPanel.dll
[2013/11/12 14:55:13 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiadefui.dll
[2013/11/12 14:55:13 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll
[2013/11/12 14:55:13 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2013/11/12 14:55:13 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userinit.exe
[2013/11/12 14:55:12 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2013/11/12 14:55:11 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsCpl.dll
[2013/11/12 14:55:11 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2013/11/12 14:55:11 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2013/11/12 14:55:11 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slui.exe
[2013/11/12 14:55:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscmmc.dll
[2013/11/12 14:55:10 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2013/11/12 14:55:10 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013/11/12 14:55:10 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hgcpl.dll
[2013/11/12 14:55:10 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\defaultlocationcpl.dll
[2013/11/12 14:55:09 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2013/11/12 14:55:09 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
[2013/11/12 14:55:08 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2013/11/12 14:55:08 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceCenter.dll
[2013/11/12 14:55:08 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localsec.dll
[2013/11/12 14:55:08 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2013/11/12 14:55:07 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2013/11/12 14:55:07 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2013/11/12 14:55:07 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprddm.dll
[2013/11/12 14:55:07 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskbarcpl.dll
[2013/11/12 14:55:07 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OnLineIDCpl.dll
[2013/11/12 14:55:06 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenter.dll
[2013/11/12 14:55:06 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2013/11/12 14:55:06 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2013/11/12 14:55:06 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVolSSO.dll
[2013/11/12 14:55:06 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twext.dll
[2013/11/12 14:55:05 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2013/11/12 14:55:05 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OobeFldr.dll
[2013/11/12 14:55:05 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\batmeter.dll
[2013/11/12 14:55:05 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAN.dll
[2013/11/12 14:55:05 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
[2013/11/12 14:55:05 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\intl.cpl
[2013/11/12 14:55:05 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdedit.exe
[2013/11/12 14:55:05 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2013/11/12 14:55:05 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prntvpt.dll
[2013/11/12 14:55:04 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroleui.dll
[2013/11/12 14:55:04 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxlib.dll
[2013/11/12 14:55:04 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recovery.dll
[2013/11/12 14:55:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe
[2013/11/12 14:55:03 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2013/11/12 14:55:03 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsuiext.dll
[2013/11/12 14:55:03 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizeng.dll
[2013/11/12 14:55:03 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
[2013/11/12 14:55:03 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroleui.dll
[2013/11/12 14:55:03 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cca.dll
[2013/11/12 14:55:03 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\isoburn.exe
[2013/11/12 14:55:03 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sisbkup.dll
[2013/11/12 14:55:02 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdcpl.dll
[2013/11/12 14:55:02 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2013/11/12 14:55:02 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\efscore.dll
[2013/11/12 14:55:02 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VBICodec.ax
[2013/11/12 14:55:02 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tzutil.exe
[2013/11/12 14:55:01 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2013/11/12 14:55:01 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\main.cpl
[2013/11/12 14:55:01 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shwebsvc.dll
[2013/11/12 14:55:01 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2013/11/12 14:55:01 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recdisc.exe
[2013/11/12 14:55:01 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2013/11/12 14:55:01 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syncui.dll
[2013/11/12 14:55:01 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2013/11/12 14:55:01 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldp.dll
[2013/11/12 14:55:01 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netjoin.dll
[2013/11/12 14:55:01 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2013/11/12 14:55:01 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
[2013/11/12 14:55:01 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll
[2013/11/12 14:55:00 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2013/11/12 14:55:00 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2013/11/12 14:55:00 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2013/11/12 14:55:00 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
[2013/11/12 14:55:00 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2013/11/12 14:54:59 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenterCPL.dll
[2013/11/12 14:54:59 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2013/11/12 14:54:59 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2013/11/12 14:54:59 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2013/11/12 14:54:59 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2013/11/12 14:54:58 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizeng.dll
[2013/11/12 14:54:58 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnfldr.dll
[2013/11/12 14:54:58 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OnLineIDCpl.dll
[2013/11/12 14:54:58 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksxbar.ax
[2013/11/12 14:54:57 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2013/11/12 14:54:57 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenter.dll
[2013/11/12 14:54:57 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\termmgr.dll
[2013/11/12 14:54:57 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013/11/12 14:54:57 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2013/11/12 14:54:57 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
[2013/11/12 14:54:57 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFPlay.dll
[2013/11/12 14:54:57 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2013/11/12 14:54:56 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2013/11/12 14:54:56 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2013/11/12 14:54:56 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2013/11/12 14:54:56 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
[2013/11/12 14:54:56 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtrmgr.dll
[2013/11/12 14:54:55 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2013/11/12 14:54:55 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2013/11/12 14:54:55 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\defaultlocationcpl.dll
[2013/11/12 14:54:55 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntlanman.dll
[2013/11/12 14:54:55 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
[2013/11/12 14:54:55 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
[2013/11/12 14:54:54 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlcese30.dll
[2013/11/12 14:54:54 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
[2013/11/12 14:54:54 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\intl.cpl
[2013/11/12 14:54:54 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll
[2013/11/12 14:54:54 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sisbkup.dll
[2013/11/12 14:54:53 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenterCPL.dll
[2013/11/12 14:54:53 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ssText3d.scr
[2013/11/12 14:54:53 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[2013/11/12 14:54:53 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iTVData.dll
[2013/11/12 14:54:53 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtrmgr.dll
[2013/11/12 14:54:53 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\efscore.dll
[2013/11/12 14:54:53 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserAccountControlSettings.dll
[2013/11/12 14:54:53 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpd3d.dll
[2013/11/12 14:54:52 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syncui.dll
[2013/11/12 14:54:52 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2013/11/12 14:54:51 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2013/11/12 14:54:51 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2013/11/12 14:54:51 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DeviceCenter.dll
[2013/11/12 14:54:51 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srvcli.dll
[2013/11/12 14:54:51 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2013/11/12 14:54:50 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2013/11/12 14:54:50 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquoui.dll
[2013/11/12 14:54:50 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSTPager.ax
[2013/11/12 14:54:49 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OobeFldr.dll
[2013/11/12 14:54:49 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2013/11/12 14:54:49 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2013/11/12 14:54:49 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2013/11/12 14:54:49 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wavemsp.dll
[2013/11/12 14:54:49 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingFolder.dll
[2013/11/12 14:54:49 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl
[2013/11/12 14:54:49 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPHLPR.DLL
[2013/11/12 14:54:49 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nslookup.exe
[2013/11/12 14:54:49 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acppage.dll
[2013/11/12 14:54:48 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srrstr.dll
[2013/11/12 14:54:48 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
[2013/11/12 14:54:48 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdboot.exe
[2013/11/12 14:54:47 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2013/11/12 14:54:47 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\activeds.dll
[2013/11/12 14:54:47 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
[2013/11/12 14:54:47 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2013/11/12 14:54:47 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPHLPR.DLL
[2013/11/12 14:54:47 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppnp.dll
[2013/11/12 14:54:46 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
[2013/11/12 14:54:46 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpx.dll
[2013/11/12 14:54:46 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpsrcwp.dll
[2013/11/12 14:54:46 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\migisol.dll
[2013/11/12 14:54:46 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2013/11/12 14:54:45 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfrgui.exe
[2013/11/12 14:54:45 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshipsec.dll
[2013/11/12 14:54:45 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\remotepg.dll
[2013/11/12 14:54:45 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabinet.dll
[2013/11/12 14:54:45 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wkscli.dll
[2013/11/12 14:54:45 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2013/11/12 14:54:44 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2013/11/12 14:54:44 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2013/11/12 14:54:44 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2013/11/12 14:54:44 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wavemsp.dll
[2013/11/12 14:54:44 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2013/11/12 14:54:44 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kstvtune.ax
[2013/11/12 14:54:44 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\isoburn.exe
[2013/11/12 14:54:44 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
[2013/11/12 14:54:43 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsuiext.dll
[2013/11/12 14:54:43 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll
[2013/11/12 14:54:43 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfrgui.exe
[2013/11/12 14:54:43 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll
[2013/11/12 14:54:43 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3ui.dll
[2013/11/12 14:54:43 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2013/11/12 14:54:43 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\net1.exe
[2013/11/12 14:54:43 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2013/11/12 14:54:43 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzutil.exe
[2013/11/12 14:54:42 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2013/11/12 14:54:42 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
[2013/11/12 14:54:42 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll
[2013/11/12 14:54:42 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimgapi.dll
[2013/11/12 14:54:42 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsqmcons.exe
[2013/11/12 14:54:42 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2013/11/12 14:54:42 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2013/11/12 14:54:42 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
[2013/11/12 14:54:41 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2013/11/12 14:54:41 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Bubbles.scr
[2013/11/12 14:54:41 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2013/11/12 14:54:41 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PkgMgr.exe
[2013/11/12 14:54:41 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstask.dll
[2013/11/12 14:54:41 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twext.dll
[2013/11/12 14:54:41 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll
[2013/11/12 14:54:41 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll
[2013/11/12 14:54:40 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcap.dll
[2013/11/12 14:54:40 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdmat.dll
[2013/11/12 14:54:40 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2013/11/12 14:54:39 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\main.cpl
[2013/11/12 14:54:39 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
[2013/11/12 14:54:39 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Ribbons.scr
[2013/11/12 14:54:39 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
[2013/11/12 14:54:39 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll
[2013/11/12 14:54:39 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uxlib.dll
[2013/11/12 14:54:39 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupugc.exe
[2013/11/12 14:54:39 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsium.dll
[2013/11/12 14:54:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2013/11/12 14:54:38 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssText3d.scr
[2013/11/12 14:54:38 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mystify.scr
[2013/11/12 14:54:38 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2013/11/12 14:54:37 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2013/11/12 14:54:37 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2013/11/12 14:54:37 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2013/11/12 14:54:37 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2013/11/12 14:54:37 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingFolder.dll
[2013/11/12 14:54:37 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfmon.exe
[2013/11/12 14:54:37 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpshell.dll
[2013/11/12 14:54:37 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2013/11/12 14:54:37 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2013/11/12 14:54:37 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\muifontsetup.dll
[2013/11/12 14:54:36 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2013/11/12 14:54:36 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimserv.exe
[2013/11/12 14:54:36 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
[2013/11/12 14:54:36 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
[2013/11/12 14:54:36 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll
[2013/11/12 14:54:36 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\umb.dll
[2013/11/12 14:54:36 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPCRYPT.DLL
[2013/11/12 14:54:36 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\acppage.dll
[2013/11/12 14:54:36 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AzSqlExt.dll
[2013/11/12 14:54:36 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netutils.dll
[2013/11/12 14:54:35 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbghelp.dll
[2013/11/12 14:54:35 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSAPI.dll
[2013/11/12 14:54:35 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2013/11/12 14:54:35 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionQueue.dll
[2013/11/12 14:54:35 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2013/11/12 14:54:35 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfmon.exe
[2013/11/12 14:54:35 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\remotepg.dll
[2013/11/12 14:54:35 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2013/11/12 14:54:35 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\runonce.exe
[2013/11/12 14:54:34 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2013/11/12 14:54:34 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2013/11/12 14:54:34 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2013/11/12 14:54:34 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
[2013/11/12 14:54:34 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2013/11/12 14:54:34 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiavideo.dll
[2013/11/12 14:54:34 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QUTIL.DLL
[2013/11/12 14:54:34 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPCRYPT.DLL
[2013/11/12 14:54:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syssetup.dll
[2013/11/12 14:54:33 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2013/11/12 14:54:33 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2013/11/12 14:54:33 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsbas.dll
[2013/11/12 14:54:33 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetapi.dll
[2013/11/12 14:54:33 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MdSched.exe
[2013/11/12 14:54:33 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
[2013/11/12 14:54:33 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserAccountControlSettings.dll
[2013/11/12 14:54:33 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PrintIsolationProxy.dll
[2013/11/12 14:54:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vpnikeapi.dll
[2013/11/12 14:54:32 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onexui.dll
[2013/11/12 14:54:32 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2013/11/12 14:54:32 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iTVData.dll
[2013/11/12 14:54:32 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2013/11/12 14:54:32 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
[2013/11/12 14:54:32 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsbas.dll
[2013/11/12 14:54:32 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\runonce.exe
[2013/11/12 14:54:31 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nltest.exe
[2013/11/12 14:54:31 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsadmin.exe
[2013/11/12 14:54:31 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2013/11/12 14:54:31 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2013/11/12 14:54:30 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2013/11/12 14:54:30 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFPlay.dll
[2013/11/12 14:54:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shacct.dll
[2013/11/12 14:54:30 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSVRMGMT.DLL
[2013/11/12 14:54:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
[2013/11/12 14:54:30 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
[2013/11/12 14:54:29 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
[2013/11/12 14:54:29 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
[2013/11/12 14:54:29 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2013/11/12 14:54:29 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2013/11/12 14:54:29 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsadmin.exe
[2013/11/12 14:54:29 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qcap.dll
[2013/11/12 14:54:29 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2013/11/12 14:54:29 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shacct.dll
[2013/11/12 14:54:29 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpshell.dll
[2013/11/12 14:54:29 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2013/11/12 14:54:29 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2013/11/12 14:54:29 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tabcal.exe
[2013/11/12 14:54:29 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdmat.dll
[2013/11/12 14:54:29 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lsmproxy.dll
[2013/11/12 14:54:28 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2013/11/12 14:54:28 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Bubbles.scr
[2013/11/12 14:54:28 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlcese30.dll
[2013/11/12 14:54:28 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceSyncProvider.dll
[2013/11/12 14:54:28 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2013/11/12 14:54:28 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpd3d.dll
[2013/11/12 14:54:28 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsium.dll
[2013/11/12 14:54:27 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2013/11/12 14:54:27 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceStatus.dll
[2013/11/12 14:54:27 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2013/11/12 14:54:27 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdv.dll
[2013/11/12 14:54:27 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2013/11/12 14:54:27 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceSyncProvider.dll
[2013/11/12 14:54:27 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2013/11/12 14:54:27 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fphc.dll
[2013/11/12 14:54:27 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kstvtune.ax
[2013/11/12 14:54:27 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2013/11/12 14:54:27 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spbcd.dll
[2013/11/12 14:54:27 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\olethk32.dll
[2013/11/12 14:54:27 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
[2013/11/12 14:54:26 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceStatus.dll
[2013/11/12 14:54:26 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3ui.dll
[2013/11/12 14:54:26 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mystify.scr
[2013/11/12 14:54:26 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Ribbons.scr
[2013/11/12 14:54:26 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl
[2013/11/12 14:54:26 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\desk.cpl
[2013/11/12 14:54:26 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSVRMGMT.DLL
[2013/11/12 14:54:26 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\amstream.dll
[2013/11/12 14:54:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll
[2013/11/12 14:54:26 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\takeown.exe
[2013/11/12 14:54:26 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2013/11/12 14:54:26 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\utildll.dll
[2013/11/12 14:54:25 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2013/11/12 14:54:25 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2013/11/12 14:54:25 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2013/11/12 14:54:25 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VBICodec.ax
[2013/11/12 14:54:25 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2013/11/12 14:54:25 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
[2013/11/12 14:54:25 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiavideo.dll
[2013/11/12 14:54:25 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
[2013/11/12 14:54:25 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fphc.dll
[2013/11/12 14:54:25 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2013/11/12 14:54:25 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\takeown.exe
[2013/11/12 14:54:25 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HotStartUserAgent.dll
[2013/11/12 14:54:24 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
[2013/11/12 14:54:24 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdv.dll
[2013/11/12 14:54:24 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2013/11/12 14:54:24 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmstp.exe
[2013/11/12 14:54:24 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QCLIPROV.DLL
[2013/11/12 14:54:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertPolEng.dll
[2013/11/12 14:54:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\djoin.exe
[2013/11/12 14:54:24 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimgvw.dll
[2013/11/12 14:54:24 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nrpsrv.dll
[2013/11/12 14:54:23 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppinst.dll
[2013/11/12 14:54:23 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmstp.exe
[2013/11/12 14:54:23 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
[2013/11/12 14:54:23 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QCLIPROV.DLL
[2013/11/12 14:54:23 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cca.dll
[2013/11/12 14:54:23 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WavDest.dll
[2013/11/12 14:54:22 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2013/11/12 14:54:22 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MuiUnattend.exe
[2013/11/12 14:54:22 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vfwwdm32.dll
[2013/11/12 14:54:22 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2013/11/12 14:54:22 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MultiDigiMon.exe
[2013/11/12 14:54:22 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdhui.dll
[2013/11/12 14:54:21 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll
[2013/11/12 14:54:21 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
[2013/11/12 14:54:21 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsicli.exe
[2013/11/12 14:54:21 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2013/11/12 14:54:21 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll
[2013/11/12 14:54:21 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\g711codc.ax
[2013/11/12 14:54:21 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\relog.exe
[2013/11/12 14:54:21 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AzSqlExt.dll
[2013/11/12 14:54:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll
[2013/11/12 14:54:20 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsicli.exe
[2013/11/12 14:54:20 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\desk.cpl
[2013/11/12 14:54:20 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mobsync.exe
[2013/11/12 14:54:20 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbisurf.ax
[2013/11/12 14:54:20 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\relog.exe
[2013/11/12 14:54:20 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiougc.exe
[2013/11/12 14:54:20 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BWUnpairElevated.dll
[2013/11/12 14:54:19 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2013/11/12 14:54:19 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2013/11/12 14:54:19 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\itircl.dll
[2013/11/12 14:54:19 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\itircl.dll
[2013/11/12 14:54:19 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mydocs.dll
[2013/11/12 14:54:19 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
[2013/11/12 14:54:19 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
[2013/11/12 14:54:19 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2013/11/12 14:54:19 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2013/11/12 14:54:19 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amstream.dll
[2013/11/12 14:54:19 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2013/11/12 14:54:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spbcd.dll
[2013/11/12 14:54:19 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wkscli.dll
[2013/11/12 14:54:19 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdmo.dll
[2013/11/12 14:54:19 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netbtugc.exe
[2013/11/12 14:54:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2013/11/12 14:54:18 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertPolEng.dll
[2013/11/12 14:54:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksxbar.ax
[2013/11/12 14:54:18 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syssetup.dll
[2013/11/12 14:54:17 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2013/11/12 14:54:17 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSTIFF.dll
[2013/11/12 14:54:17 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2013/11/12 14:54:17 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
[2013/11/12 14:54:17 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2013/11/12 14:54:17 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2013/11/12 14:54:17 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
[2013/11/12 14:54:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll
[2013/11/12 14:54:17 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
[2013/11/12 14:54:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciqtz32.dll
[2013/11/12 14:54:17 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\choice.exe
[2013/11/12 14:54:17 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2013/11/12 14:54:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
[2013/11/12 14:54:17 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe
[2013/11/12 14:54:16 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onexui.dll
[2013/11/12 14:54:16 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2013/11/12 14:54:16 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
[2013/11/12 14:54:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\luainstall.dll
[2013/11/12 14:54:16 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz32.dll
[2013/11/12 14:54:15 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDPENCDD.dll
[2013/11/12 14:54:15 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
[2013/11/12 14:54:15 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mobsync.exe
[2013/11/12 14:54:15 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2013/11/12 14:54:15 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\manage-bde.exe
[2013/11/12 14:54:15 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetmib1.dll
[2013/11/12 14:54:15 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\repair-bde.exe
[2013/11/12 14:54:15 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\luainstall.dll
[2013/11/12 14:54:15 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdiasqmmodule.dll
[2013/11/12 14:54:15 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shimgvw.dll
[2013/11/12 14:54:15 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schedcli.dll
[2013/11/12 14:54:15 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spopk.dll
[2013/11/12 14:54:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spopk.dll
[2013/11/12 14:54:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\muifontsetup.dll
[2013/11/12 14:54:14 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2013/11/12 14:54:14 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unlodctr.exe
[2013/11/12 14:54:14 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbisurf.ax
[2013/11/12 14:54:14 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdmo.dll
[2013/11/12 14:54:13 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetmib1.dll
[2013/11/12 14:54:13 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\g711codc.ax
[2013/11/12 14:54:13 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSMON.dll
[2013/11/12 14:54:13 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdprefdrvapi.dll
[2013/11/12 14:54:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe
[2013/11/12 14:54:12 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2013/11/12 14:54:12 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2013/11/12 14:54:12 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2013/11/12 14:54:12 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2013/11/12 14:54:12 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
[2013/11/12 14:54:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elsTrans.dll
[2013/11/12 14:54:12 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TRAPI.dll
[2013/11/12 14:54:11 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\napdsnap.dll
[2013/11/12 14:54:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsauth.dll
[2013/11/12 14:54:11 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LogonUI.exe
[2013/11/12 14:54:11 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfts.dll
[2013/11/12 14:54:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
[2013/11/12 14:54:10 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdprefdrvapi.dll
[2013/11/12 14:54:10 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elsTrans.dll
[2013/11/12 14:54:10 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TRAPI.dll
[2013/11/12 14:54:10 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSUNATD.exe
[2013/11/12 14:54:09 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
[2013/11/12 14:54:09 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\napdsnap.dll
[2013/11/12 14:54:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys
[2013/11/12 14:54:09 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsauth.dll
[2013/11/12 14:54:09 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsperf.dll
[2013/11/12 14:54:09 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsperf.dll
[2013/11/12 14:54:09 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schedcli.dll
[2013/11/12 14:54:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
[2013/11/12 14:54:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shgina.dll
[2013/11/12 14:54:07 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2013/11/12 14:54:06 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
[2013/11/12 14:54:06 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2013/11/12 14:54:06 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shgina.dll
[2013/11/12 14:54:06 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched32.dll
[2013/11/12 14:54:05 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
[2013/11/12 14:54:04 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshirda.dll
[2013/11/12 14:54:02 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshirda.dll
[2013/11/12 14:54:02 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched32.dll
[2013/11/12 14:54:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcfgex.dll
[2013/11/12 14:54:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\C_ISCII.DLL
[2013/11/12 14:54:00 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2013/11/12 14:54:00 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2013/11/12 14:53:59 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\C_ISCII.DLL
[2013/11/12 14:53:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2013/11/12 14:53:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2013/11/12 14:53:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shunimpl.dll
[2013/11/12 14:53:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2013/11/12 14:53:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2013/11/12 14:53:58 | 000,003,072 | -H-- | C] (Microsoft Cor
 

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
It appears that every time I send, you don't get the "end of scan". Here is an even shorter copy of the last part of the scan.....

13/11/12 19:43:12 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/11/12 19:43:12 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/11/12 19:43:12 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/11/12 19:43:12 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/11/12 19:43:12 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/11/12 19:43:12 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/11/12 19:42:12 | 003,174,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/11/12 19:42:12 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/11/12 19:42:12 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/11/12 19:42:12 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/11/12 19:42:12 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/11/12 19:42:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/11/12 19:40:21 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/11/12 19:39:06 | 000,155,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013/11/12 19:38:40 | 001,888,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/11/12 19:38:40 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/11/12 19:36:53 | 000,657,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvunrm.exe
[2013/11/12 19:36:53 | 000,657,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvuninst.exe
[2013/11/12 19:35:19 | 000,019,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoPtb.dll
[2013/11/12 19:35:19 | 000,019,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoIt.dll
[2013/11/12 19:35:19 | 000,019,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoFr.dll
[2013/11/12 19:35:19 | 000,019,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoEsm.dll
[2013/11/12 19:35:19 | 000,019,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoEs.dll
[2013/11/12 19:35:19 | 000,019,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoDe.dll
[2013/11/12 19:35:19 | 000,018,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoSv.dll
[2013/11/12 19:35:19 | 000,018,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoRu.dll
[2013/11/12 19:35:19 | 000,018,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoNo.dll
[2013/11/12 19:35:19 | 000,018,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoNl.dll
[2013/11/12 19:35:19 | 000,018,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoFi.dll
[2013/11/12 19:35:19 | 000,018,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoDa.dll
[2013/11/12 19:35:19 | 000,018,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoENU.dll
[2013/11/12 19:35:19 | 000,018,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoEng.dll
[2013/11/12 19:35:19 | 000,016,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoKo.dll
[2013/11/12 19:35:19 | 000,016,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoJa.dll
[2013/11/12 19:35:19 | 000,015,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoZht.dll
[2013/11/12 19:35:19 | 000,015,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoZhc.dll
[2013/11/12 19:31:26 | 001,217,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/11/12 19:30:01 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/11/12 19:30:01 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/11/12 19:28:52 | 000,624,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/11/12 19:28:52 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/11/12 19:17:58 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/11/12 19:17:58 | 000,492,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/11/12 19:17:32 | 001,192,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013/11/12 19:17:32 | 000,903,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013/11/12 19:17:32 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013/11/12 19:17:32 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013/11/12 19:16:45 | 000,111,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013/11/12 19:16:08 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013/11/12 19:14:53 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/11/12 19:12:11 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013/11/12 19:12:11 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013/11/12 19:12:11 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013/11/12 19:11:39 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2013/11/12 19:11:39 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013/11/12 19:11:39 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2013/11/12 19:11:39 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2013/11/12 19:11:39 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013/11/12 19:11:39 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013/11/12 19:10:48 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2013/11/12 19:10:03 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2013/11/12 19:09:26 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/11/12 19:09:26 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/11/12 16:10:26 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Office.lnk
[2013/11/12 15:47:40 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2013/11/12 15:47:40 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2013/11/12 14:37:15 | 000,031,314 | ---- | M] () -- C:\Users\Folders\AppData\Roaming\UserTile.png
[2013/11/12 14:28:46 | 000,001,228 | ---- | M] () -- C:\Users\Folders\Desktop\Cleanup.lnk
[2013/11/12 14:28:33 | 000,001,260 | ---- | M] () -- C:\Users\Folders\Desktop\Update.lnk
[2013/11/12 14:28:00 | 000,002,106 | ---- | M] () -- C:\Users\Public\Desktop\Scanner.lnk
[2013/11/12 14:14:41 | 000,003,667 | ---- | M] () -- C:\Users\Folders\Desktop\Printer.lnk
[2013/11/12 11:59:07 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/11/12 11:59:07 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/11/12 10:09:43 | 000,001,448 | ---- | M] () -- C:\Users\Folders\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/11 22:05:03 | 005,907,604 | ---- | M] () -- C:\Users\Folders\Documents\DENTIST.jpg
[2013/11/11 21:52:13 | 000,001,424 | ---- | M] () -- C:\Users\Folders\Desktop\Explorer.lnk
[2013/11/11 21:52:02 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Firefox.lnk
[2013/11/11 19:32:48 | 001,032,416 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/11/11 19:32:48 | 000,409,832 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/11/11 19:32:48 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/11/11 19:32:48 | 000,205,320 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/11/11 19:32:48 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/11/11 19:32:48 | 000,084,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/11/11 19:32:48 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/11/11 19:32:48 | 000,065,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/11/11 19:32:48 | 000,038,984 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/11/11 19:32:47 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/11/11 18:58:44 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/11/11 18:58:44 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/11/11 18:56:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/11/10 00:20:28 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\isolate.ini
[2013/11/07 15:41:38 | 000,174,968 | ---- | M] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2013/11/06 15:42:12 | 000,005,360 | ---- | M] () -- C:\Windows\SysWow64\AdpeakProxy.ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | M] () -- C:\Windows\SysNative\AdpeakProxy.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | M] () -- C:\Windows\SysWow64\AdpeakProxyOff.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | M] () -- C:\Windows\SysNative\AdpeakProxyOff.ini
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/27 20:18:41 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\RegHunter.lnk
[2013/11/27 14:49:38 | 025,444,684 | ---- | C] () -- C:\Users\Folders\Documents\ROKU QWEST PASSWORDS.tif
[2013/11/27 13:29:55 | 000,002,269 | ---- | C] () -- C:\Users\Folders\Desktop\SpyHunter.lnk
[2013/11/27 13:08:39 | 000,022,704 | ---- | C] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2013/11/26 15:20:02 | 000,002,017 | ---- | C] () -- C:\Users\Public\Desktop\Avast.lnk
[2013/11/26 13:59:43 | 000,001,011 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
[2013/11/26 13:53:36 | 000,772,214 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/11/23 15:11:00 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013/11/22 16:51:58 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/11/22 16:51:57 | 000,000,401 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013/11/22 16:51:33 | 000,037,639 | ---- | C] () -- C:\Windows\Irremote.ini
[2013/11/22 16:51:13 | 000,142,337 | ---- | C] () -- C:\Windows\SysWow64\Wait.exe
[2013/11/22 16:51:01 | 000,002,727 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2013/11/22 10:07:41 | 000,001,242 | ---- | C] () -- C:\Users\Folders\Desktop\Uninstaller.lnk
[2013/11/20 18:16:36 | 000,047,270 | ---- | C] () -- C:\Users\Folders\Documents\GENIE 9 STORAGE LICENSE.odt
[2013/11/19 19:02:59 | 000,001,705 | ---- | C] () -- C:\Users\Folders\Desktop\Drive.lnk
[2013/11/19 14:36:59 | 000,148,473 | ---- | C] () -- C:\Users\Folders\Documents\TextMaker Viewer.tmd
[2013/11/19 14:36:59 | 000,068,640 | ---- | C] () -- C:\Windows\unTMV.exe
[2013/11/17 14:52:08 | 000,002,557 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2013/11/17 14:46:12 | 000,152,287 | ---- | C] () -- C:\Users\Folders\Documents\RRBookList.pdf
[2013/11/17 14:44:02 | 000,460,345 | ---- | C] () -- C:\Users\Folders\Documents\Partref1.pdf
[2013/11/17 14:43:15 | 000,359,474 | ---- | C] () -- C:\Users\Folders\Documents\HORS32.pdf
[2013/11/17 14:41:53 | 000,602,882 | ---- | C] () -- C:\Users\Folders\Documents\HO_23_August_2012.pdf
[2013/11/17 14:41:18 | 001,073,245 | ---- | C] () -- C:\Users\Folders\Documents\HOC424425Locomotive.pdf
[2013/11/17 14:41:18 | 000,537,219 | ---- | C] () -- C:\Users\Folders\Documents\HES_DOC_Incentive_Grid.pdf
[2013/11/17 14:36:19 | 001,391,878 | ---- | C] () -- C:\Users\Folders\Documents\Untitled 1.odt
[2013/11/17 14:36:19 | 000,087,422 | ---- | C] () -- C:\Users\Folders\Documents\TAX RETURN 2010 1.pdf
[2013/11/17 14:36:19 | 000,081,634 | ---- | C] () -- C:\Users\Folders\Documents\TAX RETURN 2008.pdf
[2013/11/17 14:36:19 | 000,081,634 | ---- | C] () -- C:\Users\Folders\Documents\TAX 2008.pdf
[2013/11/17 14:36:19 | 000,014,669 | ---- | C] () -- C:\Users\Folders\Documents\Speeding Ticket.odt
[2013/11/17 14:36:19 | 000,012,754 | ---- | C] () -- C:\Users\Folders\Documents\TEEN SUBSCRIBE.odt
[2013/11/17 14:36:18 | 000,537,219 | ---- | C] () -- C:\Users\Folders\Documents\Oregon Incentives.pdf
[2013/11/17 14:36:18 | 000,026,513 | ---- | C] () -- C:\Users\Folders\Documents\PROPERTY TAX APPEAL.odt
[2013/11/17 14:36:18 | 000,020,936 | ---- | C] () -- C:\Users\Folders\Documents\ONPOINT CANCELLED.odt
[2013/11/17 14:36:18 | 000,020,936 | ---- | C] () -- C:\Users\Folders\Documents\OnPoint Cancel.odt
[2013/11/17 14:36:18 | 000,018,727 | ---- | C] () -- C:\Users\Folders\Documents\PRESBYTERIAN THANK YOU.odt
[2013/11/17 14:36:18 | 000,018,206 | ---- | C] () -- C:\Users\Folders\Documents\MAIL PROBLEM.odt
[2013/11/17 14:36:18 | 000,014,952 | ---- | C] () -- C:\Users\Folders\Documents\PASSWORDS 2011.odt
[2013/11/17 14:36:18 | 000,014,669 | ---- | C] () -- C:\Users\Folders\Documents\OSP TKT.odt
[2013/11/17 14:36:18 | 000,010,733 | ---- | C] () -- C:\Users\Folders\Documents\PASSWORD MS COMPUTER.odt
[2013/11/17 14:36:18 | 000,010,100 | ---- | C] () -- C:\Users\Folders\Documents\PASSWORD MS CLEANER.odt
[2013/11/17 14:36:18 | 000,010,100 | ---- | C] () -- C:\Users\Folders\Documents\MS Cleaner New.odt
[2013/11/17 14:36:18 | 000,009,927 | ---- | C] () -- C:\Users\Folders\Documents\Nettalk.odt
[2013/11/17 14:36:18 | 000,009,926 | ---- | C] () -- C:\Users\Folders\Documents\PHONE ALAN.odt
[2013/11/17 14:36:18 | 000,009,332 | ---- | C] () -- C:\Users\Folders\Documents\PASSWORD WIN7.odt
[2013/11/17 14:36:18 | 000,008,913 | ---- | C] () -- C:\Users\Folders\Documents\PICTUREMERGE.odt
[2013/11/17 14:36:18 | 000,008,913 | ---- | C] () -- C:\Users\Folders\Documents\PASSWORD PICTUREMERGE.odt
[2013/11/17 14:36:18 | 000,008,774 | ---- | C] () -- C:\Users\Folders\Documents\PASSWORD HCTC.odt
[2013/11/17 14:36:18 | 000,004,901 | ---- | C] () -- C:\Users\Folders\Documents\MICROSOFT PHONES.odt
[2013/11/17 14:36:17 | 008,697,832 | ---- | C] () -- C:\Users\Folders\Documents\LINKSYS (CISCO) ROUTER MANUAL.pdf
[2013/11/17 14:36:17 | 001,740,859 | ---- | C] () -- C:\Users\Folders\Documents\CLEAR ONE & MEDICARE.odt
[2013/11/17 14:36:17 | 001,446,569 | ---- | C] () -- C:\Users\Folders\Documents\CHRISTINE RI.pdf
[2013/11/17 14:36:17 | 001,439,764 | ---- | C] () -- C:\Users\Folders\Documents\GARBAGE 2011.pdf
[2013/11/17 14:36:17 | 000,019,794 | ---- | C] () -- C:\Users\Folders\Documents\House Paint Request.odt
[2013/11/17 14:36:17 | 000,019,794 | ---- | C] () -- C:\Users\Folders\Documents\HOUSE PAINT JOB.odt
[2013/11/17 14:36:17 | 000,019,682 | ---- | C] () -- C:\Users\Folders\Documents\HOME DEPOT COMPLAINT.odt
[2013/11/17 14:36:17 | 000,018,206 | ---- | C] () -- C:\Users\Folders\Documents\EMAIL PROBLEM.odt
[2013/11/17 14:36:17 | 000,016,529 | ---- | C] () -- C:\Users\Folders\Documents\Faucets.odt
[2013/11/17 14:36:17 | 000,014,948 | ---- | C] () -- C:\Users\Folders\Documents\Equifax Request.odt
[2013/11/17 14:36:17 | 000,014,948 | ---- | C] () -- C:\Users\Folders\Documents\EQUIFAX COMPLAINT.odt
[2013/11/17 14:36:17 | 000,009,354 | ---- | C] () -- C:\Users\Folders\Documents\internet probs.odt
[2013/11/17 14:36:17 | 000,009,133 | ---- | C] () -- C:\Users\Folders\Documents\LOCO F7 GRILL PAINT.odt
[2013/11/17 14:36:17 | 000,009,133 | ---- | C] () -- C:\Users\Folders\Documents\F7 GRILL PAINT.odt
[2013/11/17 14:36:17 | 000,008,774 | ---- | C] () -- C:\Users\Folders\Documents\HCTC PASSWORD.odt
[2013/11/17 14:36:17 | 000,008,774 | ---- | C] () -- C:\Users\Folders\Documents\HCTC ACCOUNT.odt
[2013/11/17 14:36:16 | 001,446,569 | ---- | C] () -- C:\Users\Folders\Documents\Christine and the Mongeese.pdf
[2013/11/17 14:36:16 | 001,172,263 | ---- | C] () -- C:\Users\Folders\Documents\BARKING DOGS.odt
[2013/11/17 14:36:16 | 001,172,263 | ---- | C] () -- C:\Users\Folders\Documents\Barking Dog Law.odt
[2013/11/17 14:36:16 | 000,023,220 | ---- | C] () -- C:\Users\Folders\Documents\Barking Dog Response.odt
[2013/11/17 14:36:16 | 000,023,220 | ---- | C] () -- C:\Users\Folders\Documents\Barking Dog 3.odt
[2013/11/17 14:36:16 | 000,020,283 | ---- | C] () -- C:\Users\Folders\Documents\Barking Dogs Neighbors.odt
[2013/11/17 14:36:16 | 000,020,283 | ---- | C] () -- C:\Users\Folders\Documents\Barking Dog 1.odt
[2013/11/17 14:36:16 | 000,016,384 | ---- | C] () -- C:\Users\Folders\Documents\CAM FORMAT.wps
[2013/11/17 14:36:16 | 000,014,952 | ---- | C] () -- C:\Users\Folders\Documents\A PSWRDS.odt
[2013/11/17 14:36:16 | 000,013,312 | ---- | C] () -- C:\Users\Folders\Documents\BEND APT 5.wps
[2013/11/17 14:36:16 | 000,012,800 | ---- | C] () -- C:\Users\Folders\Documents\BEND APT 3.wps
[2013/11/17 14:36:16 | 000,011,776 | ---- | C] () -- C:\Users\Folders\Documents\BEND APT 4.wps
[2013/11/17 14:32:42 | 001,172,263 | ---- | C] () -- C:\Users\Folders\Documents\BARK LAW.odt
[2013/11/17 14:32:42 | 000,537,219 | ---- | C] () -- C:\Users\Folders\Documents\HOME ENERGY PLAN.pdf
[2013/11/17 14:32:42 | 000,304,880 | ---- | C] () -- C:\Users\Folders\Documents\DENTAL PLAN.pdf
[2013/11/17 14:32:42 | 000,087,422 | ---- | C] () -- C:\Users\Folders\Documents\TAX RETURN 2010.pdf
[2013/11/17 14:32:42 | 000,026,513 | ---- | C] () -- C:\Users\Folders\Documents\PROP TAX DEFERRAL.odt
[2013/11/17 14:32:42 | 000,023,220 | ---- | C] () -- C:\Users\Folders\Documents\BARK DOG 3.odt
[2013/11/17 14:32:42 | 000,020,283 | ---- | C] () -- C:\Users\Folders\Documents\BARK DOG 1.odt
[2013/11/17 14:32:42 | 000,015,307 | ---- | C] () -- C:\Users\Folders\Documents\PROPERTY TAX WHISNET.odt
[2013/11/17 14:32:42 | 000,012,800 | ---- | C] () -- C:\Users\Folders\Documents\RES 1.wps
[2013/11/17 14:32:42 | 000,011,368 | ---- | C] () -- C:\Users\Folders\Documents\VERIZON MODEM.odt
[2013/11/17 14:32:42 | 000,010,752 | ---- | C] () -- C:\Users\Folders\Documents\RES 3.wps
[2013/11/17 14:32:42 | 000,010,374 | ---- | C] () -- C:\Users\Folders\Documents\HOUSE PAINTS.odt
[2013/11/17 14:32:42 | 000,010,240 | ---- | C] () -- C:\Users\Folders\Documents\RES 4.wps
[2013/11/17 14:32:42 | 000,010,142 | ---- | C] () -- C:\Users\Folders\Documents\PHONES MICROSOFT.odt
[2013/11/17 14:32:42 | 000,009,926 | ---- | C] () -- C:\Users\Folders\Documents\PHONES ALAN.odt
[2013/11/17 14:32:42 | 000,009,216 | ---- | C] () -- C:\Users\Folders\Documents\Untitled Document.wps
[2013/11/17 14:32:42 | 000,004,854 | ---- | C] () -- C:\Users\Folders\Documents\ALAN DOUGLASS.odt
[2013/11/17 14:32:42 | 000,004,534 | ---- | C] () -- C:\Users\Folders\Documents\NETTALK CONTACT.odt
[2013/11/17 13:32:37 | 000,000,195 | ---- | C] () -- C:\Users\Folders\Desktop\Calendar.url
[2013/11/16 13:06:37 | 000,002,679 | ---- | C] () -- C:\Users\Folders\Desktop\Panorama.lnk
[2013/11/16 12:52:52 | 000,009,555 | ---- | C] () -- C:\Users\Folders\Documents\A ISA.odt
[2013/11/16 12:41:28 | 003,911,164 | ---- | C] () -- C:\Users\Folders\Documents\CENTURYLINK ACTIONTEC.tif
[2013/11/16 12:32:14 | 000,014,336 | -H-- | C] () -- C:\Users\Folders\Documents\photothumb.db
[2013/11/15 21:01:53 | 000,001,066 | ---- | C] () -- C:\Users\Folders\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2013/11/15 21:01:53 | 000,001,042 | ---- | C] () -- C:\Users\Folders\Desktop\PhotoScape.lnk
[2013/11/15 18:36:06 | 000,000,912 | ---- | C] () -- C:\Windows\SysWow64\MY_STYLE.STY
[2013/11/14 19:13:40 | 000,008,202 | R--- | C] () -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\ccSetx64.cat
[2013/11/14 19:13:40 | 000,000,855 | R--- | C] () -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\ccSetx64.inf
[2013/11/14 19:13:40 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\isolate.ini
[2013/11/13 17:34:10 | 000,002,219 | ---- | C] () -- C:\Users\Public\Desktop\Earth.lnk
[2013/11/13 17:26:25 | 000,001,212 | ---- | C] () -- C:\Users\Folders\Desktop\Creator.lnk
[2013/11/13 17:21:15 | 000,001,755 | ---- | C] () -- C:\Users\Folders\Desktop\Yard.lnk
[2013/11/13 17:19:37 | 000,001,248 | ---- | C] () -- C:\Users\Folders\Desktop\Converter.lnk
[2013/11/13 17:19:26 | 000,001,212 | ---- | C] () -- C:\Users\Folders\Desktop\Editor.lnk
[2013/11/13 17:08:34 | 000,001,020 | ---- | C] () -- C:\Users\Folders\Desktop\Downloader.lnk
[2013/11/13 16:52:54 | 000,017,720 | ---- | C] () -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys
[2013/11/13 16:52:54 | 000,001,181 | ---- | C] () -- C:\Users\Public\Desktop\Defrag.lnk
[2013/11/13 16:24:02 | 000,013,218 | ---- | C] () -- C:\Users\Folders\Documents\CENTURYLINK VAULT.odt
[2013/11/13 16:15:05 | 000,002,293 | ---- | C] () -- C:\Users\Public\Desktop\Vault.lnk
[2013/11/13 11:39:53 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/13 11:39:53 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/12 23:55:40 | 000,002,266 | ---- | C] () -- C:\Users\Public\Desktop\Mail.lnk
[2013/11/12 23:14:51 | 000,001,184 | ---- | C] () -- C:\Users\Public\Desktop\Malware.lnk
[2013/11/12 23:14:51 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malbytes.lnk
[2013/11/12 18:56:08 | 000,001,191 | ---- | C] () -- C:\Users\Public\Desktop\Drivers.lnk
[2013/11/12 18:56:08 | 000,000,288 | ---- | C] () -- C:\Windows\tasks\Driver Booster Update.job
[2013/11/12 18:52:57 | 000,002,144 | ---- | C] () -- C:\Users\Public\Desktop\Care.lnk
[2013/11/12 16:09:59 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Office.lnk
[2013/11/12 14:57:24 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2013/11/12 14:54:16 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2013/11/12 14:53:51 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2013/11/12 14:53:51 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2013/11/12 14:53:31 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2013/11/12 14:37:03 | 000,031,314 | ---- | C] () -- C:\Users\Folders\AppData\Roaming\UserTile.png
[2013/11/12 14:14:41 | 000,003,667 | ---- | C] () -- C:\Users\Folders\Desktop\Printer.lnk
[2013/11/12 14:12:24 | 001,819,841 | ---- | C] () -- C:\Users\Folders\Documents\CENTURYLINK ACTIONTEC 2.jpg
[2013/11/12 14:09:58 | 000,002,106 | ---- | C] () -- C:\Users\Public\Desktop\Scanner.lnk
[2013/11/12 13:27:26 | 000,001,260 | ---- | C] () -- C:\Users\Folders\Desktop\Update.lnk
[2013/11/12 13:23:23 | 000,001,228 | ---- | C] () -- C:\Users\Folders\Desktop\Cleanup.lnk
[2013/11/12 11:59:08 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/11 22:57:06 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/11/11 22:42:19 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/11/11 22:00:02 | 005,907,604 | ---- | C] () -- C:\Users\Folders\Documents\DENTIST.jpg
[2013/11/11 22:00:02 | 000,016,137 | ---- | C] () -- C:\Users\Folders\Documents\LARRY MELTON.odt
[2013/11/11 22:00:02 | 000,014,659 | ---- | C] () -- C:\Users\Folders\Documents\LICENSE IDM.odt
[2013/11/11 22:00:02 | 000,010,733 | ---- | C] () -- C:\Users\Folders\Documents\LICENSE WIN7.odt
[2013/11/11 22:00:02 | 000,010,142 | ---- | C] () -- C:\Users\Folders\Documents\MS HP PHONES.odt
[2013/11/11 22:00:01 | 001,581,435 | ---- | C] () -- C:\Users\Folders\Documents\FIAT SALE.jpg
[2013/11/11 22:00:01 | 000,537,219 | ---- | C] () -- C:\Users\Folders\Documents\HOME INCENTIVES.pdf
[2013/11/11 22:00:01 | 000,010,374 | ---- | C] () -- C:\Users\Folders\Documents\HOME PAINTS.odt
[2013/11/11 22:00:01 | 000,010,227 | ---- | C] () -- C:\Users\Folders\Documents\INCOME MONTHLY 2013.odt
[2013/11/11 22:00:00 | 000,036,796 | ---- | C] () -- C:\Users\Folders\Documents\Adware Opt Out.PNG
[2013/11/11 22:00:00 | 000,028,085 | ---- | C] () -- C:\Users\Folders\Documents\LICENSE IOBIT.PNG
[2013/11/11 22:00:00 | 000,013,699 | ---- | C] () -- C:\Users\Folders\Documents\ELECTRIC METER.odt
[2013/11/11 22:00:00 | 000,011,054 | ---- | C] () -- C:\Users\Folders\Documents\ALAN.odt
[2013/11/11 21:54:40 | 000,006,136 | ---- | C] () -- C:\Windows\SysNative\drivers\nvphy.bin
[2013/11/11 20:11:40 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\Firefox.lnk
[2013/11/11 20:02:29 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/11/11 19:57:45 | 000,001,424 | ---- | C] () -- C:\Users\Folders\Desktop\Explorer.lnk
[2013/11/11 19:42:34 | 000,002,290 | ---- | C] () -- C:\Users\Folders\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/11 19:41:21 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/11 19:41:20 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/11 19:32:59 | 000,205,320 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/11/11 19:32:59 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/11/11 19:10:30 | 000,001,448 | ---- | C] () -- C:\Users\Folders\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/11 19:09:44 | 000,001,424 | ---- | C] () -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/11/11 19:09:04 | 000,000,290 | ---- | C] () -- C:\Users\Folders\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/11/11 19:09:04 | 000,000,272 | ---- | C] () -- C:\Users\Folders\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/11/11 18:58:30 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/11/11 18:58:24 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/11/11 18:56:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/11/06 15:42:12 | 000,005,360 | ---- | C] () -- C:\Windows\SysWow64\AdpeakProxy.ini
[2013/11/06 15:42:12 | 000,005,360 | ---- | C] () -- C:\Windows\SysNative\AdpeakProxy.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | C] () -- C:\Windows\SysWow64\AdpeakProxyOff.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | C] () -- C:\Windows\SysNative\AdpeakProxyOff.ini

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/11/12 19:40:21 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/12 19:40:21 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/20 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Genie9
[2013/11/20 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Genie9
[2013/11/11 19:33:22 | 000,000,000 | ---D | M] -- C:\Users\Folders\AppData\Roaming\AVAST Software
[2013/11/12 14:10:24 | 000,000,000 | ---D | M] -- C:\Users\Folders\AppData\Roaming\Canon
[2013/11/29 18:59:59 | 000,000,000 | ---D | M] -- C:\Users\Folders\AppData\Roaming\DMCache
[2013/11/21 19:29:38 | 000,000,000 | ---D | M] -- C:\Users\Folders\AppData\Roaming\eCyber
[2013/11/24 16:20:05 | 000,000,000 | ---D | M] -- C:\Users\Folders\AppData\Roaming\Foxit Software
[2013/11/20 18:06:29 | 000,000,000 | ---D | M] -- C:\Users\Folders\AppData\Roaming\Genie9
[2013/11/30 13:34:46 | 000,000,000 | ---D | M] -- C:\Users\Folders\AppData\Roaming\IDM
[2013/11/28 12:11:23 | 000,000,000 | ---D | M] -- C:\Users\Folders\AppData\Roaming\IDM2
[2013/11/21 20:43:29 | 000,000,000 | ---D | M] -- C:\Users\Folders\AppData\Roaming\IObit
[2013/11/13 16:18:30 | 000,000,000 | ---D | M] -- C:\Users\Folders\AppData\Roaming\OpenOffice
[2013/11/15 21:03:00 | 000,000,000 | ---D | M] -- C:\Users\Folders\AppData\Roaming\PhotoScape
[2013/11/27 20:15:27 | 000,000,000 | ---D | M] -- C:\Users\Folders\AppData\Roaming\Systweak

========== Purity Check ==========



< End of report >


I totally do not understand why I can't send the complete scan to you in this conversation.

Jack
 

kuttus

Level 2
Verified
Oct 5, 2012
2,697
STEP 1: Run the below OTL fix
<ol><li>Start <>OTL.exe</></li>
<li>Copy/paste the following text written <>inside of the code box</> into the <>Custom Scans/Fixes</> box located at the bottom of OTL
Code:
:OTL
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32com.shell.shell.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_elementtree.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32api.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_socket.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_multiprocessing.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32ts.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._gdi_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._misc_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\windows._cacheinvalidation.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pythoncom27.dll ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\PyWinTypes27.dll ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_ctypes.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._html2.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32profile.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32crypt.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._core_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_ssl.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32security.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32pdh.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._windows_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_hashlib.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._wizard.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32file.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32inet.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32process.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._controls_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\unicodedata.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pyexpat.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32event.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\select.pyd ()
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.64
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2013/11/28 18:09:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\exten​sions
[2013/11/21 20:32:24 | 000,007,911 | ---- | M] () -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\searc​hplugins\Google.xml
[2013/11/12 18:51:42 | 000,000,905 | ---- | M] () -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\searc​hplugins\yahoo_ff.xml
[2013/11/25 23:30:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/25 23:33:11 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\FOLDERS\APPDATA\ROAMING\IDM\IDMMZCC5
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{googl​e:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{goog​le:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginPa​rameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:s​uggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={​google:suggestAPIKeyParameter},


:commands
[emptytemp]
[reboot]
<>NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system</></li>
<li>Then click the <>Run Fix</> button at the top</li>
<li>Let the program run unhindered, reboot when it is done</li>
<li>Attach the new log produced by OTL (C:\_OTL)</li>
</ol>

<hr />


Step - 2

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
 
Last edited by a moderator:

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
Again, the adware has all seemingly stopped. But I'm uncertain it won't return in a day or two. Don't know what specific action a day or two ago caused it.

Anyway, I am breaking up the results of your last request into a couple or replies:


OTL logfile created on: 11/30/2013 1:48:24 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Folders\Downloads\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 60.23% Memory free
8.00 Gb Paging File | 6.27 Gb Available in Paging File | 78.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372.51 Gb Total Space | 319.75 Gb Free Space | 85.84% Space Free | Partition Type: NTFS
Drive I: | 1.87 Gb Total Space | 1.37 Gb Free Space | 73.44% Space Free | Partition Type: NTFS
Drive J: | 298.09 Gb Total Space | 119.38 Gb Free Space | 40.05% Space Free | Partition Type: NTFS
Drive K: | 465.76 Gb Total Space | 277.05 Gb Free Space | 59.48% Space Free | Partition Type: NTFS

Computer Name: WIN7 | User Name: Folders | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Folders\Downloads\Programs\OTL_2.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
PRC - C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe (Plex, Inc.)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Python Software Foundation)
PRC - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)
PRC - C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
PRC - C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe (Hauppauge Computer Works)
PRC - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32com.shell.shell.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_elementtree.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32api.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_socket.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_multiprocessing.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32ts.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._gdi_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._misc_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\windows._cacheinvalidation.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pythoncom27.dll ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\PyWinTypes27.dll ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_ctypes.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._html2.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32profile.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32crypt.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._core_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_ssl.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32security.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32pdh.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._windows_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_hashlib.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._wizard.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32file.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32inet.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32process.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._controls_.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\unicodedata.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pyexpat.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32event.pyd ()
MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\select.pyd ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\tag.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\swscale-0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avutil-50.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avcodec-52.dll ()
MOD - C:\Program Files (x86)\Plex\Plex Media Server\avformat-52.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (GenieTimelineService) -- C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe (Genie9)
SRV:64bit: - (SpyHunter 4 Service) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
SRV:64bit: - (AdpeakProxy) -- C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NZ) -- C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe (Symantec Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AdvancedSystemCareService7) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)
SRV - (HauppaugeTVServer) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
SRV - (IMFservice) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SRV - (Hauppauge WinTV Extender) -- C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe (Hauppauge Computer Works, Inc)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (ccSet_NZ) -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys ()
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (EsgScanner) -- C:\Windows\SysNative\drivers\EsgScanner.sys ()
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (hcw18bda) -- C:\Windows\SysNative\drivers\hcw18bda.sys (Hauppauge Computer Works, Inc)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (FETNDIS) -- C:\Windows\SysNative\drivers\fet6x64.sys (VIA Technologies, Inc. )
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (UrlFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys (IObit.com)
DRV - (RegFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys (IObit.com)
DRV - (FileMonitor) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys (IObit)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.64
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\EXTENSIONS\\mozilla_cc@internetdownloadmanager.com: C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5 [2013/11/25 23:33:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5 [2013/11/25 23:33:11 | 000,000,000 | ---D | M]

[2013/11/11 20:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Folders\AppData\Roaming\Mozilla\Extensions
[2013/11/28 18:09:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\extensions
[2013/11/21 20:32:24 | 000,007,911 | ---- | M] () -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\searchplugins\Google.xml
[2013/11/12 18:51:42 | 000,000,905 | ---- | M] () -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\searchplugins\yahoo_ff.xml
[2013/11/25 23:30:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/25 23:33:11 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\FOLDERS\APPDATA\ROAMING\IDM\IDMMZCC5

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:eek:mniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Google Drive = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: avast! Online Security = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_1\
CHR - Extension: IDM Integration Module = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.7_1\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Google Wallet = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\8d25ed94-bb32-4930-87d7-4c74dc4f01ce.exe (AVAST Software)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Qwest Personal Digital Vault] "C:\Program Files (x86)\CenturyLink Personal Digital Vault\QwestPersonalDigitalVault.exe" /m File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [GoogleChromeAutoLaunch_4D58BC9D6CE41938B37776A7615543AA] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [GoogleDriveSync] c:\program files (x86)\google\drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9174F4D4-A1F3-4903-AEC4-365046D8E2F9}: DhcpNameServer = 192.168.0.1 205.171.2.25
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/11/23 15:11:00 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/30 13:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs
[2013/11/30 13:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/11/28 16:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/11/28 14:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\ScorpionSaver Services
[2013/11/28 12:11:21 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\IDM2
[2013/11/28 11:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Genie9
[2013/11/28 11:34:39 | 000,000,000 | ---D | C] -- C:\0f4b1c2beb7b6dabc8ddb5daad65d67a
[2013/11/28 10:18:12 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\autorun
[2013/11/27 20:18:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter
[2013/11/27 20:10:07 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Systweak
[2013/11/27 20:10:06 | 000,019,392 | ---- | C] (Dll-Files.com) -- C:\Windows\SysNative\roboot64.exe
[2013/11/27 16:08:43 | 000,000,000 | ---D | C] -- C:\b1e34f6098ca96049f4c
[2013/11/27 16:06:54 | 000,000,000 | ---D | C] -- C:\4d3d87bbdec4022af663ac6a6c75
[2013/11/27 16:04:12 | 000,000,000 | ---D | C] -- C:\f287f11a16765c212c1b6c
[2013/11/27 16:01:31 | 000,000,000 | ---D | C] -- C:\e407f43d348aefaebea4b46177
[2013/11/27 16:00:45 | 000,000,000 | ---D | C] -- C:\5733db8184d72843ca1e49ed71b62fc1
[2013/11/27 15:59:42 | 000,000,000 | ---D | C] -- C:\31b674d54c6afb206866
[2013/11/27 13:29:55 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2013/11/27 13:29:53 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013/11/26 20:55:06 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013/11/26 20:55:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/11/26 20:53:44 | 000,000,000 | ---D | C] -- C:\7b324cffb58ae272b47de342
[2013/11/26 18:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/11/26 16:37:17 | 000,047,064 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013/11/26 13:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinTV
[2013/11/26 13:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Hauppauge
[2013/11/26 13:48:29 | 000,000,000 | ---D | C] -- C:\Hauppauge
[2013/11/26 13:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/11/25 23:28:31 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/25 22:58:22 | 000,000,000 | ---D | C] -- C:\Windows\tasks\TaskDisabled
[2013/11/23 15:10:09 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/11/23 15:09:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/11/22 16:51:16 | 000,038,672 | ---- | C] (PCTV Systems S.à r.l.) -- C:\Windows\SysWow64\pcleUtil.dll
[2013/11/22 16:51:00 | 000,831,554 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwtvwnd.dll
[2013/11/22 16:51:00 | 000,323,640 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwpnp32.dll
[2013/11/22 16:51:00 | 000,118,840 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwi2c32.dll
[2013/11/22 16:51:00 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwutl32.dll
[2013/11/22 16:48:57 | 000,912,896 | ---- | C] (Hauppauge Computer Works, Inc) -- C:\Windows\SysNative\drivers\hcw18bda.sys
[2013/11/22 16:48:57 | 000,139,264 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysNative\hcw18prop.ax
[2013/11/22 16:48:57 | 000,117,248 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\hcw18CCv.ax
[2013/11/22 12:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/11/22 10:51:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/11/22 10:39:45 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/21 20:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2013/11/21 20:22:10 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Adobe
[2013/11/21 19:29:38 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\eCyber
[2013/11/21 14:10:52 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Real
[2013/11/21 14:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/11/20 18:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genie9
[2013/11/20 18:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Genie9
[2013/11/20 17:58:48 | 000,000,000 | R--D | C] -- C:\Users\Folders\Desktop\Backup
[2013/11/20 17:58:47 | 000,000,000 | R--D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
[2013/11/20 17:58:47 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2013/11/20 17:57:45 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Genie9
[2013/11/19 19:02:59 | 000,000,000 | R--D | C] -- C:\Users\Folders\Google Drive
[2013/11/19 14:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer
[2013/11/19 14:36:59 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer
[2013/11/19 14:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftMaker Viewer
[2013/11/18 19:25:06 | 000,032,600 | ---- | C] (IObit) -- C:\Windows\SysNative\SmartDefragBootTime.exe
[2013/11/17 17:02:28 | 000,000,000 | ---D | C] -- C:\Users\Folders\Rail Temp
[2013/11/17 14:51:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/11/17 14:51:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2013/11/17 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\DOGS
[2013/11/17 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\Documents
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\DISPUTES
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\Booknizer
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\APARTMENTS
[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\AA QWEST
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\WAB
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\VERIZON
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\TAXES
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\RES REF
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\PROP TAX
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\PASSWORDS
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\OLD EMAILS
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\OLD APT
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\LICENSES
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\EMAILS
[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\EMAIL ADDRESSES
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\SoftMaker
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\LICENSES PASSWORDS
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\BEND APT
[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\AppData
[2013/11/16 15:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Media Preview
[2013/11/16 15:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Media Preview
[2013/11/16 15:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BabelSoft
[2013/11/16 13:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Research
[2013/11/16 13:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
[2013/11/16 12:59:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Foxit Software
[2013/11/16 12:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2013/11/15 21:01:58 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\PhotoScape
[2013/11/15 21:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2013/11/15 21:01:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2013/11/15 18:29:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\CrashDumps
[2013/11/15 13:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013/11/15 13:24:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2013/11/15 13:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2013/11/15 13:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/15 09:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Zone
[2013/11/14 21:35:49 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Qwest
[2013/11/14 19:13:43 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\ccSetx64.sys
[2013/11/14 19:13:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D
[2013/11/14 15:05:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/11/14 13:23:04 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/11/14 13:22:51 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/11/13 18:49:24 | 000,439,296 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysNative\AdpeakProxy64.dll
[2013/11/13 18:49:21 | 000,338,944 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysWow64\AdpeakProxy.dll
[2013/11/13 18:11:18 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\vlc
[2013/11/13 18:10:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/11/13 18:09:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013/11/13 18:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/11/13 17:34:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/11/13 17:26:08 | 001,005,928 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\libeay32.dll
[2013/11/13 17:26:08 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll
[2013/11/13 17:26:08 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll
[2013/11/13 17:26:07 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll
[2013/11/13 17:20:37 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\AVS4YOU
[2013/11/13 17:20:21 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013/11/13 17:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013/11/13 17:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2013/11/13 17:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2013/11/13 17:18:22 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2013/11/13 17:18:21 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2013/11/13 17:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\IDM
[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\DMCache
[2013/11/13 17:08:34 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/11/13 17:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/11/13 17:08:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2013/11/13 16:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2013/11/13 16:18:30 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\OpenOffice
[2013/11/13 16:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CenturyLink Personal Digital Vault™
[2013/11/13 16:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CenturyLink Personal Digital Vault
[2013/11/13 14:37:06 | 000,000,000 | ---D | C] -- C:\Users\Folders\Norton Zone
[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NZx64
[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Zone
[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/11/13 14:35:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013/11/13 14:35:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013/11/13 14:33:36 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013/11/13 14:24:03 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Plex
[2013/11/13 14:23:53 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013/11/13 14:23:52 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013/11/13 14:23:02 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plex Media Center
[2013/11/13 13:40:46 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Apple Computer
[2013/11/13 13:40:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Plex Media Server
[2013/11/13 13:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
[2013/11/13 13:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plex
[2013/11/13 13:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/11/13 12:40:20 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/11/13 11:43:16 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013/11/13 11:39:57 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/13 11:39:57 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/13 11:39:53 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/13 11:39:53 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/13 11:39:53 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/13 11:39:53 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/13 11:39:53 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/13 11:39:53 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/13 11:39:53 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/13 11:39:53 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/13 11:39:53 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/13 11:39:53 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/13 11:39:53 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/13 11:39:53 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/13 11:39:53 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/13 11:39:53 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/13 11:39:53 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/13 11:39:53 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/13 11:39:53 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/13 11:39:53 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/13 11:39:53 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/13 11:39:53 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/13 11:39:53 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/13 11:39:53 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/13 11:39:53 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/13 11:39:53 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/13 11:39:53 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/13 11:39:53 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/13 11:39:53 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/13 11:39:53 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/13 11:39:53 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/13 11:39:53 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/13 11:39:53 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/13 11:39:53 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/13 11:39:53 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/13 11:39:53 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/13 11:39:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/13 11:39:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/13 11:39:53 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/13 11:39:53 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/13 11:39:53 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/13 11:39:53 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/13 11:39:53 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/13 11:39:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/13 11:39:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/13 11:39:53 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/13 11:39:53 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/13 11:39:53 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/13 11:39:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/13 11:39:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/13 11:39:53 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/13 11:39:53 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/13 11:39:53 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/13 11:39:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/13 11:39:53 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/13 11:39:53 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/13 11:39:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/13 11:39:53 | 000,069,632 | ---- | C] (Microsoft Corpo
 

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2013 02
Ran by Folders at 2013-12-03 22:33:47
Running from C:\Users\Folders\Downloads\Programs
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Advanced SystemCare 7 (x32 Version: 7.0.6)
avast! Free Antivirus (x32 Version: 9.0.2008)
AVS Disc Creator 5 (x32 Version: 5.1.2.525)
AVS Video Converter 8 (x32 Version: 8.4.2.541)
AVS Video Editor 6 (x32 Version: 6.4.2.241)
Canon MP Navigator EX 1.2 (x32)
Canon MP190 series MP Drivers
CCleaner (Version: 4.08)
CenturyLink Personal Digital Vault™ (x32 Version: 1.0.0004)
Driver Booster (x32 Version: 1.1)
Foxit Reader (x32 Version: 6.1.1.1031)
Google Chrome (x32 Version: 31.0.1650.57)
Google Drive (x32 Version: 1.12.5329.1887)
Google Earth (x32 Version: 7.1.2.2041)
Google Update Helper (x32 Version: 1.3.21.165)
Hauppauge WinTV 7 (x32 Version: v7.2.31311 (CD 3.1a))
HD Video Converter Factory Pro (HKCU)
Internet Download Manager (x32)
IObit Malware Fighter (x32 Version: 2.1)
IObit Uninstaller (x32 Version: 3.0.4.922)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Media Preview (Version: 1.3.1.343)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Image Composite Editor (Version: 1.4.4)
Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.4518.1014)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (x32 Version: 11.0.61030.0)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (x32 Version: 11.0.61030.0)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030)
Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Norton Zone (x32 Version: 1.0.15.13)
NVIDIA 3D Vision Driver 331.65 (Version: 331.65)
NVIDIA Control Panel 331.65 (Version: 331.65)
NVIDIA Drivers (Version: 1.10.57.35)
NVIDIA Graphics Driver 331.65 (Version: 331.65)
NVIDIA Install Application (Version: 2.1002.133.889)
NVIDIA Update 1.15.2 (Version: 1.15.2)
NVIDIA Update Components (Version: 1.15.2)
OpenOffice 4.0.1 (x32 Version: 4.01.9714)
PhotoScape (x32)
Plex (HKCU Version: 0.9.504)
Plex Media Server (x32 Version: 0.9.810)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5910)
RegHunter (Version: 1.3.3.1613)
Smart Defrag 2 (x32 Version: 2.9)
SpyHunter (Version: 4.16.5.4290)
Surfing Protection (x32 Version: 1.0)
TextMaker Viewer (x32)
VLC media player 2.1.1 (x32 Version: 2.1.1)
Yard Office (x32 Version: 3.07)

==================== Restore Points =========================

28-11-2013 19:34:10 Windows Update
29-11-2013 00:51:49 Removed ScorpionSaver Services
29-11-2013 20:44:47 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
29-11-2013 20:45:26 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
30-11-2013 21:40:00 DLL-Files Fixer Sat, Nov 30, 13 13:39
02-12-2013 02:58:09 Windows Update
02-12-2013 03:00:21 Windows Backup
04-12-2013 03:09:53 Removed Microsoft Image Composite Editor
04-12-2013 03:18:46 Installed Microsoft Image Composite Editor
04-12-2013 03:29:58 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610

==================== Hosts content: ==========================

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00AE038F-9E62-4013-820E-5B0AE15CAC80} - System32\Tasks\ASC7_SkipUac_Folders => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2013-11-14] (IObit)
Task: {02DFBD1B-A69D-4BE8-AAFE-E114AE1ADD4A} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2013-11-11] (IObit)
Task: {063BBBD9-EE7E-496B-A350-341C269EF0DC} - System32\Tasks\Norton Zone\Norton Error Processor => C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\symerr.exe [2013-08-01] (Symantec Corporation)
Task: {63F50307-340F-4D5A-AB3B-4E8476FD5C77} - System32\Tasks\{25DCCD1F-6B78-4178-A1D0-BBB60061D347} => C:\Users\Folders\Desktop\mbar\mbar.exe
Task: {73996B6A-849E-4006-8AB4-93C01111B4D9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {7AD8EC0D-28ED-4C97-966A-AF565E5499B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-01] (Adobe Systems Incorporated)
Task: {91D19F60-885C-40E1-8A03-9F13764863F4} - System32\Tasks\Norton Zone\Norton Error Analyzer => C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\symerr.exe [2013-08-01] (Symantec Corporation)
Task: {944B64B0-1088-4C2F-BE36-91D09DD9FE26} - System32\Tasks\{19E56317-F4BA-41D1-A550-DB17CACF91B9} => C:\Users\Folders\Desktop\mbar\mbar.exe
Task: {A70EAAFF-BD0E-435F-AB72-8422233B5BF0} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)
Task: {ABB9EA11-5A69-464F-9260-FF40EFD31450} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-11] (Google Inc.)
Task: {AD5FFF05-1CF5-4FBD-901F-A7C928B2CB59} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-11] (Google Inc.)
Task: {AFC7BF0A-841B-4B8E-9DFF-78418852E887} - System32\Tasks\{4ABD4A0C-3760-4DC6-95A6-55950476D16D} => C:\Users\Folders\Desktop\mbar\mbar.exe
Task: {CBA41F11-43B7-43BD-82E1-C72EF60B0E7D} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)
Task: {D6F65AFE-D262-4FC8-8DFE-4D64A5D7A61A} - \SpyHunter4Startup No Task File
Task: {DF9A3680-93C9-472B-B485-67CBFD9BBFAB} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2013-11-08] (IObit)
Task: {E1997FAE-754D-4319-9922-CD583CE663F5} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-11-04] (IObit)
Task: {FD4C3510-ECA4-44F9-B749-7AAF90945504} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-11] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-12 18:52 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2013-12-03 14:43 - 2013-12-03 10:46 - 02151424 _____ () C:\Program Files\AVAST Software\Avast\defs\13120301\algo.dll
2013-11-28 10:20 - 2013-09-12 09:27 - 00025600 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2013-11-28 10:20 - 2011-08-23 10:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2013-10-26 15:17 - 2013-10-26 15:17 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2013-10-26 15:16 - 2013-10-26 15:16 - 00195720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2013-10-26 15:16 - 2013-10-26 15:16 - 00840840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2013-10-26 15:17 - 2013-10-26 15:17 - 00238232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\swscale-0.dll
2013-10-26 15:16 - 2013-10-26 15:16 - 00137880 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avutil-50.dll
2013-10-26 15:16 - 2013-10-26 15:16 - 00051848 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2013-10-26 15:16 - 2013-10-26 15:16 - 00089224 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2013-10-26 15:16 - 2013-10-26 15:16 - 05299352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avcodec-52.dll
2013-10-26 15:16 - 2013-10-26 15:16 - 00980120 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avformat-52.dll
2013-10-26 15:17 - 2013-10-26 15:17 - 00507528 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2013-10-26 15:17 - 2013-10-26 15:17 - 08495240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll
2013-10-26 15:16 - 2013-10-26 15:16 - 00952968 _____ () C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll
2013-10-26 15:16 - 2013-10-26 15:16 - 01291400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll
2013-10-26 15:16 - 2013-10-26 15:16 - 01038984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll
2013-10-26 15:17 - 2013-10-26 15:17 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll
2013-11-11 19:32 - 2013-11-11 19:32 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-03 22:23 - 2013-12-03 22:23 - 00098816 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\win32api.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00110080 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\pywintypes27.dll
2013-12-03 22:23 - 2013-12-03 22:23 - 00364544 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\pythoncom27.dll
2013-12-03 22:23 - 2013-12-03 22:23 - 00044032 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\_socket.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 01153024 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\_ssl.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00320512 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\win32com.shell.shell.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00711680 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\_hashlib.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 01175040 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\wx._core_.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00805888 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\wx._gdi_.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00811008 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\wx._windows_.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 01062400 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\wx._controls_.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00735232 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\wx._misc_.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00128512 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\_elementtree.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00127488 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\pyexpat.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00557056 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\pysqlite2._sqlite.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00087040 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\_ctypes.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00119808 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\win32file.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00108544 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\win32security.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00018432 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\win32event.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00038912 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\win32inet.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00122368 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\wx._wizard.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00686080 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\unicodedata.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00026624 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\_multiprocessing.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00070656 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\wx._html2.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00010240 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\select.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00025600 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\win32pdh.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00504832 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\windows._cacheinvalidation.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00011264 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\win32crypt.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00035840 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\win32process.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00017408 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\win32profile.pyd
2013-12-03 22:23 - 2013-12-03 22:23 - 00022528 _____ () C:\Users\Folders\AppData\Local\Temp\_MEI10762\win32ts.pyd
2013-11-15 13:21 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2013-11-15 13:21 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2013-11-15 13:21 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2013-11-15 13:21 - 2013-05-29 13:15 - 06773056 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2013-11-15 13:21 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2013-11-15 13:21 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2013-10-26 15:17 - 2013-10-26 15:17 - 00045192 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2013-10-26 15:17 - 2013-10-26 15:17 - 00028808 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2013-10-26 15:17 - 2013-10-26 15:17 - 00019080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2013-10-26 15:17 - 2013-10-26 15:17 - 00032392 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2013-10-26 15:17 - 2013-10-26 15:17 - 00836744 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2013-10-26 15:16 - 2013-10-26 15:16 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2013-10-26 15:16 - 2013-10-26 15:16 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2013-10-26 15:17 - 2013-10-26 15:17 - 00192648 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2013-10-26 15:17 - 2013-10-26 15:17 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2013-10-26 15:17 - 2013-10-26 15:17 - 00056456 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
2013-10-26 15:17 - 2013-10-26 15:17 - 00018056 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
2013-10-26 15:17 - 2013-10-26 15:17 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
2013-10-26 15:17 - 2013-10-26 15:17 - 00083080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2013-10-26 15:17 - 2013-10-26 15:17 - 00111752 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2013-10-26 15:17 - 2013-10-26 15:17 - 00692360 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2013-11-14 13:56 - 2013-11-14 03:28 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-14 13:56 - 2013-11-14 03:28 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-14 13:56 - 2013-11-14 03:29 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-14 13:56 - 2013-11-14 03:29 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-14 13:56 - 2013-11-14 03:28 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy => ""="service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/03/2013 10:23:59 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/03/2013 10:23:59 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/03/2013 10:23:59 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/03/2013 10:23:59 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (12/03/2013 10:23:51 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/03/2013 10:23:50 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/03/2013 10:23:50 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/03/2013 10:23:50 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/03/2013 10:23:50 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (12/03/2013 10:23:48 PM) (Source: ESENT) (User: )
Description: Windows (2624) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00042.log.


System errors:
=============
Error: (12/03/2013 10:24:00 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (12/03/2013 10:24:00 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (12/03/2013 10:22:41 PM) (Source: Service Control Manager) (User: )
Description: The AdpeakProxy service failed to start due to the following error:
%%2

Error: (12/03/2013 10:20:06 PM) (Source: Service Control Manager) (User: )
Description: The Norton Zone service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (12/03/2013 10:20:06 PM) (Source: Service Control Manager) (User: )
Description: The Advanced SystemCare Service 7 service terminated unexpectedly. It has done this 1 time(s).

Error: (12/03/2013 06:01:13 PM) (Source: Service Control Manager) (User: )
Description: The AdpeakProxy service failed to start due to the following error:
%%2

Error: (12/03/2013 06:00:50 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (12/03/2013 10:39:10 AM) (Source: Service Control Manager) (User: )
Description: The Hauppauge WinTV Extender service failed to start due to the following error:
%%1053

Error: (12/03/2013 10:39:10 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Hauppauge WinTV Extender service to connect.

Error: (12/03/2013 10:38:40 AM) (Source: Service Control Manager) (User: )
Description: The AdpeakProxy service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (12/03/2013 10:23:59 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/03/2013 10:23:59 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/03/2013 10:23:59 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/03/2013 10:23:59 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (12/03/2013 10:23:51 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (12/03/2013 10:23:50 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/03/2013 10:23:50 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (12/03/2013 10:23:50 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (12/03/2013 10:23:50 PM) (Source: Windows Search Service)(User: )
Description:
Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (12/03/2013 10:23:48 PM) (Source: ESENT)(User: )
Description: Windows2624Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00042.log-1811


CodeIntegrity Errors:
===================================
Date: 2013-11-20 15:41:23.087
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-20 15:41:22.865
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-20 15:41:22.641
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-19 15:08:48.118
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-19 15:08:47.878
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-19 15:08:47.578
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 42%
Total physical RAM: 4094.55 MB
Available physical RAM: 2344.18 MB
Total Pagefile: 8187.29 MB
Available Pagefile: 5971.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (SAMSUNG) (Fixed) (Total:372.51 GB) (Free:320.09 GB) NTFS
Drive i: (RAIL PHOTOS) (Removable) (Total:1.87 GB) (Free:1.37 GB) NTFS
Drive j: (PBS) (Fixed) (Total:298.09 GB) (Free:129.49 GB) NTFS
Drive k: (RAIL VIDEOS) (Fixed) (Total:465.76 GB) (Free:374.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 373 GB) (Disk ID: 67CFBE2B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=373 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 298 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 466 GB) (Disk ID: C5F28D86)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 2 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=2 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2013 02
Ran by Folders (administrator) on WIN7 on 03-12-2013 22:58:40
Running from C:\Users\Folders\Downloads\Programs
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Hauppauge Computer Works, Inc) C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Folders\Downloads\Programs\FRST64_3.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Run: [Plex Media Server] - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4238984 2013-10-26] (Plex, Inc.)
HKCU\...\Run: [IDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3825232 2013-11-08] (Tonec Inc.)
HKCU\...\Run: [GoogleChromeAutoLaunch_4D58BC9D6CE41938B37776A7615543AA] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184 2013-11-14] (Google Inc.)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-11] (AVAST Software)
HKLM-x32\...\Run: [Qwest Personal Digital Vault] - "C:\Program Files (x86)\CenturyLink Personal Digital Vault\QwestPersonalDigitalVault.exe" /m
HKLM-x32\...\Run: [IObit Malware Fighter] - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1549120 2013-08-16] (IObit)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\setup\emupdate\8d25ed94-bb32-4930-87d7-4c74dc4f01ce.exe [180184 2013-11-23] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25

FireFox:
========
FF ProfilePath: C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default
FF NewTab: hxxp://www.google.com/firefox
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SelectedSearchEngine: Bing
FF Homepage: https://www.google.com/
FF NetworkProxy: "type", 0
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\searchplugins\yahoo_ff.xml
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR RestoreOnStartup: "https://mail.google.com/mail/u/0/?tab=wm#inbox"
CHR Extension: (Google Drive) - C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (avast! Online Security) - C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_1
CHR Extension: (IDM Integration Module) - C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.7_1
CHR Extension: ( "name":"Advanced SystemCare Surfing Protection",) - C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0
CHR Extension: (Google Wallet) - C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx
CHR HKLM-x32\...\Chrome\Extension: [jonjajmpblmjkhjemkalbddhodlehkfg] - C:\Users\Folders\AppData\Local\CRE\jonjajmpblmjkhjemkalbddhodlehkfg.crx
CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Folders\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx

==================== Services (Whitelisted) =================

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [878368 2013-10-25] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-11] (AVAST Software)
R2 Hauppauge WinTV Extender; C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe [59392 2013-08-07] (Hauppauge Computer Works, Inc)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [582144 2013-08-31] (Hauppauge Computer Works)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [335168 2013-04-25] (IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2013-11-15] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NZ; C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe [143856 2013-11-10] (Symantec Corporation)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2013-10-18] (Enigma Software Group USA, LLC.)
S2 AdpeakProxy; C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-11] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-11] ()
R1 ccSet_NZ; C:\Windows\system32\drivers\NZx64\01000F0.00D\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R3 FETNDIS; C:\Windows\System32\DRIVERS\fet6x64.sys [47872 2009-06-10] (VIA Technologies, Inc. )
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R3 hcw18bda; C:\Windows\System32\drivers\hcw18bda.sys [912896 2010-09-19] (Hauppauge Computer Works, Inc)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34336 2013-03-26] (IObit.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-03-26] (IObit.com)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-03 22:31 - 2013-12-03 22:31 - 00000000 ____D C:\FRST
2013-12-03 22:22 - 2013-12-03 22:22 - 00000112 _____ C:\Windows\setupact.log
2013-12-03 22:22 - 2013-12-03 22:22 - 00000000 _____ C:\Windows\setuperr.log
2013-12-03 19:30 - 2013-12-03 19:30 - 00001098 _____ C:\Users\Public\Desktop\WinTV 7.lnk
2013-12-03 19:29 - 2013-12-03 19:29 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-12-03 19:19 - 2013-12-03 19:19 - 00002679 _____ C:\Users\Folders\Desktop\Panorama.lnk
2013-12-03 19:18 - 2013-12-03 19:18 - 00000000 ____D C:\Program Files\Microsoft Research
2013-12-03 17:59 - 2013-12-03 17:59 - 00000000 _____ C:\asc_rdflag
2013-12-02 14:24 - 2013-12-02 14:17 - 00012712 _____ C:\Users\Folders\Documents\computer rebuild.odt
2013-12-02 12:26 - 2013-12-03 22:24 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-12-02 09:23 - 2013-12-02 09:23 - 00000441 _____ C:\sh4_service.log
2013-12-02 09:18 - 2013-10-18 15:01 - 00285747 _____ C:\shldr
2013-12-02 09:18 - 2013-10-18 15:01 - 00008192 _____ C:\shldr.mbr
2013-12-02 01:22 - 2013-12-02 01:22 - 00002836 _____ C:\spyhunter.log
2013-12-01 14:41 - 2013-12-01 14:41 - 00000000 ____D C:\Users\Folders\Documents\WonderFox Soft
2013-12-01 14:02 - 2013-12-01 14:02 - 00000000 ____D C:\ProgramData\McAfee
2013-12-01 13:59 - 2013-12-01 14:14 - 00000000 ____D C:\Users\Folders\AppData\Roaming\Software Informer
2013-12-01 13:58 - 2013-12-01 14:41 - 00001311 _____ C:\Users\UpdatusUser\Desktop\HD Video Converter Factory Pro.lnk
2013-12-01 13:58 - 2013-12-01 14:41 - 00001311 _____ C:\Users\Folders\Desktop\HD Converter.lnk
2013-12-01 13:58 - 2013-12-01 13:58 - 00000000 ____D C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft
2013-12-01 13:58 - 2013-12-01 13:58 - 00000000 ____D C:\Program Files (x86)\WonderFox Soft
2013-12-01 13:18 - 2013-12-01 13:18 - 00013625 _____ C:\Users\Folders\Documents\Humana Dental Cancellation.odt
2013-11-28 16:59 - 2013-11-28 16:59 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-11-28 14:36 - 2013-12-02 01:22 - 00000000 ____D C:\Program Files\ScorpionSaver Services
2013-11-28 12:11 - 2013-11-28 12:11 - 00000000 ____D C:\Users\Folders\AppData\Roaming\IDM2
2013-11-28 11:34 - 2013-11-28 11:35 - 00000000 ____D C:\0f4b1c2beb7b6dabc8ddb5daad65d67a
2013-11-27 20:18 - 2013-11-27 20:18 - 00001170 _____ C:\Users\Public\Desktop\RegHunter.lnk
2013-11-27 16:08 - 2013-11-27 16:08 - 00000000 ____D C:\b1e34f6098ca96049f4c
2013-11-27 16:06 - 2013-11-27 16:08 - 00000000 ____D C:\4d3d87bbdec4022af663ac6a6c75
2013-11-27 16:04 - 2013-11-27 16:06 - 00000000 ____D C:\f287f11a16765c212c1b6c
2013-11-27 16:01 - 2013-11-27 16:04 - 00000000 ____D C:\e407f43d348aefaebea4b46177
2013-11-27 16:00 - 2013-11-27 16:01 - 00000000 ____D C:\5733db8184d72843ca1e49ed71b62fc1
2013-11-27 15:59 - 2013-11-27 16:00 - 00000000 ____D C:\31b674d54c6afb206866
2013-11-27 14:49 - 2013-11-27 14:49 - 25444684 _____ C:\Users\Folders\Documents\ROKU QWEST PASSWORDS.tif
2013-11-27 13:29 - 2013-11-27 13:29 - 00002269 _____ C:\Users\Folders\Desktop\SpyHunter.lnk
2013-11-27 13:29 - 2013-11-27 13:29 - 00000000 ____D C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-11-27 13:29 - 2013-11-27 13:29 - 00000000 ____D C:\sh4ldr
2013-11-27 13:08 - 2012-06-22 11:01 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2013-11-26 20:53 - 2013-11-26 20:54 - 00000000 ____D C:\7b324cffb58ae272b47de342
2013-11-26 18:44 - 2013-11-26 19:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-26 16:43 - 2013-11-28 12:12 - 00002940 _____ C:\Windows\System32\Tasks\{4ABD4A0C-3760-4DC6-95A6-55950476D16D}
2013-11-26 16:43 - 2013-11-28 12:12 - 00002940 _____ C:\Windows\System32\Tasks\{19E56317-F4BA-41D1-A550-DB17CACF91B9}
2013-11-26 16:38 - 2013-11-28 12:12 - 00002940 _____ C:\Windows\System32\Tasks\{25DCCD1F-6B78-4178-A1D0-BBB60061D347}
2013-11-26 16:37 - 2013-11-26 18:38 - 00047064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-26 15:20 - 2013-11-28 18:34 - 00002017 _____ C:\Users\Public\Desktop\Avast.lnk
2013-11-26 13:58 - 2013-12-03 19:30 - 00000000 ____D C:\Users\Public\WinTV
2013-11-26 13:58 - 2013-12-03 19:29 - 00000000 ____D C:\Program Files (x86)\WinTV
2013-11-26 13:58 - 2013-11-28 10:20 - 00000000 ____D C:\ProgramData\Hauppauge
2013-11-26 13:53 - 2013-12-01 19:02 - 00774248 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-26 13:48 - 2013-12-03 19:28 - 00000000 ____D C:\Hauppauge
2013-11-26 12:45 - 2013-11-28 12:12 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-11-25 23:28 - 2013-11-25 23:28 - 00000000 ____D C:\_OTL
2013-11-25 22:58 - 2013-11-25 22:58 - 00000000 ____D C:\Windows\Tasks\TaskDisabled
2013-11-23 15:11 - 2013-11-23 15:11 - 00000000 _____ C:\autoexec.bat
2013-11-23 15:10 - 2013-11-27 20:18 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-22 16:51 - 2013-12-03 19:30 - 00000401 _____ C:\Windows\ODBCINST.INI
2013-11-22 16:51 - 2013-12-03 19:30 - 00000135 _____ C:\Windows\ODBC.INI
2013-11-22 16:51 - 2013-12-03 19:29 - 00037639 _____ C:\Windows\Irremote.ini
2013-11-22 16:51 - 2013-12-03 19:29 - 00002767 _____ C:\Windows\HCWPNP.INI
2013-11-22 16:51 - 2013-05-03 13:37 - 00118840 _____ (Hauppauge Computer Works, Inc.) C:\Windows\SysWOW64\hcwi2c32.dll
2013-11-22 16:51 - 2012-06-14 20:30 - 00323640 _____ (Hauppauge Computer Works) C:\Windows\SysWOW64\hcwpnp32.dll
2013-11-22 16:51 - 2009-08-12 10:37 - 00038672 _____ (PCTV Systems S.à r.l.) C:\Windows\SysWOW64\pcleUtil.dll
2013-11-22 16:51 - 2009-02-16 23:09 - 00831554 _____ (Hauppauge Computer Works) C:\Windows\SysWOW64\hcwtvwnd.dll
2013-11-22 16:51 - 2009-01-28 10:52 - 00142337 _____ C:\Windows\SysWOW64\Wait.exe
2013-11-22 16:51 - 2008-06-30 10:02 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-11-22 16:51 - 2008-06-30 10:02 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-11-22 16:51 - 2006-10-10 18:47 - 00036921 _____ (Hauppauge Computer Works) C:\Windows\SysWOW64\hcwutl32.dll
2013-11-22 16:48 - 2010-09-19 23:28 - 00912896 _____ (Hauppauge Computer Works, Inc) C:\Windows\system32\Drivers\hcw18bda.sys
2013-11-22 16:48 - 2010-09-19 23:28 - 00139264 _____ (Hauppauge Computer Works) C:\Windows\system32\hcw18prop.ax
2013-11-22 16:48 - 2010-09-19 23:28 - 00117248 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\hcw18CCv.ax
2013-11-22 12:32 - 2013-11-22 12:42 - 00000000 ____D C:\ProgramData\HitmanPro
2013-11-22 10:51 - 2013-11-22 10:51 - 00000000 ____D C:\Windows\ERUNT
2013-11-22 10:39 - 2013-12-02 12:22 - 00000000 ____D C:\AdwCleaner
2013-11-22 10:07 - 2013-11-22 10:07 - 00001242 _____ C:\Users\Folders\Desktop\Uninstaller.lnk
2013-11-21 21:43 - 2013-11-21 21:43 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
2013-11-21 21:43 - 2013-11-21 21:43 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
2013-11-21 20:56 - 2013-11-24 18:45 - 00003260 _____ C:\Windows\System32\Tasks\{AF3227B2-DADD-4423-B0DD-97A8C5037367}
2013-11-21 20:55 - 2013-11-22 10:06 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-11-21 20:22 - 2013-12-01 14:02 - 00000000 ____D C:\Users\Folders\AppData\Local\Adobe
2013-11-21 19:29 - 2013-11-21 19:29 - 00000000 ____D C:\Users\Folders\AppData\Roaming\eCyber
2013-11-21 14:10 - 2013-11-21 14:11 - 00000000 ____D C:\Users\Folders\AppData\Roaming\Real
2013-11-21 14:08 - 2013-11-21 14:11 - 00000000 ____D C:\ProgramData\Real
2013-11-20 21:03 - 2013-12-02 11:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\Genie9
2013-11-20 21:03 - 2013-12-02 11:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Genie9
2013-11-20 18:16 - 2013-11-20 18:17 - 00047270 _____ C:\Users\Folders\Documents\GENIE 9 STORAGE LICENSE.odt
2013-11-20 17:58 - 2013-11-28 18:29 - 00000000 ___RD C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
2013-11-20 17:57 - 2013-12-02 11:40 - 00000000 ____D C:\Users\Folders\AppData\Roaming\Genie9
2013-11-19 19:02 - 2013-12-03 22:23 - 00000000 ___RD C:\Users\Folders\Google Drive
2013-11-19 19:02 - 2013-11-19 19:02 - 00001705 _____ C:\Users\Folders\Desktop\Drive.lnk
2013-11-19 14:36 - 2013-11-21 20:43 - 00000000 ____D C:\Program Files (x86)\SoftMaker Viewer
2013-11-19 14:36 - 2013-11-19 14:36 - 00000000 ____D C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer
2013-11-19 14:36 - 2009-06-05 03:33 - 00068640 _____ C:\Windows\unTMV.exe
2013-11-19 14:36 - 2009-03-23 00:41 - 00148473 _____ C:\Users\Folders\Documents\TextMaker Viewer.tmd
2013-11-18 19:25 - 2013-11-24 18:45 - 00003172 _____ C:\Windows\System32\Tasks\SmartDefrag_Startup
2013-11-18 19:25 - 2013-11-24 18:45 - 00003170 _____ C:\Windows\System32\Tasks\SmartDefragUpdate
2013-11-18 19:25 - 2013-05-22 18:49 - 00032600 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2013-11-17 14:51 - 2013-11-17 14:51 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-11-17 14:51 - 2013-11-17 14:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-11-17 14:36 - 2013-11-19 14:31 - 00000000 ____D C:\Users\Folders\Documents\AA QWEST
2013-11-17 14:36 - 2013-11-19 14:30 - 00000000 ____D C:\Users\Folders\Documents\PASSWORDS
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\WAB
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\VERIZON
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\TAXES
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\RES REF
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\PROP TAX
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\OLD EMAILS
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\OLD APT
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\LICENSES
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\EMAILS
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\EMAIL ADDRESSES
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\DOGS
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\DISPUTES
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\Booknizer
2013-11-17 14:36 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\APARTMENTS
2013-11-17 14:36 - 2012-09-04 11:24 - 00367716 _____ C:\Users\Folders\Documents\IDMSettings.txt
2013-11-17 14:36 - 2011-10-03 13:01 - 00004901 _____ C:\Users\Folders\Documents\MICROSOFT PHONES.odt
2013-11-17 14:36 - 2011-09-07 16:24 - 00000152 _____ C:\Users\Folders\Documents\Network Security Settings.txt
2013-11-17 14:36 - 2011-08-03 22:15 - 00012754 _____ C:\Users\Folders\Documents\TEEN SUBSCRIBE.odt
2013-11-17 14:36 - 2011-07-27 18:06 - 00009354 _____ C:\Users\Folders\Documents\internet probs.odt
2013-11-17 14:36 - 2011-07-23 11:15 - 01740859 _____ C:\Users\Folders\Documents\CLEAR ONE & MEDICARE.odt
2013-11-17 14:36 - 2011-07-20 17:09 - 00018727 _____ C:\Users\Folders\Documents\PRESBYTERIAN THANK YOU.odt
2013-11-17 14:36 - 2011-07-19 11:12 - 00026513 _____ C:\Users\Folders\Documents\PROPERTY TAX APPEAL.odt
2013-11-17 14:36 - 2011-07-17 13:07 - 00019682 _____ C:\Users\Folders\Documents\HOME DEPOT COMPLAINT.odt
2013-11-17 14:36 - 2011-06-23 13:32 - 00014669 _____ C:\Users\Folders\Documents\Speeding Ticket.odt
2013-11-17 14:36 - 2011-06-23 13:32 - 00014669 _____ C:\Users\Folders\Documents\OSP TKT.odt
2013-11-17 14:36 - 2011-06-09 15:20 - 00019794 _____ C:\Users\Folders\Documents\House Paint Request.odt
2013-11-17 14:36 - 2011-06-09 15:20 - 00019794 _____ C:\Users\Folders\Documents\HOUSE PAINT JOB.odt
2013-11-17 14:36 - 2011-05-14 12:53 - 00023220 _____ C:\Users\Folders\Documents\Barking Dog Response.odt
2013-11-17 14:36 - 2011-05-14 12:53 - 00023220 _____ C:\Users\Folders\Documents\Barking Dog 3.odt
2013-11-17 14:36 - 2011-05-12 18:14 - 00020283 _____ C:\Users\Folders\Documents\Barking Dogs Neighbors.odt
2013-11-17 14:36 - 2011-05-12 18:14 - 00020283 _____ C:\Users\Folders\Documents\Barking Dog 1.odt
2013-11-17 14:36 - 2011-05-09 17:14 - 00020936 _____ C:\Users\Folders\Documents\ONPOINT CANCELLED.odt
2013-11-17 14:36 - 2011-05-09 17:14 - 00020936 _____ C:\Users\Folders\Documents\OnPoint Cancel.odt
2013-11-17 14:36 - 2011-05-05 09:31 - 00009927 _____ C:\Users\Folders\Documents\Nettalk.odt
2013-11-17 14:36 - 2011-04-24 12:02 - 00016529 _____ C:\Users\Folders\Documents\Faucets.odt
2013-11-17 14:36 - 2011-04-23 11:44 - 00014948 _____ C:\Users\Folders\Documents\Equifax Request.odt
2013-11-17 14:36 - 2011-04-23 11:44 - 00014948 _____ C:\Users\Folders\Documents\EQUIFAX COMPLAINT.odt
2013-11-17 14:36 - 2011-04-16 12:10 - 00009926 _____ C:\Users\Folders\Documents\PHONE ALAN.odt
2013-11-17 14:36 - 2011-04-10 14:58 - 00008913 _____ C:\Users\Folders\Documents\PICTUREMERGE.odt
2013-11-17 14:36 - 2011-04-10 14:58 - 00008913 _____ C:\Users\Folders\Documents\PASSWORD PICTUREMERGE.odt
2013-11-17 14:36 - 2011-04-04 09:52 - 00010100 _____ C:\Users\Folders\Documents\PASSWORD MS CLEANER.odt
2013-11-17 14:36 - 2011-04-04 09:52 - 00010100 _____ C:\Users\Folders\Documents\MS Cleaner New.odt
2013-11-17 14:36 - 2011-02-24 21:52 - 00018206 _____ C:\Users\Folders\Documents\MAIL PROBLEM.odt
2013-11-17 14:36 - 2011-02-24 21:52 - 00018206 _____ C:\Users\Folders\Documents\EMAIL PROBLEM.odt
2013-11-17 14:36 - 2011-02-11 16:29 - 01172263 _____ C:\Users\Folders\Documents\BARKING DOGS.odt
2013-11-17 14:36 - 2011-02-11 16:29 - 01172263 _____ C:\Users\Folders\Documents\Barking Dog Law.odt
2013-11-17 14:36 - 2011-02-09 10:48 - 00014952 _____ C:\Users\Folders\Documents\PASSWORDS 2011.odt
2013-11-17 14:36 - 2011-02-09 10:48 - 00014952 _____ C:\Users\Folders\Documents\A PSWRDS.odt
2013-11-17 14:36 - 2011-02-08 15:28 - 01391878 _____ C:\Users\Folders\Documents\Untitled 1.odt
2013-11-17 14:36 - 2011-02-07 16:39 - 00008774 _____ C:\Users\Folders\Documents\PASSWORD HCTC.odt
2013-11-17 14:36 - 2011-02-07 16:39 - 00008774 _____ C:\Users\Folders\Documents\HCTC PASSWORD.odt
2013-11-17 14:36 - 2011-02-07 16:39 - 00008774 _____ C:\Users\Folders\Documents\HCTC ACCOUNT.odt
2013-11-17 14:36 - 2011-02-05 14:06 - 00009133 _____ C:\Users\Folders\Documents\LOCO F7 GRILL PAINT.odt
2013-11-17 14:36 - 2011-02-05 14:06 - 00009133 _____ C:\Users\Folders\Documents\F7 GRILL PAINT.odt
2013-11-17 14:36 - 2011-02-05 14:05 - 00009332 _____ C:\Users\Folders\Documents\PASSWORD WIN7.odt
2013-11-17 14:36 - 2011-02-05 13:57 - 00010733 _____ C:\Users\Folders\Documents\PASSWORD MS COMPUTER.odt
2013-11-17 14:36 - 2011-01-17 14:02 - 00000145 _____ C:\Users\Folders\Documents\indexfile.txt
2013-11-17 14:36 - 2007-12-23 15:31 - 00016384 _____ C:\Users\Folders\Documents\CAM FORMAT.wps
2013-11-17 14:36 - 2007-11-01 13:14 - 00013312 _____ C:\Users\Folders\Documents\BEND APT 5.wps
2013-11-17 14:36 - 2007-11-01 13:04 - 00011776 _____ C:\Users\Folders\Documents\BEND APT 4.wps
2013-11-17 14:36 - 2007-11-01 12:37 - 00012800 _____ C:\Users\Folders\Documents\BEND APT 3.wps
2013-11-17 14:32 - 2013-11-21 20:43 - 00000000 ____D C:\Users\Folders\Documents\SoftMaker
2013-11-17 14:32 - 2013-11-17 14:36 - 00000000 ____D C:\Users\Folders\Documents\LICENSES PASSWORDS
2013-11-17 14:32 - 2013-11-17 14:32 - 00000000 ____D C:\Users\Folders\Documents\BEND APT
2013-11-17 14:32 - 2012-02-07 19:54 - 00004534 _____ C:\Users\Folders\Documents\NETTALK CONTACT.odt
2013-11-17 14:32 - 2011-11-18 13:52 - 00004854 _____ C:\Users\Folders\Documents\ALAN DOUGLASS.odt
2013-11-17 14:32 - 2011-09-07 16:24 - 00000152 _____ C:\Users\Folders\Documents\NETWORK PASSWORD.txt
2013-11-17 14:32 - 2011-07-19 11:32 - 00015307 _____ C:\Users\Folders\Documents\PROPERTY TAX WHISNET.odt
2013-11-17 14:32 - 2011-07-19 11:12 - 00026513 _____ C:\Users\Folders\Documents\PROP TAX DEFERRAL.odt
2013-11-17 14:32 - 2011-05-14 12:53 - 00023220 _____ C:\Users\Folders\Documents\BARK DOG 3.odt
2013-11-17 14:32 - 2011-05-12 18:14 - 00020283 _____ C:\Users\Folders\Documents\BARK DOG 1.odt
2013-11-17 14:32 - 2011-04-16 12:10 - 00009926 _____ C:\Users\Folders\Documents\PHONES ALAN.odt
2013-11-17 14:32 - 2011-02-11 16:29 - 01172263 _____ C:\Users\Folders\Documents\BARK LAW.odt
2013-11-17 14:32 - 2011-02-05 14:08 - 00010374 _____ C:\Users\Folders\Documents\HOUSE PAINTS.odt
2013-11-17 14:32 - 2011-02-05 14:03 - 00011368 _____ C:\Users\Folders\Documents\VERIZON MODEM.odt
2013-11-17 14:32 - 2011-02-05 13:54 - 00010142 _____ C:\Users\Folders\Documents\PHONES MICROSOFT.odt
2013-11-17 14:32 - 2011-01-14 16:12 - 00009216 _____ C:\Users\Folders\Documents\Untitled Document.wps
2013-11-17 14:32 - 2009-01-29 14:24 - 00010752 _____ C:\Users\Folders\Documents\RES 3.wps
2013-11-17 14:32 - 2009-01-21 13:05 - 00001769 _____ C:\Users\Folders\Documents\REF ATT.txt
2013-11-17 14:32 - 2009-01-14 16:20 - 00012800 _____ C:\Users\Folders\Documents\RES 1.wps
2013-11-17 14:32 - 2008-08-13 18:53 - 00010240 _____ C:\Users\Folders\Documents\RES 4.wps
2013-11-17 13:32 - 2013-11-17 13:38 - 00000195 _____ C:\Users\Folders\Desktop\Calendar.url
2013-11-16 15:23 - 2013-11-16 19:25 - 00000000 ____D C:\Program Files\Media Preview
2013-11-16 15:23 - 2013-11-16 15:23 - 00000000 ____D C:\Program Files (x86)\Media Preview
2013-11-16 12:59 - 2013-11-24 16:20 - 00000000 ____D C:\Users\Folders\AppData\Roaming\Foxit Software
2013-11-16 12:59 - 2013-11-16 12:59 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2013-11-16 12:52 - 2013-11-16 12:53 - 00009555 _____ C:\Users\Folders\Documents\A ISA.odt
2013-11-16 12:41 - 2013-11-16 12:47 - 03911164 _____ C:\Users\Folders\Documents\CENTURYLINK ACTIONTEC.tif
2013-11-16 12:32 - 2013-11-16 14:06 - 00014336 ____H C:\Users\Folders\Documents\photothumb.db
2013-11-15 21:01 - 2013-11-17 13:45 - 00001042 _____ C:\Users\Folders\Desktop\PhotoScape.lnk
2013-11-15 21:01 - 2013-11-15 21:03 - 00000000 ____D C:\Users\Folders\AppData\Roaming\PhotoScape
2013-11-15 21:01 - 2013-11-15 21:02 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-11-15 18:36 - 2013-11-15 18:36 - 00000912 _____ C:\Windows\SysWOW64\MY_STYLE.STY
2013-11-15 18:29 - 2013-12-01 16:10 - 00000000 ____D C:\Users\Folders\AppData\Local\CrashDumps
2013-11-15 14:10 - 2013-11-15 14:10 - 54390784 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-11-15 14:10 - 2013-11-15 14:10 - 45219840 _____ C:\Windows\system32\config\COMPONENTS.iobit
2013-11-15 14:10 - 2013-11-15 14:10 - 00913408 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-11-15 14:10 - 2013-11-15 14:10 - 00061440 _____ C:\Windows\system32\config\SAM.iobit
2013-11-15 14:10 - 2013-11-15 14:10 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2013-11-15 13:29 - 2013-11-15 13:29 - 00000000 ____D C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-11-15 13:01 - 2013-11-15 13:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 21:35 - 2013-11-16 12:14 - 00000000 ____D C:\Users\Folders\AppData\Local\Qwest
2013-11-14 15:05 - 2013-11-14 15:05 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-11-14 13:23 - 2013-04-16 23:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-11-14 13:23 - 2013-04-16 22:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-11-14 13:22 - 2013-04-09 15:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-11-14 13:22 - 2013-04-02 14:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-11-13 18:49 - 2013-10-16 10:18 - 00439296 _____ (Adpeak, Inc.) C:\Windows\system32\AdpeakProxy64.dll
2013-11-13 18:49 - 2013-10-16 10:18 - 00338944 _____ (Adpeak, Inc.) C:\Windows\SysWOW64\AdpeakProxy.dll
2013-11-13 18:11 - 2013-12-02 14:32 - 00000000 ____D C:\Users\Folders\AppData\Roaming\vlc
2013-11-13 18:09 - 2013-11-13 18:09 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-11-13 17:34 - 2013-11-13 17:34 - 00002219 _____ C:\Users\Public\Desktop\Earth.lnk
2013-11-13 17:26 - 2013-11-17 13:42 - 00001212 _____ C:\Users\Folders\Desktop\Creator.lnk
2013-11-13 17:26 - 2013-05-27 17:48 - 01005928 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2013-11-13 17:26 - 2011-02-17 14:37 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2013-11-13 17:26 - 2011-02-17 14:37 - 00487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll
2013-11-13 17:26 - 2011-02-17 14:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2013-11-13 17:21 - 2013-11-13 17:21 - 00001755 _____ C:\Users\Folders\Desktop\Yard.lnk
2013-11-13 17:20 - 2013-11-15 20:12 - 00000000 ____D C:\Users\Folders\AppData\Roaming\AVS4YOU
2013-11-13 17:20 - 2013-11-13 17:26 - 00000000 ____D C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2013-11-13 17:19 - 2013-11-13 17:21 - 00001248 _____ C:\Users\Folders\Desktop\Converter.lnk
2013-11-13 17:19 - 2013-11-13 17:21 - 00001212 _____ C:\Users\Folders\Desktop\Editor.lnk
2013-11-13 17:19 - 2013-11-13 17:20 - 00000000 ____D C:\ProgramData\AVS4YOU
2013-11-13 17:18 - 2013-11-13 17:26 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2013-11-13 17:18 - 2011-06-23 13:26 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2013-11-13 17:18 - 2011-06-23 13:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2013-11-13 17:08 - 2013-12-03 22:31 - 00000000 ____D C:\Users\Folders\AppData\Roaming\IDM
2013-11-13 17:08 - 2013-12-03 19:39 - 00000000 ____D C:\Users\Folders\Downloads\Video
2013-11-13 17:08 - 2013-12-03 19:39 - 00000000 ____D C:\Users\Folders\Downloads\Compressed
2013-11-13 17:08 - 2013-12-03 17:58 - 00000000 ____D C:\Users\Folders\AppData\Roaming\DMCache
2013-11-13 17:08 - 2013-11-21 20:43 - 00000000 ____D C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2013-11-13 17:08 - 2013-11-21 20:43 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-11-13 17:08 - 2013-11-17 13:44 - 00001020 _____ C:\Users\Folders\Desktop\Downloader.lnk
2013-11-13 17:08 - 2013-11-13 17:08 - 00000000 ____D C:\ProgramData\IDM
2013-11-13 16:52 - 2013-11-17 13:43 - 00001181 _____ C:\Users\Public\Desktop\Defrag.lnk
2013-11-13 16:52 - 2013-05-22 18:49 - 00017720 _____ C:\Windows\system32\Drivers\SmartDefragDriver.sys
2013-11-13 16:24 - 2013-11-16 12:15 - 00013218 _____ C:\Users\Folders\Documents\CENTURYLINK VAULT.odt
2013-11-13 16:18 - 2013-11-13 16:18 - 00000000 ____D C:\Users\Folders\AppData\Roaming\OpenOffice
2013-11-13 16:15 - 2013-11-17 13:44 - 00002293 _____ C:\Users\Public\Desktop\Vault.lnk
2013-11-13 16:14 - 2013-11-13 16:14 - 00000000 ____D C:\Program Files (x86)\CenturyLink Personal Digital Vault
2013-11-13 14:37 - 2013-11-20 14:59 - 00000000 ____D C:\Users\Folders\Norton Zone
2013-11-13 14:37 - 2013-11-15 09:59 - 00000000 ____D C:\Windows\System32\Tasks\Norton Zone
2013-11-13 14:36 - 2013-11-21 20:43 - 00000000 ____D C:\ProgramData\Norton
2013-11-13 14:36 - 2013-11-15 09:52 - 00000000 ____D C:\Windows\system32\Drivers\NZx64
2013-11-13 14:36 - 2013-11-13 14:36 - 00000000 ____D C:\Program Files (x86)\Norton Zone
2013-11-13 14:33 - 2013-11-13 14:33 - 00000000 ____D C:\Windows\Downloaded Installations
2013-11-13 14:24 - 2013-11-15 16:45 - 00000000 ____D C:\Users\Folders\AppData\Local\Plex
2013-11-13 14:23 - 2013-11-13 14:23 - 00000000 ____D C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plex Media Center
2013-11-13 14:23 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-11-13 14:23 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-11-13 13:40 - 2013-11-15 17:29 - 00000000 ____D C:\Users\Folders\AppData\Local\Plex Media Server
2013-11-13 13:40 - 2013-11-13 13:40 - 00000000 ____D C:\Users\Folders\AppData\Local\Apple Computer
2013-11-13 13:39 - 2013-12-03 19:30 - 00000000 ____D C:\ProgramData\Package Cache
2013-11-13 13:39 - 2013-11-13 14:22 - 00000000 ____D C:\Program Files (x86)\Plex
2013-11-13 12:40 - 2013-11-13 12:40 - 00000000 __SHD C:\found.000
2013-11-13 11:43 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-13 11:39 - 2013-11-13 11:39 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 11:39 - 2013-11-13 11:39 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 11:39 - 2013-11-13 11:39 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 11:39 - 2013-11-13 11:39 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-13 11:39 - 2013-11-13 11:39 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-13 11:39 - 2013-11-13 11:39 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-13 11:39 - 2013-11-13 11:39 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-13 11:39 - 2013-11-13 11:39 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-13 11:39 - 2013-11-13 11:39 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-13 11:39 - 2013-11-13 11:39 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-13 11:39 - 2013-11-13 11:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-13 11:39 - 2013-11-13 11:39 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-13 11:39 - 2013-11-13 11:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-13 11:37 - 2013-10-01 18:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-11-13 11:37 - 2013-10-01 18:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-13 11:37 - 2013-10-01 18:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-13 11:37 - 2013-10-01 17:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-11-13 11:37 - 2013-10-01 17:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-11-13 11:37 - 2013-10-01 17:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-11-13 11:37 - 2013-10-01 17:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-13 11:37 - 2013-10-01 16:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2013-11-13 11:37 - 2013-10-01 16:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-11-13 11:37 - 2013-10-01 16:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-11-13 11:37 - 2013-10-01 16:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-11-13 11:37 - 2013-10-01 16:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-11-13 11:37 - 2013-10-01 15:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-11-13 11:37 - 2013-10-01 15:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-11-13 11:37 - 2013-10-01 15:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2013-11-13 11:37 - 2013-10-01 14:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-11-13 11:37 - 2013-10-01 12:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-11-13 11:37 - 2013-10-01 12:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-11-13 11:28 - 2013-01-13 11:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-11-13 11:28 - 2013-01-13 11:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-11-13 11:28 - 2013-01-13 11:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-13 11:28 - 2013-01-03 22:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-11-13 11:28 - 2013-01-03 22:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-11-13 11:27 - 2013-01-13 13:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 13:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 13:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 13:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-11-13 11:27 - 2013-01-13 13:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-11-13 11:27 - 2013-01-13 13:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 12:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 12:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 12:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 12:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-11-13 11:27 - 2013-01-13 12:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-11-13 11:27 - 2013-01-13 12:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 12:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-11-13 11:27 - 2013-01-13 12:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-11-13 11:27 - 2013-01-13 12:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-11-13 11:27 - 2013-01-13 12:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-11-13 11:27 - 2013-01-13 12:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-11-13 11:27 - 2013-01-13 11:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-11-13 11:27 - 2013-01-13 11:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-11-13 11:27 - 2013-01-13 11:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-11-13 11:27 - 2013-01-13 11:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-11-13 11:27 - 2013-01-13 11:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-11-13 11:27 - 2013-01-13 11:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-11-13 11:27 - 2013-01-13 11:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-11-13 11:27 - 2013-01-13 11:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-11-13 11:27 - 2013-01-13 11:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-11-13 11:27 - 2013-01-13 11:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-11-13 11:27 - 2013-01-13 11:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-11-13 11:27 - 2013-01-13 11:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-11-13 11:27 - 2013-01-13 11:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-11-13 11:27 - 2013-01-13 11:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-11-13 11:27 - 2013-01-13 11:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-11-13 11:27 - 2013-01-13 10:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-11-13 11:27 - 2013-01-13 10:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-13 11:27 - 2013-01-13 10:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-11-13 11:27 - 2013-01-13 09:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-11-13 11:27 - 2013-01-13 09:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-11-13 11:22 - 2013-09-24 18:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2013-11-13 11:22 - 2013-09-24 17:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2013-11-12 23:55 - 2013-11-17 13:39 - 00002266 _____ C:\Users\Public\Desktop\Mail.lnk
2013-11-12 23:34 - 2013-12-03 18:00 - 57389056 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2013-11-12 23:34 - 2013-12-03 17:59 - 45219840 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2013-11-12 23:34 - 2013-12-03 17:59 - 00946176 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2013-11-12 23:34 - 2013-12-03 17:59 - 00061440 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2013-11-12 23:34 - 2013-12-03 17:59 - 00032768 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2013-11-12 23:15 - 2013-11-12 23:15 - 00000000 ____D C:\Users\Folders\AppData\Roaming\Malwarebytes
2013-11-12 23:14 - 2013-11-17 13:41 - 00001184 _____ C:\Users\Public\Desktop\Malware.lnk
2013-11-12 23:14 - 2013-11-12 23:15 - 00001120 _____ C:\Users\Public\Desktop\Malbytes.lnk
2013-11-12 23:14 - 2013-11-12 23:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-12 23:14 - 2013-11-12 23:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-12 23:14 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-12 20:06 - 2013-11-12 20:06 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-12 20:06 - 2013-11-12 20:06 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-12 20:06 - 2013-11-12 20:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-12 20:06 - 2013-11-12 20:06 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-12 20:06 - 2013-11-12 20:06 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-12 20:06 - 2013-11-12 20:06 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-12 20:03 - 2013-11-12 20:03 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-12 20:03 - 2013-11-12 20:03 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-12 20:02 - 2013-11-12 20:02 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-12 20:02 - 2013-11-12 20:02 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-12 20:01 - 2013-11-12 20:01 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-12 20:01 - 2013-11-12 20:01 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-12 20:01 - 2013-11-12 20:01 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 20:01 - 2013-11-12 20:01 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-12 20:01 - 2013-11-12 20:01 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-12 20:01 - 2013-11-12 20:01 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-12 20:01 - 2013-11-12 20:01 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-12 20:01 - 2013-11-12 20:01 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-12 20:01 - 2013-11-12 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-12 20:01 - 2013-11-12 20:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-12 20:01 - 2013-11-12 20:01 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-12 20:01 - 2013-11-12 20:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-12 20:01 - 2013-11-12 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-12 20:01 - 2013-11-12 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-12 20:01 - 2013-11-12 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-12 20:00 - 2013-11-12 20:00 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-12 20:00 - 2013-11-12 20:00 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-12 20:00 - 2013-11-12 20:00 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-12 20:00 - 2013-11-12 20:00 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-12 20:00 - 2013-11-12 20:00 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-12 19:59 - 2013-11-12 19:59 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-11-12 19:59 - 2013-11-12 19:59 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-11-12 19:59 - 2013-11-12 19:59 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-11-12 19:59 - 2013-11-12 19:59 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-11-12 19:59 - 2013-11-12 19:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-11-12 19:59 - 2013-11-12 19:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-11-12 19:59 - 2013-11-12 19:59 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-11-12 19:59 - 2013-11-12 19:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-11-12 19:59 - 2013-11-12 19:59 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-11-12 19:58 - 2013-11-12 19:58 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-11-12 19:58 - 2013-11-12 19:58 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-11-12 19:58 - 2013-11-12 19:58 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-11-12 19:58 - 2013-11-12 19:58 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-11-12 19:58 - 2013-11-12 19:58 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-11-12 19:57 - 2013-11-12 19:57 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-12 19:57 - 2013-11-12 19:57 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-12 19:57 - 2013-11-12 19:57 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-12 19:57 - 2013-11-12 19:57 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-12 19:57 - 2013-11-12 19:57 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-12 19:57 - 2013-11-12 19:57 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-12 19:57 - 2013-11-12 19:57 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-12 19:57 - 2013-11-12 19:57 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-12 19:57 - 2013-11-12 19:57 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-12 19:57 - 2013-11-12 19:57 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-11-12 19:57 - 2013-11-12 19:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-12 19:57 - 2013-11-12 19:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-12 19:57 - 2013-11-12 19:57 - 00007680 _____ (Micros
 

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
I'm about ready to give up on sending these truncated messages.....VERY frustrating to both of us I'm certain.
 

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Upload your log file to http://www.megafileupload.com/ and share the download link with me..
 

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
http://www.megafileupload.com/en/file/475515/FARBAR-2-txt.html

http://www.megafileupload.com/en/file/475514/FARBAR-1-txt.html

http://www.megafileupload.com/en/file/475521/OTL-FIX-RESULTS-txt.html

I didn't realize I could combine these three until I was finished.
 

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Please download zoek.zip or zoek.rar by smeenk (
Zoek_icon.png
) from here or here and save it to your Desktop.
Unpack the archive...
  • Close any open browsers
  • Temporarily disable your AntiVirus program. (If necessary)
    If you are unsure how to do this please read this or this Instruction.
  • Double click on zoek.exe to run the tool .
    Please wait while the tool does not start...
  • Copy the text present inside the code box below and paste it into the large window in the zoek tool:

    Code:
    emptyclsid;
    shortcutfix;
    emptyalltemp; 
    autoclean;
  • Click on
    Run%20Script%20by%20zoek.png
    button.
    Please wait until a logreport will open (this can be after reboot)
  • Save notepad to your Desktop and attach here zoek-results.log
    Note: It will also create a log in the C:\ directory named "zoek-results.log"
 

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
zoek-results.log


Zoek.exe Version 4.0.0.5 Updated 05-December-2013
Tool run by Folders on Thu 12/05/2013 at 10:16:21.78.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Folders\Desktop\zoek.scr [Script inserted]

==== System Restore Info ======================

12/5/2013 10:20:10 AM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20131205_1029_.backup

==== Deleting Files \ Folders ======================

C:\ProgramData\Malwarebytes' Anti-Malware (portable) deleted
C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\found.000 deleted
C:\Users\Folders\AppData\Roaming\eCyber deleted
C:\ProgramData\Package Cache deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\Invalidprefs.js deleted
C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\CT3153924 deleted
C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\CT3306061 deleted
C:\Users\Folders\Desktop\Downloader.lnk deleted
"C:\PROGRA~2\Internet Download Manager\IDMan.exe" deleted
"C:\PROGRA~2\Internet Download Manager\idmindex.dll" deleted
"C:\PROGRA~2\Internet Download Manager\idmmkb.dll" deleted
"C:\PROGRA~2\Internet Download Manager\IDMNetMon64.dll" deleted
"C:\PROGRA~2\Internet Download Manager\IDMShellExt64.dll" deleted
"C:\PROGRA~2\Internet Download Manager\IEMonitor.exe" deleted
"C:\ProgramData\boost_interprocess\20131205050332.375200\plex_frame_mutex" deleted
"C:\PROGRA~2\Internet Download Manager" not deleted
"C:\ProgramData\boost_interprocess" not deleted
"C:\ProgramData\boost_interprocess\20131205050332.375200" not deleted

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"mozilla_cc@internetdownloadmanager.com"="C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5" [12/05/2013 05:43 AM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default
- IDM CC - C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5
- Ads Removal - %ProfilePath%\extensions\adsremoval@adsremoval.net

==== Firefox Plugins ======================

Profilepath: C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default
EE8D96E7899D12FC3AA5DB2034C0853C - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll - Shockwave Flash


==== Deleted Firefox Extensions ======================

C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\extensions\adsremoval@adsremoval.net deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[11/11/2013 07:32 PM]
jeaohhlajejodfjadcponpnjgkiikocn - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx[]
jonjajmpblmjkhjemkalbddhodlehkfg - C:\Users\Folders\AppData\Local\CRE\jonjajmpblmjkhjemkalbddhodlehkfg.crx[]
lipgolpfajiadodbcbljdpmbmbdmfcil - C:\Users\Folders\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx[]
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[10/12/2013 01:04 PM]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\Folders\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[11/19/2013 06:58 PM]
jonjajmpblmjkhjemkalbddhodlehkfg - C:\Users\Folders\AppData\Local\CRE\jonjajmpblmjkhjemkalbddhodlehkfg.crx[]
lipgolpfajiadodbcbljdpmbmbdmfcil - C:\Users\Folders\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx[]

Ads Removal - Folders - Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod
avast Online Security - Folders - Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
IDM Integration Module - Folders - Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn
Advanced SystemCare Surfing Protection - Folders - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

==== Chrome Fix ======================

C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully
C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully
C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod deleted successfully
C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkcefkcdkepgkpbgncjchhbjgoanleod deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3821494161-1811066229-1795245934-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_USERS\S-1-5-21-3821494161-1811066229-1795245934-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Folders\Desktop\Cleanup.lnk - C:\Windows\system32\cleanmgr.exe
C:\Users\Folders\Desktop\Converter.lnk - C:\Program Files (x86)\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe
C:\Users\Folders\Desktop\Creator.lnk - C:\Program Files (x86)\AVS4YOU\AVSDiscCreator\AVSDiscCreator.exe
C:\Users\Folders\Desktop\Drive.lnk - C:\Users\Folders\Google Drive
C:\Users\Folders\Desktop\Editor.lnk - C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe
C:\Users\Folders\Desktop\Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Folders\Desktop\HD Convert.lnk - C:\Users\Folders\Documents\WonderFox Soft\HD Video Converter Factory Pro\HD Video Converter Factory.exe
C:\Users\Folders\Desktop\Panorama.lnk - C:\Windows\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_0CE5D65C672A59FCFADCFA.exe
C:\Users\Folders\Desktop\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Folders\Desktop\Printer.lnk -
C:\Users\Folders\Desktop\SpyHunter.lnk - C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Users\Folders\Desktop\Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
C:\Users\Folders\Desktop\Update.lnk - C:\Windows\system32\wuapp.exe startmenu
C:\Users\Folders\Desktop\Yard.lnk - C:\YardOffice\yardoffice.exe
C:\Users\UpdatusUser\Desktop\HD Video Converter Factory Pro.lnk - C:\Users\Folders\Documents\WonderFox Soft\HD Video Converter Factory Pro\HD Video Converter Factory.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Avast.lnk - C:\Program Files (x86)\AVAST Software\Avast\AvastUI.exe
C:\Users\Public\Desktop\Care.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Daminion.lnk - C:\Program Files (x86)\Daminion Software\Daminion\Daminion.exe
C:\Users\Public\Desktop\Defrag.lnk - C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Users\Public\Desktop\Drivers.lnk - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
C:\Users\Public\Desktop\Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
C:\Users\Public\Desktop\Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Mail.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Malbytes.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Malware.lnk - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
C:\Users\Public\Desktop\Office.lnk - C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
C:\Users\Public\Desktop\RegHunter.lnk - C:\Program Files (x86)\Enigma Software Group\RegHunter\RegHunter.exe
C:\Users\Public\Desktop\Scanner.lnk - C:\Program Files (x86)\Canon\MP Navigator EX 1.2\mpnex12.exe
C:\Users\Public\Desktop\Vault.lnk - C:\Program Files (x86)\CenturyLink Personal Digital Vault\CenturyLinkPersonalDigitalVault.exe
C:\Users\Public\Desktop\WinTV 7.lnk - C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Uninstall.lnk - C:\Program Files (x86)\AVS4YOU\Uninstall.exe
C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Grabber Help.lnk - C:\Program Files (x86)\Internet Download Manager\grabber.chm
C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\IDM Help.lnk - C:\Program Files (x86)\Internet Download Manager\idman.chm
C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Internet Download Manager.lnk - C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\license.lnk - C:\Program Files (x86)\Internet Download Manager\license.txt
C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\TUTORIALS.lnk - C:\Program Files (x86)\Internet Download Manager\tutor.chm
C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Uninstall IDM.lnk - C:\Program Files (x86)\Internet Download Manager\Uninstall.exe
C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plex Media Center\Plex.lnk - C:\Program Files (x86)\Plex\Plex Media Center\Plex.exe
C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plex Media Center\Uninstall Plex.lnk - C:\Program Files (x86)\Plex\Plex Media Center\Uninstall.exe
C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter Emergency Startup.lnk - C:\Windows\explorer.exe "C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4.com"
C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter.lnk - C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\Uninstall SpyHunter.lnk - C:\Windows\SysWOW64\msiexec.exe /X {CD09642E-061D-4844-BA37-ED1480916404}

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk - C:\Windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Toolbox.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /toolbox
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Turbo Boost.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /turboboost
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Uninstall Advanced SystemCare.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Activation.lnk - C:\Program Files (x86)\AVS4YOU\Registration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Help.lnk - C:\Program Files (x86)\AVS4YOU\AVS4YOUHelp.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\License Agreement.lnk - C:\Program Files (x86)\AVS4YOU\License Agreement.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Burning\AVS Disc Creator.lnk - C:\Program Files (x86)\AVS4YOU\AVSDiscCreator\AVSDiscCreator.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Video\AVS Disc Creator.lnk - C:\Program Files (x86)\AVS4YOU\AVSDiscCreator\AVSDiscCreator.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Video\AVS Video Converter.lnk - C:\Program Files (x86)\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Video\AVS Video Editor.lnk - C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BabelSoft\Media Preview\Media Preview Configuration.lnk - C:\Windows\Installer\{9EE88DE0-9E1C-43E5-9827-4C3EEB0DDE5E}\Icon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BabelSoft\Media Preview\Uninstall Media Preview.lnk - C:\Windows\SysWOW64\msiexec.exe /x {9EE88DE0-9E1C-43E5-9827-4C3EEB0DDE5E}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP190 series\MP Drivers Uninstaller.lnk - C:\Windows\System32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series\DelDrv.exe /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series /L0x0009
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP190 series\Readme.lnk - C:\Program Files (x86)\CanonBJ\IJPrinter\Canon MP190 series\readme_English.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 1.2\MP Navigator EX 1.2.lnk - C:\Program Files (x86)\Canon\MP Navigator EX 1.2\mpnex12.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 1.2\MP Navigator EX Readme.lnk - C:\Program Files (x86)\Canon\MP Navigator EX 1.2\Readme.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 1.2\MP Navigator EX Uninstall.lnk - C:\Program Files (x86)\Canon\MP Navigator EX 1.2\Maint.exe /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 1.2\uninst.ini
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CenturyLink Personal Digital Vault™\CenturyLink Personal Digital Vault.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daminion Software\Daminion\Daminion.lnk - C:\Program Files (x86)\Daminion Software\Daminion\Daminion.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daminion Software\Daminion\Uninstall Daminion.lnk - C:\Program Files (x86)\Daminion Software\Daminion\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster\Driver Booster.lnk - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster\Uninstall Driver Booster.lnk - C:\Program Files (x86)\IObit\Driver Booster\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in DirectX mode.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe -setDX
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in OpenGL mode.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe -setOGL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth .lnk - C:\Windows\SysWOW64\msiexec.exe /x {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\Restart IR.lnk - C:\Program Files (x86)\WinTV\Ir.exe /QUIET
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\Signal Monitor.lnk - C:\Program Files (x86)\WinTV\Signal Monitor\hcwSigMon.exe -tray
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\Stop Hauppauge TV Server.lnk - C:\Program Files (x86)\WinTV\TVServer\RestartTVServer.exe stop
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\Stop IR.lnk - C:\Program Files (x86)\WinTV\Ir.exe /QUIT
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\Uninstall WinTV 7.lnk - C:\Program Files (x86)\InstallShield Installation Information\unwintv7.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\WinTV 7.lnk - C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\WinTV v7 Help.lnk - C:\Users\Public\WinTV\Help\English\WinTV7.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\Advanced Options\Empty Channel Database.lnk - C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe -emptydb
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\Advanced Options\Erase Channel Database.lnk - C:\Program Files (x86)\WinTV\WinTV7\EraseDatabase.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\Advanced Options\Open additional WinTV window.lnk - C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe -multi
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\Advanced Options\Open Recordings (only).lnk - C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe -recordings
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV\Advanced Options\Open Scheduler (only).lnk - C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe -scheduler
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Grabber Help.lnk - C:\Program Files (x86)\Internet Download Manager\grabber.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\IDM Help.lnk - C:\Program Files (x86)\Internet Download Manager\idman.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Internet Download Manager.lnk - C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\license.lnk - C:\Program Files (x86)\Internet Download Manager\license.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\TUTORIALS.lnk - C:\Program Files (x86)\Internet Download Manager\tutor.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Uninstall IDM.lnk - C:\Program Files (x86)\Internet Download Manager\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter\IObit Malware Fighter.lnk - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter\Uninstall IObit Malware Fighter.lnk - C:\Program Files (x86)\IObit\IObit Malware Fighter\unins001.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Help.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\help.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Uninstall IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe uninstall_start
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft ICE\Microsoft ICE.lnk - C:\Windows\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_0CE5D65C672A59FCFADCFA.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Zone\Norton Zone.LNK - C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe /r /m "C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZPlugin.dll?{6AFEDB27-41A3-4307-8962-B5C7429976D1}" /startmenu
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Zone\Uninstall Norton Zone.LNK - C:\Program Files (x86)\NortonInstaller\{BF22D0A7-A98B-4726-B4EF-7012A75D3669}\NZ\LicenseType\1.0.15.13\InstStub.exe /X /shortcut
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Base.lnk - C:\Program Files (x86)\OpenOffice 4\program\sbase.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Calc.lnk - C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Writer.lnk - C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice.lnk - C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\Uninstall PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server\Plex Media Server.lnk - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter\RegHunter.lnk - C:\Program Files (x86)\Enigma Software Group\RegHunter\RegHunter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter\Uninstall RegHunter.lnk - C:\Windows\SysWOW64\msiexec.exe /X {F94A63D7-9A61-403B-8F6F-90B1BF77211A}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2\Smart Defrag 2.lnk - C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2\Uninstall Smart Defrag 2.lnk - C:\Program Files (x86)\IObit\Smart Defrag 2\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer\SoftMaker Web site.lnk - C:\Program Files (x86)\SoftMaker Viewer\index.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer\TextMaker Viewer.lnk - C:\Program Files (x86)\SoftMaker Viewer\TMViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk - C:\Program Files (x86)\WinTV\Ir.exe /QUIET
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk - C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WonderFox Soft\HD Video Converter Factory Pro\Buy HD Video Converter Factory Pro on online.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WonderFox Soft\HD Video Converter Factory Pro\HD Video Converter Factory Pro on the web.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WonderFox Soft\HD Video Converter Factory Pro\HD Video Converter Factory Pro.lnk - C:\Users\Folders\Documents\WonderFox Soft\HD Video Converter Factory Pro\HD Video Converter Factory.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WonderFox Soft\HD Video Converter Factory Pro\Uninstall.lnk - C:\Users\Folders\Documents\WonderFox Soft\HD Video Converter Factory Pro\Unin00000.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Folders\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Folders\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Folders\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Folders\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Folders\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Folders\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Folders\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Magnify.lnk - C:\Windows\system32\magnify.exe
C:\Users\Folders\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk -
C:\Users\Folders\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jonjajmpblmjkhjemkalbddhodlehkfg deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\jonjajmpblmjkhjemkalbddhodlehkfg deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Internet Download Manager deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Folders\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Folders\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Folders\AppData\Local\Mozilla\Firefox\Profiles\333rko86.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Folders\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Folders\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\Internet Download Manager" not found
"C:\ProgramData\boost_interprocess" not found

==== EOF on Thu 12/05/2013 at 10:44:53.50 ======================
 

hunzeker

New Member
Thread author
Verified
Nov 23, 2013
29
I have seen no Scorpion/Adpeak popups for nearly 3 days now. However I unexpectedly found a plugin called "AD REMOVAL 1.1.0" which I don't recall seeing before. Is it, and "VistaWUWeb control" ok?
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top