Reply to thread

Message: <blockquote data-quote="hunzeker" data-source="post: 146685" data-attributes="member: 15154">I guess I don't understand.  What do you mean by "PM"?  I thought I sent it again on 12/01.I'll try again with this replay, but won't it just cut-off the bottom of the scan results like it has done twice before?OTL logfile created on: 11/30/2013 1:48:24 PM - Run 3OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Folders\Downloads\Programs64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.11.9600.16428)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 60.23% Memory free8.00 Gb Paging File | 6.27 Gb Available in Paging File | 78.45% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 372.51 Gb Total Space | 319.75 Gb Free Space | 85.84% Space Free | Partition Type: NTFSDrive I: | 1.87 Gb Total Space | 1.37 Gb Free Space | 73.44% Space Free | Partition Type: NTFSDrive J: | 298.09 Gb Total Space | 119.38 Gb Free Space | 40.05% Space Free | Partition Type: NTFSDrive K: | 465.76 Gb Total Space | 277.05 Gb Free Space | 59.48% Space Free | Partition Type: NTFS Computer Name: WIN7 | User Name: Folders | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All users | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Folders\Downloads\Programs\OTL_2.exe (OldTimer Tools)PRC - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)PRC - C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe (Google Inc.)PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)PRC - C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe (Symantec Corporation)PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe (Plex, Inc.)PRC - C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Python Software Foundation)PRC - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)PRC - C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)PRC - C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe (Hauppauge Computer Works)PRC - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)  ========== Modules (No Company Name) ========== MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pysqlite2._sqlite.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32com.shell.shell.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_elementtree.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32api.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_socket.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_multiprocessing.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32ts.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._gdi_.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._misc_.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\windows._cacheinvalidation.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pythoncom27.dll ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\PyWinTypes27.dll ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_ctypes.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._html2.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32profile.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32crypt.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._core_.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_ssl.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32security.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32pdh.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._windows_.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\_hashlib.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._wizard.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32file.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32inet.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32process.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\wx._controls_.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\unicodedata.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\pyexpat.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\win32event.pyd ()MOD - C:\Users\Folders\AppData\Local\Temp\_MEI30602\select.pyd ()MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\tag.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\swscale-0.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\avutil-50.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\avcodec-52.dll ()MOD - C:\Program Files (x86)\Plex\Plex Media Server\avformat-52.dll ()  ========== Services (SafeList) ========== SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)SRV:64bit: - (GenieTimelineService) -- C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe (Genie9)SRV:64bit: - (SpyHunter 4 Service) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)SRV:64bit: - (AdpeakProxy) -- C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Adpeak, Inc.)SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)SRV - (NZ) -- C:\Program Files (x86)\Norton Zone\Engine\1.0.15.13\NZ.exe (Symantec Corporation)SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)SRV - (AdvancedSystemCareService7) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)SRV - (HauppaugeTVServer) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)SRV - (IMFservice) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)SRV - (Hauppauge WinTV Extender) -- C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe (Hauppauge Computer Works, Inc)SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)  ========== Driver Services (SafeList) ========== DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)DRV:64bit: - (ccSet_NZ) -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\ccSetx64.sys (Symantec Corporation)DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys ()DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)DRV:64bit: - (EsgScanner) -- C:\Windows\SysNative\drivers\EsgScanner.sys ()DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys ()DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)DRV:64bit: - (hcw18bda) -- C:\Windows\SysNative\drivers\hcw18bda.sys (Hauppauge Computer Works, Inc)DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)DRV:64bit: - (FETNDIS) -- C:\Windows\SysNative\drivers\fet6x64.sys (VIA Technologies, Inc.              )DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)DRV - (UrlFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys (IObit.com)DRV - (RegFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys (IObit.com)DRV - (FileMonitor) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys (IObit)DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)  ========== Standard Registry (All) ==========  ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htmIE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC  IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SRIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SRIE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =  IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =  IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htmIE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = PreserveIE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehpIE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usIE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRCIE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)IE - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003\..\SearchScopes,DefaultScope =  ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Google"FF - prefs.js..browser.search.defaultenginename: "Bing"FF - prefs.js..browser.search.order.1: "Google"FF - prefs.js..browser.search.selectedEngine: "Bing"FF - prefs.js..browser.search.suggest.enabled: falseFF - prefs.js..browser.search.useDBForOrder: trueFF - prefs.js..browser.startup.homepage: "https://www.google.com/"FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.64FF - prefs.js..network.proxy.type: 0FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKEY_CURRENT_USER\software\mozilla\Firefox\EXTENSIONS\\mozilla_cc@internetdownloadmanager.com: C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5 [2013/11/25 23:33:11 | 000,000,000 | ---D | M]FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Folders\AppData\Roaming\IDM\idmmzcc5 [2013/11/25 23:33:11 | 000,000,000 | ---D | M] [2013/11/11 20:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Folders\AppData\Roaming\Mozilla\Extensions[2013/11/28 18:09:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\extensions[2013/11/21 20:32:24 | 000,007,911 | ---- | M] () -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\searchplugins\Google.xml[2013/11/12 18:51:42 | 000,000,905 | ---- | M] () -- C:\Users\Folders\AppData\Roaming\Mozilla\Firefox\Profiles\333rko86.default\searchplugins\yahoo_ff.xml[2013/11/25 23:30:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions[2013/11/25 23:33:11 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\FOLDERS\APPDATA\ROAMING\IDM\IDMMZCC5 ========== Chrome  ========== CHR - default_search_provider: Google (Enabled)CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite117" alt=":eek:" title="Eek!    :eek:" loading="lazy" data-shortname=":eek:" />riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite117" alt=":eek:" title="Eek!    :eek:" loading="lazy" data-shortname=":eek:" />mniboxStartMarginParameter}ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite115" alt=":p" title="Stick out tongue    :p" loading="lazy" data-shortname=":p" />ageClassification}sugkey={google:suggestAPIKeyParameter},CHR - Extension: Google Drive = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\CHR - Extension: avast! Online Security = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_1\CHR - Extension: IDM Integration Module = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.7_1\CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\CHR - Extension: Google Wallet = C:\Users\Folders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1\ O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hostsO2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\8d25ed94-bb32-4930-87d7-4c74dc4f01ce.exe (AVAST Software)O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)O4 - HKLM..\Run: [Qwest Personal Digital Vault] "C:\Program Files (x86)\CenturyLink Personal Digital Vault\QwestPersonalDigitalVault.exe" /m File not foundO4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [GoogleChromeAutoLaunch_4D58BC9D6CE41938B37776A7615543AA] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [GoogleDriveSync] c:\program files (x86)\google\drive\googledrivesync.exe (Google)O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001..\Run: [Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)O4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundO4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundO4 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O7 - HKU\S-1-5-21-3821494161-1811066229-1795245934-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)O1364bit: - gopher Prefix: missingO13 - gopher Prefix: missingO17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9174F4D4-A1F3-4903-AEC4-365046D8E2F9}: DhcpNameServer = 192.168.0.1 205.171.2.25O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)O31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2013/11/23 15:11:00 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *)O35:64bit: - HKLM\..comfile [open] -- "%1" %*O35:64bit: - HKLM\..exefile [open] -- "%1" %*O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/11/30 13:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs[2013/11/30 13:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP[2013/11/28 16:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab[2013/11/28 14:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\ScorpionSaver Services[2013/11/28 12:11:21 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\IDM2[2013/11/28 11:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Genie9[2013/11/28 11:34:39 | 000,000,000 | ---D | C] -- C:\0f4b1c2beb7b6dabc8ddb5daad65d67a[2013/11/28 10:18:12 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\autorun[2013/11/27 20:18:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter[2013/11/27 20:10:07 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Systweak[2013/11/27 20:10:06 | 000,019,392 | ---- | C] (Dll-Files.com) -- C:\Windows\SysNative\roboot64.exe[2013/11/27 16:08:43 | 000,000,000 | ---D | C] -- C:\b1e34f6098ca96049f4c[2013/11/27 16:06:54 | 000,000,000 | ---D | C] -- C:\4d3d87bbdec4022af663ac6a6c75[2013/11/27 16:04:12 | 000,000,000 | ---D | C] -- C:\f287f11a16765c212c1b6c[2013/11/27 16:01:31 | 000,000,000 | ---D | C] -- C:\e407f43d348aefaebea4b46177[2013/11/27 16:00:45 | 000,000,000 | ---D | C] -- C:\5733db8184d72843ca1e49ed71b62fc1[2013/11/27 15:59:42 | 000,000,000 | ---D | C] -- C:\31b674d54c6afb206866[2013/11/27 13:29:55 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter[2013/11/27 13:29:53 | 000,000,000 | ---D | C] -- C:\sh4ldr[2013/11/26 20:55:06 | 000,000,000 | ---D | C] -- C:\Windows\Migration[2013/11/26 20:55:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi[2013/11/26 20:53:44 | 000,000,000 | ---D | C] -- C:\7b324cffb58ae272b47de342[2013/11/26 18:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)[2013/11/26 16:37:17 | 000,047,064 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys[2013/11/26 13:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinTV[2013/11/26 13:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Hauppauge[2013/11/26 13:48:29 | 000,000,000 | ---D | C] -- C:\Hauppauge[2013/11/26 13:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess[2013/11/25 23:28:31 | 000,000,000 | ---D | C] -- C:\_OTL[2013/11/25 22:58:22 | 000,000,000 | ---D | C] -- C:\Windows\tasks\TaskDisabled[2013/11/23 15:10:09 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group[2013/11/23 15:09:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard[2013/11/22 16:51:16 | 000,038,672 | ---- | C] (PCTV Systems S.à r.l.) -- C:\Windows\SysWow64\pcleUtil.dll[2013/11/22 16:51:00 | 000,831,554 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwtvwnd.dll[2013/11/22 16:51:00 | 000,323,640 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwpnp32.dll[2013/11/22 16:51:00 | 000,118,840 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwi2c32.dll[2013/11/22 16:51:00 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwutl32.dll[2013/11/22 16:48:57 | 000,912,896 | ---- | C] (Hauppauge Computer Works, Inc) -- C:\Windows\SysNative\drivers\hcw18bda.sys[2013/11/22 16:48:57 | 000,139,264 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysNative\hcw18prop.ax[2013/11/22 16:48:57 | 000,117,248 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\hcw18CCv.ax[2013/11/22 12:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro[2013/11/22 10:51:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT[2013/11/22 10:39:45 | 000,000,000 | ---D | C] -- C:\AdwCleaner[2013/11/21 20:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group[2013/11/21 20:22:10 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Adobe[2013/11/21 19:29:38 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\eCyber[2013/11/21 14:10:52 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Real[2013/11/21 14:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Real[2013/11/20 18:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genie9[2013/11/20 18:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Genie9[2013/11/20 17:58:48 | 000,000,000 | R--D | C] -- C:\Users\Folders\Desktop\Backup[2013/11/20 17:58:47 | 000,000,000 | R--D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp[2013/11/20 17:58:47 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup[2013/11/20 17:57:45 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Genie9[2013/11/19 19:02:59 | 000,000,000 | R--D | C] -- C:\Users\Folders\Google Drive[2013/11/19 14:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer[2013/11/19 14:36:59 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer[2013/11/19 14:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftMaker Viewer[2013/11/18 19:25:06 | 000,032,600 | ---- | C] (IObit) -- C:\Windows\SysNative\SmartDefragBootTime.exe[2013/11/17 17:02:28 | 000,000,000 | ---D | C] -- C:\Users\Folders\Rail Temp[2013/11/17 14:51:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office[2013/11/17 14:51:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache[2013/11/17 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\DOGS[2013/11/17 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\Documents[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\DISPUTES[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\Booknizer[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\APARTMENTS[2013/11/17 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\AA QWEST[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\WAB[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\VERIZON[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\TAXES[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\RES REF[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\PROP TAX[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\PASSWORDS[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\OLD EMAILS[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\OLD APT[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\LICENSES[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\EMAILS[2013/11/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\EMAIL ADDRESSES[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\SoftMaker[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\LICENSES PASSWORDS[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\BEND APT[2013/11/17 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\Folders\Documents\AppData[2013/11/16 15:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Media Preview[2013/11/16 15:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Media Preview[2013/11/16 15:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BabelSoft[2013/11/16 13:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Research[2013/11/16 13:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft ICE[2013/11/16 12:59:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Foxit Software[2013/11/16 12:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software[2013/11/15 21:01:58 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\PhotoScape[2013/11/15 21:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape[2013/11/15 21:01:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape[2013/11/15 18:29:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\CrashDumps[2013/11/15 13:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}[2013/11/15 13:24:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller[2013/11/15 13:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter[2013/11/15 13:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox[2013/11/15 09:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Zone[2013/11/14 21:35:49 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Qwest[2013/11/14 19:13:43 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D\ccSetx64.sys[2013/11/14 19:13:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NZx64\01000F0.00D[2013/11/14 15:05:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0[2013/11/14 13:23:04 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll[2013/11/14 13:22:51 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll[2013/11/13 18:49:24 | 000,439,296 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysNative\AdpeakProxy64.dll[2013/11/13 18:49:21 | 000,338,944 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysWow64\AdpeakProxy.dll[2013/11/13 18:11:18 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\vlc[2013/11/13 18:10:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN[2013/11/13 18:09:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN[2013/11/13 18:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive[2013/11/13 17:34:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth[2013/11/13 17:26:08 | 001,005,928 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\libeay32.dll[2013/11/13 17:26:08 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll[2013/11/13 17:26:08 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll[2013/11/13 17:26:07 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll[2013/11/13 17:20:37 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\AVS4YOU[2013/11/13 17:20:21 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU[2013/11/13 17:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU[2013/11/13 17:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU[2013/11/13 17:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia[2013/11/13 17:18:22 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll[2013/11/13 17:18:21 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll[2013/11/13 17:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\IDM[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM[2013/11/13 17:08:41 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\DMCache[2013/11/13 17:08:34 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager[2013/11/13 17:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager[2013/11/13 17:08:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager[2013/11/13 16:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2[2013/11/13 16:18:30 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\OpenOffice[2013/11/13 16:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CenturyLink Personal Digital Vault™[2013/11/13 16:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CenturyLink Personal Digital Vault[2013/11/13 14:37:06 | 000,000,000 | ---D | C] -- C:\Users\Folders\Norton Zone[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NZx64[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Zone[2013/11/13 14:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton[2013/11/13 14:35:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller[2013/11/13 14:35:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller[2013/11/13 14:33:36 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations[2013/11/13 14:24:03 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Plex[2013/11/13 14:23:53 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll[2013/11/13 14:23:52 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll[2013/11/13 14:23:02 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plex Media Center[2013/11/13 13:40:46 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Apple Computer[2013/11/13 13:40:40 | 000,000,000 | ---D | C] -- C:\Users\Folders\AppData\Local\Plex Media Server[2013/11/13 13:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server[2013/11/13 13:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plex[2013/11/13 13:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache[2013/11/13 12:40:20 | 000,000,000 | -HSD | C] -- C:\found.000[2013/11/13 11:43:16 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE[2013/11/13 11:39:57 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe[2013/11/13 11:39:57 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll[2013/11/13 11:39:53 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll[2013/11/13 11:39:53 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl[2013/11/13 11:39:53 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl[2013/11/13 11:39:53 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll[2013/11/13 11:39:53 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll[2013/11/13 11:39:53 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll[2013/11/13 11:39:53 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll[2013/11/13 11:39:53 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll[2013/11/13 11:39:53 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll[2013/11/13 11:39:53 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll[2013/11/13 11:39:53 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll[2013/11/13 11:39:53 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll[2013/11/13 11:39:53 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat[2013/11/13 11:39:53 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat[2013/11/13 11:39:53 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll[2013/11/13 11:39:53 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll[2013/11/13 11:39:53 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll[2013/11/13 11:39:53 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll[2013/11/13 11:39:53 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll[2013/11/13 11:39:53 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll[2013/11/13 11:39:53 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec[2013/11/13 11:39:53 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec[2013/11/13 11:39:53 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll[2013/11/13 11:39:53 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll[2013/11/13 11:39:53 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll[2013/11/13 11:39:53 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll[2013/11/13 11:39:53 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll[2013/11/13 11:39:53 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe[2013/11/13 11:39:53 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll[2013/11/13 11:39:53 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe[2013/11/13 11:39:53 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll[2013/11/13 11:39:53 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe[2013/11/13 11:39:53 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll[2013/11/13 11:39:53 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe[2013/11/13 11:39:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe[2013/11/13 11:39:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe[2013/11/13 11:39:53 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll[2013/11/13 11:39:53 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll[2013/11/13 11:39:53 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll[2013/11/13 11:39:53 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll[2013/11/13 11:39:53 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe[2013/11/13 11:39:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe[2013/11/13 11:39:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll[2013/11/13 11:39:53 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll[2013/11/13 11:39:53 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll[2013/11/13 11:39:53 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe[2013/11/13 11:39:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe[2013/11/13 11:39:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll[2013/11/13 11:39:53 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll[2013/11/13 11:39:53 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll[2013/11/13 11:39:53 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll[2013/11/13 11:39:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll[2013/11/13 11:39:53 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx[2013/11/13 11:39:53 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe[2013/11/13 11:39:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe[2013/11/13 11:39:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\</blockquote>

Verification

Top