Jump to content

Scorpian Saver Infected my PC Too...

ChiCat

By ChiCat
in Resolved Malware Removal Logs

 Share

Recommended Posts

ChiCat

ChiCat

Posted
Posted

My laptop has the Scorpian Saver malware that I can see many others here have. I'm using Windows 7 and have attempted to uninstall the programs (two of them I've found) using Windows app, no luck. I've ran MalwareBytes and SuperAntiSpyware a number of times and yesterday MalwareBytes identified it and stated it "removed it" and I thought I was good, however, today, when I started my computer, Scorpian Saver was back again. I've read various threads and realize that someone will likely need to help me through this and see my machine's log files. Consequently, here I am at your mercy. Help, please!

 

Thanks.

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Welcome to the forum, first.....try to uninstall it from your add/remove programs.

Then........

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Next..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Next........

Clean out temp files by using disk cleanup or.........

Download, install and run CCleaner free to clean out temp files.
Here's a Tutorial if needed.
You may want to uncheck "cookies" and please stay away from the registry cleaner.

Last......

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
  • MrC
Link to post
Share on other sites
ChiCat

ChiCat

Posted
  • Author
Posted

Hmmm...This time when I went to Windows uninstall, I had a window come up labelled "Windows Installer" with copy that read, "The feature you are trying to use is on a network resource that is unavailable." Under "Use source" it had the following directory "c:\\temp\\" but it did not work. What should I do?

Link to post
Share on other sites
ChiCat

ChiCat

Posted
  • Author
Posted

Okay, I wasn't able to uninstall Scorpion Saver using Windows uninstall tool. I ran AdwCleaner and when my machine rebooted, "Scorpion Saver" was still listed in "Windows Programs and Features" and could not be removed. Here's the file AdwCleaner generated: 

# AdwCleaner v3.014 - Report created 06/12/2013 at 08:51:48
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Peter - PETER-PC
# Running from : C:\Users\Peter\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\ScorpionSaver
Folder Deleted : C:\Program Files\Level Quality Watcher
Folder Deleted : C:\Users\Peter\AppData\Local\NativeMessaging

***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [25251 octets] - [25/11/2013 01:37:26]
AdwCleaner[R1].txt - [25312 octets] - [25/11/2013 02:12:09]
AdwCleaner[R2].txt - [1191 octets] - [26/11/2013 14:41:45]
AdwCleaner[R3].txt - [1475 octets] - [06/12/2013 08:35:28]
AdwCleaner[s0].txt - [25770 octets] - [25/11/2013 02:17:28]
AdwCleaner[s1].txt - [1183 octets] - [26/11/2013 14:44:59]
AdwCleaner[s2].txt - [1338 octets] - [06/12/2013 08:51:48]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1398 octets] ##########
 

Link to post
Share on other sites
ChiCat

ChiCat

Posted
  • Author
Posted

The file generated after running Malwarebytes (however, Scorpion Saver still remains in my list of installed programs in Windows):

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.04.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Peter :: PETER-PC [administrator]

12/6/2013 9:08:40 AM
mbam-log-2013-12-06 (09-08-40).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 239666
Time elapsed: 8 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

Link to post
Share on other sites
ChiCat

ChiCat

Posted
  • Author
Posted

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2013
Ran by Peter (administrator) on PETER-PC on 06-12-2013 09:44:24
Running from C:\Users\Peter\Downloads\Farbar
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
(Symantec Corporation) C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Dropbox, Inc.) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Facebook) C:\Users\Peter\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google) C:\Users\Peter\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

==================== Registry (Whitelisted) ==================
HKLM\...\Run: [] - [x]
HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-07-01] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe [562304 2011-06-30] (Conexant Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)
HKCU\...\Run: [CFA4BAFF5696A87DDBFEBDBB843936345DB9A8D9._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184 2013-12-03] (Google Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-17] (Google Inc.)
HKCU\...\Run: [GoogleChromeAutoLaunch_14883A56D9D426BB697F73C8366CAF1F] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184 2013-12-03] (Google Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-26] (Facebook Inc.)
MountPoints2: {6a9ad1f1-b057-11e1-abce-047d7b644d56} - E:\MI.exe
HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe [3218864 2011-06-22] (Toshiba)
HKLM-x32\...\Run: [ToshibaAppPlace] - C:\Program Files (x86)\TOSHIBA\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-09-17] (RealNetworks, Inc.)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Peter\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
BHO-x32: Constant Guard Protection Suite - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.13.1030.3\NativeBHO.dll (WhiteSky)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} -  No File
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} -  No File
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default

FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Peter\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @stickypassword.com/Sticky Password - C:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Peter\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Peter\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Peter\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Peter\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Peter\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\Peter\AppData\Roaming\CATALI~1\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Peter\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Extension: SERPTrends SEO Extension - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\firefox@serptrends.com
FF Extension: FoxyProxy Basic - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\foxyproxy@eric.h.jung
FF Extension: XFINITY Constant Guard Protection Suite - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\idvaultaddin@whitesky
FF Extension: NetVideoHunter - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\netvideohunter@netvideohunter.com
FF Extension: affilorama - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\{7822cf50-08ee-4915-9872-ee92472df6cb}
FF Extension: Просмотр HTTP заголовков - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
FF Extension: Page Speed - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
FF Extension: amznUWL2 - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\amznUWL2@amazon.com.xpi
FF Extension: firebug - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: jid1-F9UJ2thwoAm5gQ - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
FF Extension: kgen - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\kgen@elitwork.com.xpi
FF Extension: rankchecker - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\rankchecker@seobook.com.xpi
FF Extension: seo4firefox - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\seo4firefox@seobook.com.xpi
FF Extension: seotoolbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\seotoolbar@seobook.com.xpi
FF Extension: toolbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\toolbar@seomoz.org.xpi
FF Extension: yslow - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\yslow@yahoo-inc.com.xpi
FF Extension: measureit - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi
FF Extension: defaults - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\2fo7ho6j.default\Extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF HKCU\...\Firefox\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\Peter\AppData\Roaming\Lamantine\Sticky Password\spAutofill
FF Extension: Sticky Password Autofill Engine - C:\Users\Peter\AppData\Roaming\Lamantine\Sticky Password\spAutofill
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Users\Peter\AppData\Local\GreatArcadeHits\gahff.xpi

Chrome:
=======


CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Screen Capture Plugin) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\plugin/screen_capture.dll No File
CHR Plugin: (Injovo Extension Plugin) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.439_0\npbrowserext.dll No File
CHR Plugin: (Constant Guard Protection Suite Add-on) - C:\Program Files (x86)\Constant Guard Protection Suite\CHROME\plugin/IdVault.Chrome.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (WPI Detector 1.4) - C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Google Translate) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.5_0
CHR Extension: (Google Slides) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.6_0
CHR Extension: (Guitar Chords) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeeebhlllfphmhipiajihkogmcfkmnje\1.0_0
CHR Extension: (Mobile Website Builder) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjlicpdajmlidgbgjibklaahmfjmjog\1.2_0
CHR Extension: (Write Space) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aimodnlfiikjjnmdchihablmkdeobhad\0.60_0
CHR Extension: (Website and SEO Analysis) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajkomeiemllejmopbbjjngpmmikfedad\1.1.3_0
CHR Extension: (SEOquake) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc\1.0.18_0
CHR Extension: (Angry Birds) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (Google Docs) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (MeasureIt!) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aonjhmdcgbgikgjapjckfkefpphjpgma\1.1.3_0
CHR Extension: (Google Drive) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (UJAM - Make your music.) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdiogojbmdncjdpljocafnigiokgmci\1.1_0
CHR Extension: (Google Reader Notifier (by Google)) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apflmjolhbonpkbkooiamcnenbmbjcbf\1.4_0
CHR Extension: (SocialBro) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bagknoiagpifjfbempgignagkejmkljm\0.6.2_0
CHR Extension: (MindMeister) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm\2.1.3_0
CHR Extension: (Web Developer) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm\0.4.5_0
CHR Extension: (Desmos Graphing Calculator) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhdheahnajobgndecdbggfmcojekgdko\2.0_0
CHR Extension: (      "name": "Frank Smith") - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgpmafbkgcchdjehdpnfgfgbdfahapa\1.8_0
CHR Extension: (Firebug Lite for Google Chrome\u2122) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0
CHR Extension: (HelloFax: 50 Free Fax Pages) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm\1.20_0
CHR Extension: (AlterKeywords) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbjmbomkbkibdpkmdafpmjefmopnbil\1.1_0
CHR Extension: (Smartsheet Project Management) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cindmhdfkimaeggbebfjkmkdfiohldbm\2.5.0_0
CHR Extension: (Webpage Screenshot Bar) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\13.6_0
CHR Extension: (Screen Capture (by Google)) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0
CHR Extension: (20 Things I Learned About Browsers & the Web) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfdlnlenokgjjchimonbekcmnofmlibg\0.91_0
CHR Extension: (SEO Site Tools) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\diahigjngdnkdgajdbpjdeomopbpkjjc\2.91_0
CHR Extension: (Space Attackers) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmcibenjagibppdmjikjbichobpgofen\1.1_0
CHR Extension: (Word Search) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0
CHR Extension: (Mozbar) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp\2.63_0
CHR Extension: (Producteev) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\effanfjandoefieknkdjjbfpmhdndfnf\3_0
CHR Extension: (Redirect Checker) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\egjdoecgikollacepmbihjllneabhchk\0.0.0.1_0
CHR Extension: (SEO SERP Workbench) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl\1.2_0
CHR Extension: (Gmail Offline) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0
CHR Extension: (Google Calendar) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0
CHR Extension: (Swydo Easy reporting & workflow for PPC & SEO) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkfiomimjjgcoeamccabemeohfjbghj\27_0
CHR Extension: (SiteTrail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\eomjoknlidjoenpioefgfifaionehjbf\1.0_0
CHR Extension: (XFINITY Constant Guard Protection Suite) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\faknfdmfmhcmgphbfjhgmomfcihmocmp\1.13.1126.1_0
CHR Extension: (After the Deadline) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdjadjbdihbaodagojiomdljhjhjfho\1.2_0
CHR Extension: (countDown) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\fefdcjabloofphhfcinhfbinmehfcojm\3.0.5_0
CHR Extension: (Google Sheets) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\0.6_0
CHR Extension: (Virtual Piano Black) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjagcpcbacoaogfljhglghpjhkmmfeeo\4_0
CHR Extension: (Springpad) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla\6_0
CHR Extension: (Myibidder Auction Bid Sniper for eBay) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmebanjjkaohcmifehogijfgcoieefnp\1.3.7_0
CHR Extension: (iSEO - SEO Tool for Chrome) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbkdfielojbemjihiefhbfdcpgdfdfn\2.4.1_0
CHR Extension: (The QR Code Generator) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb\0.2.5_0
CHR Extension: (SeoQuake Lite) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdebajliaokjigkhnddejphjblbdhifm\1.0.9_0
CHR Extension: (SEOzio) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghlinldjknincdnifcelhiemjahifcjb\3.0_0
CHR Extension: (Cut the Rope) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\16_0
CHR Extension: (TweetDeck by Twitter) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.4.0_0
CHR Extension: (Livestation) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hckdlnnjkjmmcfhfamndcpocjekeanpb\1.1_0
CHR Extension: (TeamGantt Project Management) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcoffgicdhbbbpdopfhaemdbdglnkcok\2.4_0
CHR Extension: (LastPass) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.0.16_0
CHR Extension: (Groupon Deals) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfkmjipaemibbcnifiigfkfemnofdean\1.0.12_0
CHR Extension: (Flixster) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh\1.0.6_0
CHR Extension: (Online project management software: Wedoist) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfemlcofmppfkjnndnoakpgekdmkpbn\1.2_0
CHR Extension: (Gantter for Google Drive) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo\4.0.1_0
CHR Extension: (Atari - Asteroids) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlkamaohjodmnhiehbogggcllkndklok\1.3_0
CHR Extension: (SEO & Website Analysis) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlngmmdolgbdnnimbmblfhhndibdipaf\1.0.7_0
CHR Extension: (Clock) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoihofapbdnldlhecnhefifbcddgdkhm\1.2_0
CHR Extension: (bitly | \u2665  your bitmarks) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\2.0.94_0
CHR Extension: (Crackle) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic\7.1.7_0
CHR Extension: (META SEO inspector) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibkclpciafdglkjkcibmohobjkcfkaef\1.8.3_0
CHR Extension: (Google Play Music) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.2_0
CHR Extension: (RealDownloader) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0
CHR Extension: (Color Piano!) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.1.40_0
CHR Extension: (Copy All Urls) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiagcalhlpmgdipdcikkjiliaankcagj\0.2.7_0
CHR Extension: (Dropbox) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.8_0
CHR Extension: (Spell Checker for Chrome) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg\0.9.3.8_0
CHR Extension: (My Browser Page) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghfknlgajlcihkhkhnlcoffhbohnlbg\1.0_0
CHR Extension: (Google Forms) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg\0.5_0
CHR Extension: (Kobo Instant Reader) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jknhjclcchfapglhbceedkoldnkmmhcc\0.9.5_0
CHR Extension: (Conceptboard) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnacnlekfaehkfdbkohnhpmdagnfaeio\1.1.3_0
CHR Extension: (StumbleUpon) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg\5.12.2.3_0
CHR Extension: (Google Voice (by Google)) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.4.4_0
CHR Extension: (Calculator) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao\1.0.9_0
CHR Extension: (Project Management Games) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfhekfkfegfencijmlmeijcoafjbclic\0.5_0
CHR Extension: (Amplify) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikolpafnjaegebdgkngjdghodjebfla\3.0.0_0
CHR Extension: (tab packager by tab.bz) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\klhheoejnijomhdjilifdbjeholikpnb\3.7_0
CHR Extension: (HootSuite) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\kneloppijbcidgidihgdjnooihjcdbij\5.244_0
CHR Extension: (Evernote Web) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0
CHR Extension: (Google Transliteration Service) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfjbedgfelhffkellgmlpfkeeidclfhd\2.1_0
CHR Extension: (Skype Click to Call) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (AudioSauna) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae\0.404_0
CHR Extension: (Google Maps) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0
CHR Extension: ([PRO] SEOMATOR SEO for Chrome Toolbar) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkkbofbloebjhcngbfbnoopggoccage\0.15_0
CHR Extension: (Scraper) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbigbapnjcgaffohmbkdlecaccepngjd\1.6_0
CHR Extension: (Boomerang for Gmail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdkdbdadolokifeomchamhifddohomii\1.2_0
CHR Extension: (Guitar Chords) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\megglpjmadjmghjegnallnhiknjnnjhh\1.4_0
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.21_0
CHR Extension: (Quick Note) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.6.1_0
CHR Extension: (Google Drawings) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme\0.8_0
CHR Extension: (Norton Identity Protection) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.0.27_0
CHR Extension: (WebRank SEO) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkhilblbmkdnapffblmecglknalglfji\3.3.5_0
CHR Extension: (JustBeamIt) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmikgkdknaammcapbklcdaakpphfilgg\1.1_0
CHR Extension: (Google Play Books) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.9_0
CHR Extension: (Bundlr) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\neaecllpgiioinacndhkakancoifnbhm\1.0.8_0
CHR Extension: (SiteMetrics SEO) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngmgbjfkmdgkdbbhbhogclgencokjmij\0.2.1_0
CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.2_0
CHR Extension: (SEO Analysis Tool) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmecdlclbaejkngalilebncnfkkmfcgo\1.2.5_0
CHR Extension: (Google Wallet) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.10_0
CHR Extension: (PianoCrumbs) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nocfgkbfnbcicfejinmenkhaffnnkhhh\5_0
CHR Extension: (SpongeBob Super Brawl 2) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\oamplghgnmpdanednnobalpcpgeghpeo\2.3.1_0
CHR Extension: (SEO for Chrome) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj\0.9.5_0
CHR Extension: (Clicker.TV) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaodinjbnakgknmblmhblapgpmfaciba\1_0
CHR Extension: (Fluid UI) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\obgmmkbgpilmggfkhganmcmpemnhimgg\1.1.1_0
CHR Extension: (Doodle Jump) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\oflacmceokbjcadloepefiakabcjappo\2.3.1_0
CHR Extension: (SEO SERP) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoaoaloeipdofknnaapbmdddddioklg\0.14.5_1
CHR Extension: (Print Friendly & PDF) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj\2.3_0
CHR Extension: (Q For Later) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojjiifnmilcfnemcehaoengppkkidlhb\1.0_0
CHR Extension: (Check My Links) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf\3.3.4_0
CHR Extension: (Google Quick Scroll) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc\2.1.2_0
CHR Extension: (Open in KeywordSpy) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ololmhkemeifnikkagpelgclcfablpcb\1.0_0
CHR Extension: (SlideRocket) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\omeengfjefdmhnkojnfmncpfdbhnecea\2.0.2_0
CHR Extension: (Rdio) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchjhmiapbbphflbgejhigbmfmmgbngn\1.2_0
CHR Extension: (Thesaurus) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pddaeeclcbikcegjhhgocgkakehngcem\1.5_0
CHR Extension: (Blog This!) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pengoopmcjnbflcjbmoeodbmoflcgjlk\0.2_0
CHR Extension: (Send from Gmail (by Google)) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc\1.16_0
CHR Extension: (World Clocks) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjgoijhajhaahklokegbfnohialajpej\5.0_0
CHR Extension: (Gmail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Google Similar Pages beta (by Google)) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnfggphgdjblhfjaphkjhfpiiekbbej\0.5.5.1_0
CHR Extension: (eBay Deals) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pllkgmcojhajjmojfoagiegoibjognlc\1.0.4_0
CHR Extension: (Astrid Tasks) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmjlnfgnkpknjgkpohcgoeiakkbofpjo\1.1.13_0
CHR Extension: (PostPost: Your Real-Time Facebook Newspaper) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppljepfclkbpmkclbopgnfajoenjonae\1.10_0
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\Exts\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ommfebianckciakndadmfbccniojelil] - C:\ProgramData\DownloadnSave\ommfebianckciakndadmfbccniojelil.crx

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43072 2012-03-19] (ArcSoft, Inc.)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe [264360 2013-10-18] (Symantec Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132504 2013-11-21] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-19] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
S2 FreemakeVideoCapture; "C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe" [x]

CONTINUED IN NEXT POST (THE SIZE WAS TOO LARGE TO FIT IN ONE POST)

Link to post
Share on other sites
ChiCat

ChiCat

Posted
  • Author
Posted

continued:

 

==================== Drivers (Whitelisted) ====================

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [1526488 2013-12-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-28] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-28] (Symantec Corporation)
R1 GSVDRIVE; C:\Windows\System32\DRIVERS\GSVDRIVE.sys [30816 2013-02-23] (GiliSoft International LLC.)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20131205.001\IDSvia64.sys [521816 2013-11-27] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20131205.024\ENG64.SYS [126040 2013-12-02] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20131205.024\EX64.SYS [2099288 2013-12-02] (Symantec Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-26] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
S1 AntiLog32; \??\C:\windows\system32\drivers\AntiLog64.sys [x]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-06 09:43 - 2013-12-06 09:44 - 00000000 ____D C:\Users\Peter\Downloads\Farbar
2013-12-06 09:42 - 2013-12-06 09:42 - 00000000 ____D C:\FRST
2013-12-06 09:28 - 2013-12-06 09:28 - 04618136 _____ (Piriform Ltd) C:\Users\Peter\Downloads\ccsetup408.exe
2013-12-05 09:42 - 2013-12-06 08:55 - 00003340 _____ C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1827840960-399037059-1792182980-1000
2013-12-05 09:42 - 2013-12-06 08:55 - 00003206 _____ C:\windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1827840960-399037059-1792182980-1000
2013-12-05 07:03 - 2013-12-05 07:04 - 87529432 _____ (AVAST Software) C:\Users\Peter\Downloads\avast_free_antivirus_setup.exe
2013-12-04 09:56 - 2013-12-04 09:56 - 00000000 _____ C:\Users\Peter\Downloads\2D28.tmp
2013-12-04 09:19 - 2013-12-04 09:21 - 22791896 _____ (Microsoft Corporation) C:\Users\Peter\Downloads\Windows-KB890830-x64-V5.6.exe
2013-12-03 21:15 - 2013-12-03 21:15 - 00000000 ____D C:\Users\Peter\AppData\Local\Zemana
2013-12-03 07:47 - 2013-12-03 07:47 - 00000000 ____D C:\Users\Peter\Downloads\Facebook Images
2013-12-02 11:51 - 2013-12-06 08:03 - 00003362 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1827840960-399037059-1792182980-1000
2013-12-02 11:51 - 2013-12-06 08:03 - 00003228 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1827840960-399037059-1792182980-1000
2013-12-02 09:37 - 2013-12-02 09:37 - 00000000 ____D C:\Users\Peter\Downloads\2014 Tax Year
2013-11-28 07:00 - 2013-11-28 07:00 - 00000000 ____D C:\windows\System32\Tasks\Norton Security Suite
2013-11-26 16:06 - 2013-11-28 06:53 - 00002451 _____ C:\Users\Public\Desktop\Norton Security Suite.lnk
2013-11-26 15:39 - 2013-11-26 15:39 - 00237766 _____ C:\Users\Peter\Downloads\OTL.Txt
2013-11-26 15:39 - 2013-11-26 15:39 - 00074662 _____ C:\Users\Peter\Downloads\Extras.Txt
2013-11-26 15:16 - 2013-11-26 15:16 - 00000000 ____D C:\Users\Peter\Downloads\Top Arcarde Hits Cleanup
2013-11-26 14:45 - 2013-11-26 14:45 - 00000000 ____D C:\Users\Peter\AppData\Roaming\LavasoftStatistics
2013-11-26 14:45 - 2013-11-26 14:45 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Ad-Aware Antivirus
2013-11-26 14:45 - 2013-11-26 14:45 - 00000000 ____D C:\ProgramData\Lavasoft
2013-11-26 14:42 - 2013-11-26 14:42 - 00602112 _____ (OldTimer Tools) C:\Users\Peter\Downloads\OTL.exe
2013-11-26 14:40 - 2013-11-26 14:40 - 00000000 ____D C:\Users\Peter\Documents\Attempt to go after ArcardeHits
2013-11-26 14:39 - 2013-11-26 14:39 - 00000764 _____ C:\Users\Peter\Desktop\JRT.txt
2013-11-26 05:29 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2013-11-26 05:23 - 2013-11-26 05:23 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-26 05:23 - 2013-11-26 05:23 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-26 05:23 - 2013-11-26 05:23 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-26 05:23 - 2013-11-26 05:23 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-26 05:23 - 2013-11-26 05:23 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-26 05:23 - 2013-11-26 05:23 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-26 05:23 - 2013-11-26 05:23 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-26 05:23 - 2013-11-26 05:23 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-26 05:23 - 2013-11-26 05:23 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-26 05:23 - 2013-11-26 05:23 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-26 05:23 - 2013-11-26 05:23 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-25 03:59 - 2013-11-25 04:00 - 04161024 _____ C:\Users\Peter\Downloads\RogueKillerX64.exe
2013-11-25 03:19 - 2013-11-25 03:19 - 00000000 __SHD C:\found.001
2013-11-25 02:54 - 2013-11-25 02:54 - 00019556 _____ C:\Users\Peter\Downloads\HitmanPro_20131125_0254.log
2013-11-25 02:39 - 2013-11-25 02:39 - 00000000 ____D C:\windows\ERUNT
2013-11-25 02:10 - 2013-11-25 02:10 - 10264904 _____ (SurfRight B.V.) C:\Users\Peter\Downloads\HitmanPro_x64.exe
2013-11-25 02:09 - 2013-11-25 02:09 - 01034531 _____ (Thisisu) C:\Users\Peter\Downloads\JRT.exe
2013-11-25 01:47 - 2013-11-25 01:50 - 01070944 _____ (Solid State Networks) C:\Users\Peter\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe
2013-11-25 01:39 - 2013-11-25 01:40 - 04379048 _____ (Piriform Ltd) C:\Users\Peter\Downloads\ccsetup407.exe
2013-11-25 01:37 - 2013-12-06 08:57 - 00000000 ____D C:\AdwCleaner
2013-11-25 01:35 - 2013-12-06 08:34 - 01110034 _____ C:\Users\Peter\Downloads\AdwCleaner.exe
2013-11-25 01:14 - 2013-11-25 01:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Peter\Downloads\revosetup.exe
2013-11-25 00:45 - 2013-10-16 10:18 - 00439296 _____ (Adpeak, Inc.) C:\windows\system32\AdpeakProxy64.dll
2013-11-24 23:57 - 2013-11-24 23:59 - 00000000 ____D C:\Users\Peter\Downloads\DHHS
2013-11-23 23:59 - 2013-11-24 00:00 - 00923784 _____ (CNET Download.com) C:\Users\Peter\Downloads\cbsidlm-cbsi145-Xenus_Link_Sleuth-ORG-10020826.exe
2013-11-23 06:15 - 2013-11-23 06:15 - 00000000 ____D C:\Users\Peter\Documents\IIS SEO Reports
2013-11-22 04:59 - 2013-11-27 11:01 - 00000000 ____D C:\Users\Peter\Downloads\Joomla Extensions
2013-11-15 23:40 - 2013-11-15 23:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 01:30 - 2013-11-15 01:30 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Payloader
2013-11-15 01:29 - 2013-11-15 01:30 - 00000000 ____D C:\Users\Peter\AppData\Local\Deployment
2013-11-15 01:29 - 2013-11-15 01:29 - 00000000 ____D C:\Users\Peter\AppData\Local\Apps\2.0
2013-11-13 23:42 - 2013-11-13 23:42 - 00004416 _____ C:\{C702BE42-BEA2-44ED-AFB8-FC2ED7D0E1BA}
2013-11-13 23:33 - 2013-11-13 23:33 - 00003672 _____ C:\{E58703A5-F3D2-4962-A4DD-455028AC02A1}
2013-11-13 23:11 - 2013-11-13 23:18 - 29040552 _____ (Oracle Corporation) C:\Users\Peter\Downloads\jre-7u45-windows-i586.exe
2013-11-13 22:54 - 2013-11-13 22:54 - 00000000 ____D C:\ProgramData\Oracle
2013-11-13 22:50 - 2013-11-13 22:46 - 00312744 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-11-13 22:48 - 2013-11-13 22:47 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2013-11-13 22:48 - 2013-11-13 22:46 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-11-13 22:48 - 2013-11-13 22:46 - 00189352 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-11-13 22:45 - 2013-11-13 22:45 - 00000000 ____D C:\Program Files\Java
2013-11-13 22:35 - 2013-11-13 22:38 - 30694824 _____ (Oracle Corporation) C:\Users\Peter\Downloads\jre-7u45-windows-x64.exe
2013-11-13 07:42 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-13 07:42 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-13 07:42 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-13 07:42 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-11-13 07:42 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 07:42 - 2013-10-05 14:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-13 07:42 - 2013-10-05 13:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-13 07:42 - 2013-10-03 20:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-13 07:42 - 2013-10-03 20:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-11-13 07:42 - 2013-10-03 20:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-13 07:42 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 07:42 - 2013-10-03 19:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-13 07:42 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2013-11-13 07:42 - 2013-10-02 20:23 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-13 07:42 - 2013-10-02 20:00 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-11-13 07:42 - 2013-09-27 19:09 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-13 07:42 - 2013-09-24 20:26 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-11-13 07:42 - 2013-09-24 20:26 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-11-13 07:42 - 2013-09-24 20:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-11-13 07:42 - 2013-09-24 20:23 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-11-13 07:42 - 2013-09-24 20:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-11-13 07:42 - 2013-09-24 20:22 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-13 07:42 - 2013-09-24 20:21 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-11-13 07:42 - 2013-09-24 20:21 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-11-13 07:42 - 2013-09-24 19:58 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2013-11-13 07:42 - 2013-09-24 19:57 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-13 07:42 - 2013-09-24 19:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2013-11-13 07:42 - 2013-09-24 19:56 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2013-11-13 07:42 - 2013-09-24 19:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-11-13 07:42 - 2013-07-04 06:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2013-11-12 08:14 - 2013-11-12 08:14 - 00000303 _____ C:\windows\SysWOW64\InstallUtil.InstallLog
2013-11-11 19:21 - 2013-11-11 19:30 - 00000000 ____D C:\Users\Peter\Downloads\2013 Family Christmas Photos
2013-11-11 04:06 - 2013-11-11 04:06 - 00000000 ____D C:\Users\Peter\Documents\Apowersoft Screen Recorder Pro
2013-11-11 03:53 - 2013-11-11 03:53 - 00001427 _____ C:\Users\Public\Desktop\Apowersoft Screen Recorder Pro.lnk
2013-11-11 03:53 - 2013-06-02 04:56 - 00031920 _____ (Wondershare) C:\windows\system32\Drivers\Apowersoft_AudioDevice.sys
2013-11-11 03:53 - 2013-06-01 20:07 - 00443568 ____H (Bytescout) C:\windows\SysWOW64\ApowersoftScreenCapturing.dll
2013-11-11 03:53 - 2013-06-01 20:07 - 00271536 ____H (Bytescout) C:\windows\SysWOW64\ApowersoftScreenCapturingFilter.dll
2013-11-11 03:53 - 2013-06-01 20:07 - 00181424 ____H (Bytescout) C:\windows\SysWOW64\ApowersoftVideoMixerFilter.dll
2013-11-11 02:01 - 2013-11-11 02:01 - 00000000 ____D C:\Users\Peter\Downloads\ScreenRecorderPro
2013-11-11 01:59 - 2013-11-11 02:01 - 29950637 _____ C:\Users\Peter\Downloads\ScreenRecorderPro119_Win.zip
2013-11-09 02:33 - 2013-11-09 02:34 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Audio Editor Deluxe
2013-11-09 02:32 - 2013-11-09 02:32 - 00002082 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Audio Editor Deluxe.lnk
2013-11-09 02:32 - 2013-11-09 02:32 - 00002058 _____ C:\Users\Peter\Desktop\Audio Editor Deluxe.lnk
2013-11-09 02:32 - 2013-11-09 02:32 - 00000000 ____D C:\Program Files (x86)\Audio Editor Deluxe
2013-11-09 02:32 - 2006-03-23 12:56 - 00113486 _____ C:\windows\SysWOW64\NCTWMAProfiles.prx
2013-11-09 02:32 - 2005-05-18 11:52 - 01212416 _____ (Online Media Technologies Ltd.) C:\windows\SysWOW64\NCTAudioInformation2.dll
2013-11-09 02:32 - 2005-05-17 12:37 - 01986560 _____ (NCT Company Ltd.) C:\windows\SysWOW64\NCTAudioFile2.dll
2013-11-09 02:32 - 2005-04-25 13:01 - 00458752 _____ (Online Media Technologies Ltd.) C:\windows\SysWOW64\NCTAudioRecord2.dll
2013-11-09 02:32 - 2005-04-25 13:01 - 00458752 _____ (Online Media Technologies Ltd.) C:\windows\SysWOW64\NCTAudioPlayer2.dll
2013-11-09 02:32 - 2005-04-15 12:08 - 00880640 _____ (Online Media Technologies Ltd.) C:\windows\SysWOW64\NCTAudioEditor2.dll
2013-11-09 02:32 - 2005-04-04 17:21 - 00602112 _____ (Online Media Technologies Ltd.) C:\windows\SysWOW64\NCTAudioTransform2.dll
2013-11-09 02:32 - 2005-03-29 07:57 - 02084864 _____ (Online Media Technologies Ltd.) C:\windows\SysWOW64\NCTAudioDesign2.dll
2013-11-09 02:32 - 2005-03-28 15:54 - 00479232 _____ (Online Media Technologies Ltd.) C:\windows\SysWOW64\NCTAudioVisualization2.dll
2013-11-09 02:32 - 2005-03-28 15:52 - 00417792 _____ (Online Media Technologies Ltd.) C:\windows\SysWOW64\NCTTextToAudio2.dll
2013-11-09 02:32 - 2005-02-24 11:51 - 00348160 _____ (NCT Company Ltd.) C:\windows\SysWOW64\NCTWMAFile2.dll
2013-11-09 02:32 - 2004-11-04 13:31 - 00835584 _____ (NCT) C:\windows\SysWOW64\NCTAudioCDGrabber2.dll
2013-11-09 02:15 - 2013-11-09 02:29 - 00000000 ____D C:\Users\Peter\Downloads\AudioEditorDeluxe
2013-11-09 02:00 - 2013-11-09 02:02 - 25422094 _____ C:\Users\Peter\Downloads\AudioEditorDeluxe901.zip
2013-11-07 22:37 - 2013-11-07 22:40 - 01253047 _____ C:\Users\Peter\Downloads\7DCB.tmp
2013-11-06 09:37 - 2013-11-06 09:40 - 00001064 _____ C:\Users\Peter\Downloads\readme.txt

==================== One Month Modified Files and Folders =======

2013-12-06 09:54 - 2012-11-26 19:56 - 00000908 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000UA.job
2013-12-06 09:54 - 2012-03-21 15:19 - 00000000 ____D C:\Users\Peter\AppData\Roaming\ID Vault
2013-12-06 09:52 - 2012-02-20 01:36 - 00000912 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-06 09:44 - 2013-12-06 09:43 - 00000000 ____D C:\Users\Peter\Downloads\Farbar
2013-12-06 09:42 - 2013-12-06 09:42 - 00000000 ____D C:\FRST
2013-12-06 09:30 - 2012-06-06 19:33 - 00000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2013-12-06 09:30 - 2011-11-03 16:22 - 00000000 ____D C:\windows\Panther
2013-12-06 09:28 - 2013-12-06 09:28 - 04618136 _____ (Piriform Ltd) C:\Users\Peter\Downloads\ccsetup408.exe
2013-12-06 09:11 - 2012-10-15 19:20 - 00000928 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000UA.job
2013-12-06 09:07 - 2009-07-13 22:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-06 09:07 - 2009-07-13 22:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-06 09:03 - 2012-02-20 01:09 - 02015166 ____N C:\windows\WindowsUpdate.log
2013-12-06 09:00 - 2012-03-30 15:01 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-12-06 08:59 - 2012-06-06 14:24 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Dropbox
2013-12-06 08:58 - 2012-06-06 14:26 - 00000000 ___RD C:\Users\Peter\Dropbox
2013-12-06 08:58 - 2012-06-03 17:58 - 00000000 ___RD C:\Users\Peter\Google Drive
2013-12-06 08:57 - 2013-11-25 01:37 - 00000000 ____D C:\AdwCleaner
2013-12-06 08:57 - 2009-07-13 23:32 - 00000000 ____D C:\windows\system32\FxsTmp
2013-12-06 08:55 - 2013-12-05 09:42 - 00003340 _____ C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1827840960-399037059-1792182980-1000
2013-12-06 08:55 - 2013-12-05 09:42 - 00003206 _____ C:\windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1827840960-399037059-1792182980-1000
2013-12-06 08:55 - 2012-02-20 01:36 - 00000908 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-06 08:55 - 2009-07-13 23:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-06 08:34 - 2013-11-25 01:35 - 01110034 _____ C:\Users\Peter\Downloads\AdwCleaner.exe
2013-12-06 08:03 - 2013-12-02 11:51 - 00003362 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1827840960-399037059-1792182980-1000
2013-12-06 08:03 - 2013-12-02 11:51 - 00003228 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1827840960-399037059-1792182980-1000
2013-12-06 07:39 - 2012-03-21 15:18 - 00000000 ____D C:\Program Files (x86)\Constant Guard Protection Suite
2013-12-05 20:25 - 2012-07-21 17:04 - 00000000 ____D C:\Users\Peter\Downloads\Sample Libraries
2013-12-05 12:54 - 2012-11-26 19:56 - 00000856 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000Core.job
2013-12-05 07:04 - 2013-12-05 07:03 - 87529432 _____ (AVAST Software) C:\Users\Peter\Downloads\avast_free_antivirus_setup.exe
2013-12-04 09:56 - 2013-12-04 09:56 - 00000000 _____ C:\Users\Peter\Downloads\2D28.tmp
2013-12-04 09:21 - 2013-12-04 09:19 - 22791896 _____ (Microsoft Corporation) C:\Users\Peter\Downloads\Windows-KB890830-x64-V5.6.exe
2013-12-04 00:11 - 2012-10-15 19:20 - 00000906 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000Core.job
2013-12-03 21:15 - 2013-12-03 21:15 - 00000000 ____D C:\Users\Peter\AppData\Local\Zemana
2013-12-03 12:49 - 2012-11-26 19:56 - 00003878 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000UA
2013-12-03 12:49 - 2012-11-26 19:56 - 00003482 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000Core
2013-12-03 07:47 - 2013-12-03 07:47 - 00000000 ____D C:\Users\Peter\Downloads\Facebook Images
2013-12-02 12:42 - 2013-04-28 22:41 - 00000000 ____D C:\Users\Peter\Documents\Manuals
2013-12-02 09:37 - 2013-12-02 09:37 - 00000000 ____D C:\Users\Peter\Downloads\2014 Tax Year
2013-11-30 23:00 - 2012-08-28 14:41 - 00003962 _____ C:\windows\System32\Tasks\PC Checkup 3 Weekly Scan
2013-11-29 13:14 - 2009-07-13 23:08 - 00032652 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-11-28 07:00 - 2013-11-28 07:00 - 00000000 ____D C:\windows\System32\Tasks\Norton Security Suite
2013-11-28 06:53 - 2013-11-26 16:06 - 00002451 _____ C:\Users\Public\Desktop\Norton Security Suite.lnk
2013-11-28 06:53 - 2013-02-19 09:24 - 00003228 _____ C:\windows\System32\Tasks\Norton WSC Integration
2013-11-28 06:53 - 2012-05-09 23:44 - 00000000 ____D C:\windows\system32\Drivers\N360x64
2013-11-27 11:19 - 2013-01-28 14:22 - 00000000 ____D C:\Users\Peter\Downloads\Security Malware and Virus Scan
2013-11-27 11:01 - 2013-11-22 04:59 - 00000000 ____D C:\Users\Peter\Downloads\Joomla Extensions
2013-11-26 16:43 - 2009-07-13 21:20 - 00000000 ____D C:\windows\rescache
2013-11-26 16:07 - 2012-05-09 23:45 - 00177752 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
2013-11-26 16:07 - 2012-05-09 23:45 - 00008222 _____ C:\windows\system32\Drivers\SYMEVENT64x86.CAT
2013-11-26 16:07 - 2012-02-20 01:30 - 00000000 ____D C:\ProgramData\Norton
2013-11-26 16:05 - 2012-05-09 23:44 - 00000000 ____D C:\Program Files (x86)\Norton Security Suite
2013-11-26 16:01 - 2012-05-09 23:41 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-11-26 15:39 - 2013-11-26 15:39 - 00237766 _____ C:\Users\Peter\Downloads\OTL.Txt
2013-11-26 15:39 - 2013-11-26 15:39 - 00074662 _____ C:\Users\Peter\Downloads\Extras.Txt
2013-11-26 15:16 - 2013-11-26 15:16 - 00000000 ____D C:\Users\Peter\Downloads\Top Arcarde Hits Cleanup
2013-11-26 14:45 - 2013-11-26 14:45 - 00000000 ____D C:\Users\Peter\AppData\Roaming\LavasoftStatistics
2013-11-26 14:45 - 2013-11-26 14:45 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Ad-Aware Antivirus
2013-11-26 14:45 - 2013-11-26 14:45 - 00000000 ____D C:\ProgramData\Lavasoft
2013-11-26 14:42 - 2013-11-26 14:42 - 00602112 _____ (OldTimer Tools) C:\Users\Peter\Downloads\OTL.exe
2013-11-26 14:40 - 2013-11-26 14:40 - 00000000 ____D C:\Users\Peter\Documents\Attempt to go after ArcardeHits
2013-11-26 14:39 - 2013-11-26 14:39 - 00000764 _____ C:\Users\Peter\Desktop\JRT.txt
2013-11-26 08:38 - 2012-10-19 19:36 - 00000000 ____D C:\Users\Peter\Downloads\VST FX
2013-11-26 05:43 - 2012-03-21 15:04 - 00001424 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 05:31 - 2009-07-13 21:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-11-26 05:23 - 2013-11-26 05:23 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-26 05:23 - 2013-11-26 05:23 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-26 05:23 - 2013-11-26 05:23 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-26 05:23 - 2013-11-26 05:23 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-26 05:23 - 2013-11-26 05:23 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-26 05:23 - 2013-11-26 05:23 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-26 05:23 - 2013-11-26 05:23 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-26 05:23 - 2013-11-26 05:23 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-26 05:23 - 2013-11-26 05:23 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-26 05:23 - 2013-11-26 05:23 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-26 05:23 - 2013-11-26 05:23 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-26 05:23 - 2013-11-26 05:23 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-26 05:23 - 2013-11-26 05:23 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-25 05:55 - 2013-09-17 01:20 - 00000000 ____D C:\Users\Peter\Downloads\Superior Drummer 2.0 Presets
2013-11-25 04:00 - 2013-11-25 03:59 - 04161024 _____ C:\Users\Peter\Downloads\RogueKillerX64.exe
2013-11-25 03:19 - 2013-11-25 03:19 - 00000000 __SHD C:\found.001
2013-11-25 03:04 - 2013-04-13 19:10 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Media Player Classic
2013-11-25 03:04 - 2012-06-28 16:21 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-11-25 02:57 - 2013-01-28 16:06 - 00000833 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-25 02:57 - 2013-01-28 16:06 - 00000000 ____D C:\Program Files\CCleaner
2013-11-25 02:54 - 2013-11-25 02:54 - 00019556 _____ C:\Users\Peter\Downloads\HitmanPro_20131125_0254.log
2013-11-25 02:39 - 2013-11-25 02:39 - 00000000 ____D C:\windows\ERUNT
2013-11-25 02:10 - 2013-11-25 02:10 - 10264904 _____ (SurfRight B.V.) C:\Users\Peter\Downloads\HitmanPro_x64.exe
2013-11-25 02:09 - 2013-11-25 02:09 - 01034531 _____ (Thisisu) C:\Users\Peter\Downloads\JRT.exe
2013-11-25 01:55 - 2013-01-24 12:03 - 00000000 ____D C:\ProgramData\HP
2013-11-25 01:50 - 2013-11-25 01:47 - 01070944 _____ (Solid State Networks) C:\Users\Peter\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe
2013-11-25 01:40 - 2013-11-25 01:39 - 04379048 _____ (Piriform Ltd) C:\Users\Peter\Downloads\ccsetup407.exe
2013-11-25 01:15 - 2013-11-25 01:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Peter\Downloads\revosetup.exe
2013-11-24 23:59 - 2013-11-24 23:57 - 00000000 ____D C:\Users\Peter\Downloads\DHHS
2013-11-24 05:24 - 2012-07-25 10:14 - 00000000 ____D C:\Users\Peter\Downloads\Marketing PDFs
2013-11-24 01:48 - 2012-03-21 15:03 - 00000000 ___RD C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-24 00:00 - 2013-11-23 23:59 - 00923784 _____ (CNET Download.com) C:\Users\Peter\Downloads\cbsidlm-cbsi145-Xenus_Link_Sleuth-ORG-10020826.exe
2013-11-23 06:15 - 2013-11-23 06:15 - 00000000 ____D C:\Users\Peter\Documents\IIS SEO Reports
2013-11-23 06:04 - 2012-06-21 18:27 - 00116384 _____ (Microsoft Corporation) C:\Users\Peter\Downloads\seotoolkit.exe
2013-11-22 04:22 - 2012-09-01 23:55 - 00000000 ____D C:\Users\Peter\Documents\Markting White Papers and Research
2013-11-21 18:50 - 2013-02-26 19:57 - 00000000 ____D C:\Users\Peter\Downloads\Resume
2013-11-21 03:20 - 2012-08-28 14:39 - 00000000 ____D C:\Program Files (x86)\PC Checkup
2013-11-19 07:24 - 2012-07-22 08:45 - 00000000 ____D C:\Users\Peter\Downloads\VSTs
2013-11-16 12:58 - 2012-06-14 20:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-16 02:13 - 2012-07-17 21:29 - 00000000 ____D C:\Users\Peter\Downloads\KONTAKT 5 SAMPLE LIBRARIES
2013-11-15 23:41 - 2013-11-15 23:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 22:07 - 2013-01-21 15:21 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-11-15 01:30 - 2013-11-15 01:30 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Payloader
2013-11-15 01:30 - 2013-11-15 01:29 - 00000000 ____D C:\Users\Peter\AppData\Local\Deployment
2013-11-15 01:29 - 2013-11-15 01:29 - 00000000 ____D C:\Users\Peter\AppData\Local\Apps\2.0
2013-11-14 07:38 - 2013-07-21 23:45 - 00000000 ____D C:\windows\system32\MRT
2013-11-13 23:42 - 2013-11-13 23:42 - 00004416 _____ C:\{C702BE42-BEA2-44ED-AFB8-FC2ED7D0E1BA}
2013-11-13 23:33 - 2013-11-13 23:33 - 00003672 _____ C:\{E58703A5-F3D2-4962-A4DD-455028AC02A1}
2013-11-13 23:18 - 2013-11-13 23:11 - 29040552 _____ (Oracle Corporation) C:\Users\Peter\Downloads\jre-7u45-windows-i586.exe
2013-11-13 22:54 - 2013-11-13 22:54 - 00000000 ____D C:\ProgramData\Oracle
2013-11-13 22:50 - 2013-10-16 21:05 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Skype
2013-11-13 22:47 - 2013-11-13 22:48 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2013-11-13 22:46 - 2013-11-13 22:50 - 00312744 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-11-13 22:46 - 2013-11-13 22:48 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-11-13 22:46 - 2013-11-13 22:48 - 00189352 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-11-13 22:45 - 2013-11-13 22:45 - 00000000 ____D C:\Program Files\Java
2013-11-13 22:38 - 2013-11-13 22:35 - 30694824 _____ (Oracle Corporation) C:\Users\Peter\Downloads\jre-7u45-windows-x64.exe
2013-11-13 22:30 - 2012-06-25 22:47 - 00000000 ____D C:\Users\Peter\AppData\Local\Adobe
2013-11-13 11:50 - 2013-10-16 21:04 - 00000000 ____D C:\ProgramData\Skype
2013-11-12 08:16 - 2012-03-21 15:20 - 00000000 ____D C:\Users\Peter\AppData\Local\ID Vault
2013-11-12 08:14 - 2013-11-12 08:14 - 00000303 _____ C:\windows\SysWOW64\InstallUtil.InstallLog
2013-11-12 08:13 - 2012-03-21 15:18 - 00002200 _____ C:\Users\Public\Desktop\Constant Guard.lnk
2013-11-11 19:30 - 2013-11-11 19:21 - 00000000 ____D C:\Users\Peter\Downloads\2013 Family Christmas Photos
2013-11-11 04:06 - 2013-11-11 04:06 - 00000000 ____D C:\Users\Peter\Documents\Apowersoft Screen Recorder Pro
2013-11-11 03:53 - 2013-11-11 03:53 - 00001427 _____ C:\Users\Public\Desktop\Apowersoft Screen Recorder Pro.lnk
2013-11-11 03:53 - 2013-10-20 23:15 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Apowersoft
2013-11-11 03:53 - 2013-10-20 23:15 - 00000000 ____D C:\Program Files (x86)\Apowersoft
2013-11-11 02:01 - 2013-11-11 02:01 - 00000000 ____D C:\Users\Peter\Downloads\ScreenRecorderPro
2013-11-11 02:01 - 2013-11-11 01:59 - 29950637 _____ C:\Users\Peter\Downloads\ScreenRecorderPro119_Win.zip
2013-11-09 02:34 - 2013-11-09 02:33 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Audio Editor Deluxe
2013-11-09 02:32 - 2013-11-09 02:32 - 00002082 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Audio Editor Deluxe.lnk
2013-11-09 02:32 - 2013-11-09 02:32 - 00002058 _____ C:\Users\Peter\Desktop\Audio Editor Deluxe.lnk
2013-11-09 02:32 - 2013-11-09 02:32 - 00000000 ____D C:\Program Files (x86)\Audio Editor Deluxe
2013-11-09 02:29 - 2013-11-09 02:15 - 00000000 ____D C:\Users\Peter\Downloads\AudioEditorDeluxe
2013-11-09 02:02 - 2013-11-09 02:00 - 25422094 _____ C:\Users\Peter\Downloads\AudioEditorDeluxe901.zip
2013-11-09 01:54 - 2012-06-14 20:27 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Mozilla
2013-11-07 22:40 - 2013-11-07 22:37 - 01253047 _____ C:\Users\Peter\Downloads\7DCB.tmp
2013-11-07 16:00 - 2012-03-31 12:35 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-06 11:02 - 2012-12-22 23:12 - 00000000 ____D C:\Users\Peter\Downloads\Articles Quoting Me
2013-11-06 09:40 - 2013-11-06 09:37 - 00001064 _____ C:\Users\Peter\Downloads\readme.txt

Some content of TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-11-30 13:40
==================== End Of Log ============================

Link to post
Share on other sites
ChiCat

ChiCat

Posted
  • Author
Posted

The ADDITION file:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2013
Ran by Peter at 2013-12-06 09:55:49
Running from C:\Users\Peter\Downloads\Farbar
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Security Suite (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.22beta (x32)
Adobe AIR (x32 Version: 2.6.0.19140)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
AIO_Scan (x32 Version: 130.0.365.000)
Aiseesoft Media Converter Ultimate 6.3.58 (x32 Version: 6.3.58)
Amazon Links (x32 Version: 2.02)
Amazon MP3 Downloader 1.0.17 (x32 Version: 1.0.17)
Apowersoft Screen Recorder Pro V1.1.9 (x32 Version: 1.1.9)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft Perfect365 (x32 Version: 1.8.0.3)
Ashampoo Burning Studio 2012 v.10.0.15 (x32 Version: 10.0.15)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.36)
Audio Editor Deluxe v9.0.1 (x32)
Bejeweled 3 (x32 Version: 2.2.0.97)
Bonjour (Version: 3.0.0.10)
BufferChm (x32 Version: 130.0.331.000)
C7200 (x32 Version: 130.0.365.000)
C7200_Help (x32 Version: 100.0.206.000)
Catalina Savings Printer (x32 Version: 1.0.0)
CCleaner (Version: 4.07)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Conexant HD Audio (Version: 8.51.2.51)
Connect (x32 Version: 2.1.2)
Connect (x32 Version: 2.2.2)
Constant Guard Protection Suite (x32 Version: 1.13.1030.3)
Copy (x32 Version: 130.0.428.000)
Coupon Printer for Windows (x32 Version: 5.0.0.3)
CyberLink PhotoDirector 3 (x32 Version: 3.0.3618)
D3DX10 (x32 Version: 15.4.2368.0902)
Destinations (x32 Version: 130.0.0.0)
DeviceDiscovery (x32 Version: 130.0.465.000)
DocProc (x32 Version: 13.0.0.0)
Dropbox (HKCU Version: 2.0.22)
DVDFab 8.2.2.8 (26/02/2013) Qt (x32)
Facebook Messenger 2.1.4814.0 (x32 Version: 2.1.4814.0)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
FATE - The Traitor Soul (x32 Version: 2.2.0.95)
Fax (x32 Version: 130.0.418.000)
FileStream Take-1 Recorder (x32 Version: 2.0)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2)
Free YouTube Downloader 3.5.134 (x32)
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (x32 Version: 31.0.1650.63)
Google Drive (x32 Version: 1.12.5329.1887)
Google Earth (x32 Version: 7.1.1.1888)
Google Talk Plugin (x32 Version: 4.9.1.16010)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.21.165)
GPBaseService2 (x32 Version: 130.0.371.000)
GSiteCrawler (x32 Version: v1.23)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (x32 Version: 5.005.000.002)
HPDiagnosticAlert (x32 Version: 1.00.0000)
HPPhotoGadget (x32 Version: 130.0.282.000)
HPPhotoSmartDiscLabel_PaperLabel (x32 Version: 2.04.0000)
HPPhotoSmartDiscLabel_PrintOnDisc (x32 Version: 2.04.0000)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000)
hpphotosmartdisclabelplugin (x32 Version: 2.04.0000)
HPPhotosmartEssential (x32 Version: 2.04.0000)
HPProductAssistant (x32 Version: 130.0.371.000)
HPSSupply (x32 Version: 130.0.371.000)
iCare Card Recovery Pro 2.0 (x32)
IconLover (x32 Version: 5.34)
Ideal DVD Copy V4.1.2 (x32)
idoo Secure Disc Creator 3.0 (x32 Version: 3.0)
IIS Search Engine Optimization Toolkit 1.0 (Version: 1.0.0731)
Inpaint 5.5
Intel® Management Engine Components (x32 Version: 7.0.0.1144)
Intel® Processor Graphics (x32 Version: 8.15.10.2509)
Intel® Rapid Storage Technology (x32 Version: 10.6.0.1002)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.5)
Jing (x32 Version: 2.6.12032.1)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Label@Once 1.0 (x32 Version: 1.0)
Letters from Nowhere 2 (x32 Version: 2.2.0.97)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 130.0.374.000)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft Web Platform Installer 4.6 (Version: 4.0.40719.0)
Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
Netwaiting (x32 Version: 1.0.1)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
Norton PC Checkup (x32 Version: 3.0.2.90.0)
Norton Security Suite (x32 Version: 21.1.0.18)
Notepad++ (x32 Version: 6.1.3)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
OpenOffice.org 3.4 (x32 Version: 3.4.9590)
Payloader (HKCU Version: 1.0.0.16)
PDF Architect (x32 Version: 1.0.52.8917)
PDFCreator (x32 Version: 1.7.0)
Penguins! (x32 Version: 2.2.0.98)
Picasa 3 (x32 Version: 3.9)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (x32 Version: 1.3.0)
Polar Bowler (x32 Version: 2.2.0.97)
PS_AIO_02_ProductContext (x32 Version: 130.0.365.000)
PS_AIO_02_Software (x32 Version: 130.0.365.000)
PS_AIO_02_Software_Min (x32 Version: 130.0.365.000)
QuickBooks Pro 2008 (x32 Version: 18.0.4010.606)
QuickTime (x32 Version: 7.74.80.86)
Rank Tracker (x32)
RealDownloader (x32 Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)
RealPlayer (x32 Version: 16.0.3)
Realtek USB 2.0 Reader Driver (x32 Version: 1.0.0.15)
Realtek WLAN Driver (x32 Version: 2.00.0013)
RealUpgrade 1.1 (x32 Version: 1.1.0)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98)
Safari (x32 Version: 5.34.57.2)
Scan (x32 Version: 13.0.0.0)
ScorpionSaver (x32 Version: 1.0.0.0) <==== ATTENTION
Screaming Frog SEO Spider (x32 Version: 0.01)
Shop for HP Supplies (Version: 13.0)
Sketch Drawer 1.1 (x32 Version: 1.1)
Skype Click to Call (x32 Version: 6.13.13771)
Skype Launcher (x32 Version: 2.01)
Skype™ 6.10 (x32 Version: 6.10.104)
SmartWebPrinting (x32 Version: 130.0.457.000)
Software Informer 1.2
SolutionCenter (x32 Version: 130.0.373.000)
Status (x32 Version: 130.0.469.000)
Sticky Password 6.0.12.455 (x32 Version: 6.0)
Streaming Audio Recorder V3.3.1 (x32 Version: 3.3.1)
SugarSync Manager (x32 Version: 1.9.69.92487)
SUPERAntiSpyware (Version: 5.6.1014)
SupportSoft Assisted Service (x32 Version: 15)
Synaptics Pointing Device Driver (Version: 15.2.11.1)
System Checkup 3.4 (x32 Version: 3.4.0.47)
Tales of Lagoona (x32 Version: 2.2.0.98)
Toolbox (x32 Version: 130.0.648.000)
Toshiba App Place (x32 Version: 1.0.6.3)
TOSHIBA Application Installer (x32 Version: 9.0.1.2)
TOSHIBA Assist (x32 Version: 4.2.3.0)
Toshiba Book Place (x32 Version: 3.0.9490)
TOSHIBA Bulletin Board (Version: 1.6.11.64)
TOSHIBA Bulletin Board (x32 Version: 1.6.11.64)
TOSHIBA Disc Creator (Version: 2.1.0.11 for x64)
TOSHIBA eco Utility (Version: 1.3.5.64)
TOSHIBA Face Recognition (Version: 3.1.17.64)
TOSHIBA Face Recognition (x32 Version: 3.1.17.64)
TOSHIBA Hardware Setup (Version: 4.08.09.00)
TOSHIBA Hardware Setup (x32 Version: 4.08.09.00)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.9)
Toshiba Laptop Checkup (x32 Version: 2.0.13.11)
TOSHIBA Media Controller (x32 Version: 1.0.87.4)
TOSHIBA Media Controller Plug-in (x32 Version: 1.0.8.0)
Toshiba Online Backup (x32 Version: 2.0.0.31)
TOSHIBA PC Health Monitor (Version: 1.7.9.64)
TOSHIBA Quality Application (x32 Version: 1.0.4)
TOSHIBA Recovery Media Creator (x32 Version: 2.1.5.5109a)
TOSHIBA ReelTime (Version: 1.7.21.64)
TOSHIBA ReelTime (x32 Version: 1.7.21.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (x32 Version: 1.1.2001)
TOSHIBA Service Station (x32 Version: 2.2.12)
TOSHIBA Sleep Utility (x32 Version: 1.4.2.8)
TOSHIBA Supervisor Password (Version: 4.08.09.00)
TOSHIBA Supervisor Password (x32 Version: 4.08.09.00)
TOSHIBA Value Added Package (Version: 1.6.1.64)
TOSHIBA Value Added Package (x32 Version: 1.6.1.64)
TOSHIBA Web Camera Application (x32 Version: 2.0.3.3)
TOSHIBARegistration (x32 Version: 1.0.7)
Traffic Travis 4.1.0 (x32)
TrayApp (x32 Version: 130.0.422.000)
UnloadSupport (x32 Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update Installer for WildTangent Games App (x32)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97)
WD SmartWare (Version: 1.6.4.7)
WebReg (x32 Version: 130.0.132.017)
WildTangent Games (x32 Version: 1.0.2.5)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.31)
Windows Essentials Media Codec Pack 4.0 [64-Bit] (x32 Version: 4.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
WinX DVD Ripper Platinum 6.9.2 (x32)
Wondershare DVD Creator(Build 2.6.5) (x32)
Xenu's Link Sleuth (x32 Version: 1.3.8)
Zuma's Revenge (x32 Version: 2.2.0.98)

==================== Restore Points  =========================

04-12-2013 03:10:46 Removed ScorpionSaver

==================== Hosts content: ==========================

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0B76EDC6-BAB9-4038-A340-095392DE6658} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: {1D89FA1F-DE49-43AE-81F9-B417F43E1D95} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)
Task: {2C2D18F8-BB54-48D9-9A7A-9D21542D7733} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000Core => C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-26] (Facebook Inc.)
Task: {3EDE6805-D1AF-4832-90D5-1CAFED1548BF} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1827840960-399037059-1792182980-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {432D0EE6-3DF6-438B-B99E-3281E2B98BD4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000Core => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17] (Google Inc.)
Task: {49DA3906-5F3F-472C-BD31-7249F608EA17} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1827840960-399037059-1792182980-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4BB33869-98BB-4B77-AE13-B3DF1CAC8F7B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-20] (Google Inc.)
Task: {6909F309-7C71-421C-A43E-AC94451FCB37} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000UA => C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-26] (Facebook Inc.)
Task: {6CC95EF4-A30C-4584-B396-66A4D43B39AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-20] (Google Inc.)
Task: {780F6A90-A091-4862-96BA-61339973C822} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1827840960-399037059-1792182980-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {8DE290C0-8A91-44ED-85BE-0AA85CB5AC7A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000UA => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17] (Google Inc.)
Task: {9CD449C2-C0C8-40D7-8FE7-0AD8028306EE} - \BackgroundContainer Startup Task No Task File
Task: {A7AEBDD1-9C6C-443E-9ED4-69F7204F3639} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1827840960-399037059-1792182980-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B777FE3C-51F3-4F6D-8820-BDC5751B05CE} - System32\Tasks\PC Checkup 3 Weekly Scan => C:\Program Files (x86)\PC Checkup\NLAppLauncher.exe [2013-11-21] (Symantec Corporation)
Task: {B8FD2BD8-95C9-475D-9483-704E46238718} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\symerr.exe [2013-08-01] (Symantec Corporation)
Task: {C2F23D78-B76C-4D3A-9F31-EB3E7239F15D} - System32\Tasks\Windows Codec Update Service => C:\Program Files (x86)\Essentials Codec Pack\WECPUpdate.exe [2012-02-03] (MediaCodec.Org)
Task: {C47E4B38-ADC9-4C9D-A11F-5C5C77DF8B90} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {CAFC04A5-498D-4B07-94BC-10D1B66D3511} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1827840960-399037059-1792182980-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {EC833294-0C7C-46C3-8F54-D9DD32BC6746} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\symerr.exe [2013-08-01] (Symantec Corporation)
Task: {EE9B646E-23A3-4539-9061-37E1150420F7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000Core.job => C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000UA.job => C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000Core.job => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1827840960-399037059-1792182980-1000UA.job => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 08:42 - 2010-01-02 08:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-07-18 15:04 - 2011-07-18 15:04 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2011-06-09 22:09 - 2011-06-09 22:09 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-29 15:59 - 2012-11-29 15:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-10-31 13:50 - 2013-10-31 13:50 - 00549272 _____ () C:\Program Files (x86)\Constant Guard Protection Suite\sqlite3.DLL
2013-03-13 14:48 - 2013-03-13 14:48 - 24978944 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 00292272 _____ () C:\Users\Peter\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 21014960 _____ () C:\Users\Peter\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 00179632 _____ () C:\Users\Peter\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll
2013-12-06 08:56 - 2013-12-06 08:56 - 00098816 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\win32api.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00110080 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\pywintypes27.dll
2013-12-06 08:56 - 2013-12-06 08:56 - 00364544 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\pythoncom27.dll
2013-12-06 08:56 - 2013-12-06 08:56 - 00044032 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\_socket.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 01153024 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\_ssl.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00320512 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\win32com.shell.shell.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00711680 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\_hashlib.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 01175040 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\wx._core_.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00805888 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\wx._gdi_.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00811008 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\wx._windows_.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 01062400 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\wx._controls_.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00735232 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\wx._misc_.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00128512 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\_elementtree.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00127488 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\pyexpat.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00557056 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\pysqlite2._sqlite.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00087040 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\_ctypes.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00119808 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\win32file.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00108544 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\win32security.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00018432 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\win32event.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00038912 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\win32inet.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00122368 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\wx._wizard.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00686080 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\unicodedata.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00026624 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\_multiprocessing.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00070656 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\wx._html2.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00010240 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\select.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00025600 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\win32pdh.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00504832 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\windows._cacheinvalidation.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00011264 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\win32crypt.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00035840 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\win32process.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00017408 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\win32profile.pyd
2013-12-06 08:56 - 2013-12-06 08:56 - 00022528 _____ () C:\Users\Peter\AppData\Local\Temp\_MEI50762\win32ts.pyd
2013-11-15 23:41 - 2013-11-15 23:41 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-08 21:03 - 2013-10-08 21:03 - 16233864 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Photosmart C7200 series
Description: Photosmart C7200 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/06/2013 08:57:51 AM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (12/06/2013 08:56:42 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/06/2013 07:09:41 AM) (Source: Application Error) (User: )
Description: Faulting application name: googledrivesync.exe, version: 1.12.5329.1887, time stamp: 0x509418e4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x0002e3be
Faulting process id: 0x1b64
Faulting application start time: 0xgoogledrivesync.exe0
Faulting application path: googledrivesync.exe1
Faulting module path: googledrivesync.exe2
Report Id: googledrivesync.exe3

Error: (12/06/2013 07:08:23 AM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (12/06/2013 06:53:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2013 09:42:43 AM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (12/05/2013 09:38:19 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2013 06:30:31 AM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (12/05/2013 06:30:08 AM) (Source: Application Error) (User: )
Description: Faulting application name: MsiExec.exe, version: 5.0.7601.17514, time stamp: 0x4ce792c4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x003d0029
Faulting process id: 0x142c
Faulting application start time: 0xMsiExec.exe0
Faulting application path: MsiExec.exe1
Faulting module path: MsiExec.exe2
Report Id: MsiExec.exe3

Error: (12/05/2013 06:28:41 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/06/2013 09:01:56 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (12/06/2013 08:55:11 AM) (Source: Service Control Manager) (User: )
Description: The FreemakeVideoCapture service failed to start due to the following error:
%%2

Error: (12/06/2013 06:52:10 AM) (Source: Service Control Manager) (User: )
Description: The FreemakeVideoCapture service failed to start due to the following error:
%%2

Error: (12/05/2013 08:06:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (12/05/2013 00:35:16 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer NANCY-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8668C6D1-8CE3-48BA-BCD4-D53129B170DC}.
The master browser is stopping or an election is being forced.

Error: (12/05/2013 09:37:06 AM) (Source: Service Control Manager) (User: )
Description: The FreemakeVideoCapture service failed to start due to the following error:
%%2

Error: (12/05/2013 06:27:34 AM) (Source: Service Control Manager) (User: )
Description: The FreemakeVideoCapture service failed to start due to the following error:
%%2

Error: (12/04/2013 08:16:22 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer NANCY-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8668C6D1-8CE3-48BA-BCD4-D53129B170DC}.
The master browser is stopping or an election is being forced.

Error: (12/04/2013 08:13:47 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer NANCY-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8668C6D1-8CE3-48BA-BCD4-D53129B170DC}.
The master browser is stopping or an election is being forced.

Error: (12/04/2013 01:05:01 PM) (Source: Service Control Manager) (User: )
Description: The CGPS Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (12/06/2013 08:57:51 AM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (12/06/2013 08:56:42 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/06/2013 07:09:41 AM) (Source: Application Error)(User: )
Description: googledrivesync.exe1.12.5329.1887509418e4ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be1b6401cef28418948fc3C:\Program Files (x86)\Google\Drive\googledrivesync.exeC:\windows\SysWOW64\ntdll.dllaa7f86fb-5e77-11e3-91ab-047d7b644d56

Error: (12/06/2013 07:08:23 AM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (12/06/2013 06:53:25 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2013 09:42:43 AM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (12/05/2013 09:38:19 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2013 06:30:31 AM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (12/05/2013 06:30:08 AM) (Source: Application Error)(User: )
Description: MsiExec.exe5.0.7601.175144ce792c4unknown0.0.0.000000000c0000005003d0029142c01cef1b5afeceb6dc:\Windows\syswow64\MsiExec.exeunknownf98e9fee-5da8-11e3-972e-047d7b644d56

Error: (12/05/2013 06:28:41 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 70%
Total physical RAM: 4043.86 MB
Available physical RAM: 1187.16 MB
Total Pagefile: 7879 MB
Available Pagefile: 4703.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (TI106320W0D) (Fixed) (Total:580.03 GB) (Free:3.97 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 7FE1B5BF)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=580 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=17)

==================== End Of Log ============================

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Download the attached fixlist.txt to the same folder as FRST.
Run FRST.exe and click Fix only once and wait
The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

Then......

Now please Update Malwarebytes and.......(you're a couple of updates behind)

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Full Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now,

If Scorpion Saver still remains in my list of installed programs..........

Please download SystemLook from the link below and save it to your Desktop.
http://jpshortstuff.247fixes.com/SystemLook_x64.exe

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :regfindScorpionSaver
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt
MrC

Link to post
Share on other sites
ChiCat

ChiCat

Posted
  • Author
Posted

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-12-2013 2
Ran by Peter at 2013-12-07 09:33:15 Run:1
Running from C:\Users\Peter\Downloads\Farbar
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\windows\system32\AdpeakProxy64.dll
CHR HKLM-x32\...\Chrome\Extension: [ommfebianckciakndadmfbccniojelil] - C:\ProgramData\DownloadnSave\ommfebianckciakndadmfbccniojelil.crx
FF HKCU\...\Firefox\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Users\Peter\AppData\Local\GreatArcadeHits\gahff.xpi
C:\Users\Peter\AppData\Local\GreatArcadeHits


*****************

C:\windows\system32\AdpeakProxy64.dll => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ommfebianckciakndadmfbccniojelil => Key deleted successfully.
"C:\ProgramData\DownloadnSave\ommfebianckciakndadmfbccniojelil.crx" => File/Directory not found.
HKCU\Software\Mozilla\Firefox\Extensions\\{B21F5E31-B8E8-41CD-B74C-168A71A10E49} => Value deleted successfully.
"C:\Users\Peter\AppData\Local\GreatArcadeHits" => File/Directory not found.

==== End of Fixlog ====

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.